Firewall Wizards mailing list archives

Re: Token based OTP: SafeWord or SecurID?

From: Rick Smith <rick_smith () securecomputing com>
Date: Mon, 25 Sep 2000 16:53:12 -0500

At 02:21 PM 9/25/00, daN. wrote:

Out of curiosity does anyone know if there are Smart-Card security cardsout there the work on public Key cryptography? (Computer passes you arandom token, card signs it and passes it back? System verifies it bychecking against public key) ...

All the smart card vendors I've talked to are working with public keycryptography.

To my knowledge, however, none of them are pushing a challenge-responseprotocol like you outlined, which is probably similar to the old FIPS JJJprotocol. AFAIK, nobody has fielded a successful product based on that. Wedid something for the government a few years back that prototyped theconcept, but it never took off commercially.

The big action I hear about in PK authentication seems to involve SSLclient authentication in browsers or IKE authentication for VPNs.


Rick.
smith () securecomputing com         roseville, minnesota


_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards

Current thread:

Token based OTP: SafeWord or SecurID? kadokev (Sep 13)
- Re: Token based OTP: SafeWord or SecurID? Vin McLellan (Sep 16)
  - Re: Token based OTP: SafeWord or SecurID? kadokev (Sep 18)
    - Re: Token based OTP: SafeWord or SecurID? Carson Gaspar (Sep 19)
    - Re: Token based OTP: SafeWord or SecurID? Rick Smith (Sep 20)
    - Re: Token based OTP: SafeWord or SecurID? H. Morrow Long (Sep 22)
    - Re: Token based OTP: SafeWord or SecurID? daN. (Sep 25)
    - Re: Token based OTP: SafeWord or SecurID? Rick Smith (Sep 25)
    - Re: Token based OTP: SafeWord or SecurID? Joseph S D Yao (Sep 19)
    - Re Token based OTP SafeWord or SecurID? offset (Sep 22)
    - Message not available
    - Re: Re Token based OTP SafeWord or SecurID? Joseph S D Yao (Sep 23)