Full Disclosure mailing list archives
Re: One-Time Pad Authentication
From: the1 () unixclan net
Date: Mon, 1 Dec 2003 16:23:42 -0800 (PST)
Since your system would only be as strong as the methiod of transporitng the key (PGP, SSH, whatever), isn't OTP a little excessive? On Sun, 30 Nov 2003, Jonathan A. Zdziarski wrote:
Before I write this thing, I wanted to check and see if anyone on the list knows if such a tool already exists in the open-source community. I've done some google and freshmeat searches but didn't find anything that seemed to fit the bill. The closest thing I found was E-Pad which seems to be more related to file encryption than authentication. I'm interested in coding a one-time pad authentication system; similar to SecurID or other types of token authentication only with software tokens. The administrator would generate the one-time pads for each user and distribute them using whatever secure method gets coded (PGP, SSH, or whatever). The user then has a software token on their machine with the token code that changes either every use, or uses some type of challenge/response system, blah blah blah. This token is used to log into systems, etcetera. I'd be interested in knowing if such an open-source tool exists, and if not who would be interested in working on it with me (email me privately if interested). Jonathan _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- One-Time Pad Authentication Jonathan A. Zdziarski (Nov 30)
- Re: One-Time Pad Authentication Jeremiah Cornelius (Nov 30)
- Re: One-Time Pad Authentication Michael Sierchio (Nov 30)
- Re: One-Time Pad Authentication Gary E. Miller (Nov 30)
- don't waste your time (was: Re: One-Time Pad Authentication) jon schatz (Nov 30)
- Re: One-Time Pad Authentication Eric Rescorla (Nov 30)
- Re: One-Time Pad Authentication Blue Boar (Nov 30)
- Re: One-Time Pad Authentication Jonathan A. Zdziarski (Nov 30)
- Message not available
- Re: One-Time Pad Authentication Jonathan A. Zdziarski (Nov 30)
- Re: One-Time Pad Authentication Timothy J. Miller (Nov 30)
- Re: One-Time Pad Authentication the1 (Dec 02)
- <Possible follow-ups>
- Re: One-Time Pad Authentication otto1122 (Dec 02)