At 08:59 AM 9/22/98 +0100, Mok-Kong Shen wrote:
bram wrote:
On Mon, 21 Sep 1998, Bruce Schneier wrote:
Here's the basic idea: Strew a million passwords on your hard drive, and make it impossible to verify which is the correct one offline. So,
someone
who steals the password file off the client cannot run a cracking tool against the file.
Is this really patentable? It sounds a *lot* like the original public-key algorithm (the one involving lots of little 'puzzles')
A question : How does the legitimate user find his password? (Sorry for not having followed this thread from the beginning.)
He uses a remembered secret and some mathematical magic. Bruce ********************************************************************** Bruce Schneier, President, Counterpane Systems Phone: 612-823-1098 101 E Minnehaha Parkway, Minneapolis, MN 55419 Fax: 612-823-1590 Free crypto newsletter. See: http://www.counterpane.com