17 Dec
2003
17 Dec
'03
11:17 p.m.
bram wrote:
On Mon, 21 Sep 1998, Bruce Schneier wrote:
Here's the basic idea: Strew a million passwords on your hard drive, and make it impossible to verify which is the correct one offline. So, someone who steals the password file off the client cannot run a cracking tool against the file.
Is this really patentable? It sounds a *lot* like the original public-key algorithm (the one involving lots of little 'puzzles')
A question : How does the legitimate user find his password? (Sorry for not having followed this thread from the beginning.) M. K. Shen