CYPHERPUNKS TO THE RESCUE
Chael Hall
nowhere at chaos.bsu.edu
Tue Jul 26 16:25:00 PDT 1994
>I recently used a smart card system for secure remote access to a network.
>It looked like both the card and the remote system had clocks that were in
>synch and both ran the same PRNG to produce a new number every minute. Part
>of the login procedure was to enter the number currently being displayed on
>the card.
We use this for accessing our Ameritech database. What I recall
overhearing when they were training the CENTREX people on the smart cards
was that it looks at how far off the numbers are over a period of time
and determines how much faster or slower your card is, then figures that
into its calculations when you call. So after, say, twenty sessions over
a two-week period, it knows not to accept the code from two minutes ago.
Chael
--
Chael Hall, nowhere at chaos.bsu.edu
More information about the cypherpunks-legacy
mailing list