ArcotSign (was Re: Does security depend on hardware?)
Bruce Schneier
schneier at counterpane.com
Mon Sep 21 16:21:19 PDT 1998
At 02:20 PM 9/22/98 +0100, Mok-Kong Shen wrote:
>Bruce Schneier wrote:
>>
>> At 12:48 PM 9/22/98 +0100, Mok-Kong Shen wrote:
>> >Bruce Schneier wrote:
>
>> >> He uses a remembered secret and some mathematical magic.
>> >
>> >Another naive question: Why is the remembered secret not sufficient
>> >(thus doing away with the magic)?
>>
>> One of the significant improvements is that the scheme is immune to
>> offline password guessing attacks.
>
>If the 'mathematical magic' is not to be kept secret (as in principle
>shouldn't for all crypto algorithms) then presumably one could
>attack through brute forcing the 'remembered secrect', I guess.
Yes, but only through an on-line protocol. And if the server has some
kind of "turn the user off after ten bad password guesses," then the
atack doesn't work.
>(I suppose the 'remembered secret' has less bits then the 'password'
>that is to be retrieved from the pool of millions with the
>'mathematical magic'). So the advantages of the scheme appear to
>remain unclear as a matter of principle.
The advantages are that offline password guessing is impossible.
Bruce
**********************************************************************
Bruce Schneier, President, Counterpane Systems Phone: 612-823-1098
101 E Minnehaha Parkway, Minneapolis, MN 55419 Fax: 612-823-1590
Free crypto newsletter. See: http://www.counterpane.com
More information about the cypherpunks-legacy
mailing list