| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: the1 at unixclan.net (the1@...xclan.net) Subject: One-Time Pad Authentication Since your system would only be as strong as the methiod of transporitng the key (PGP, SSH, whatever), isn't OTP a little excessive? On Sun, 30 Nov 2003, Jonathan A. Zdziarski wrote: > Before I write this thing, I wanted to check and see if anyone on the > list knows if such a tool already exists in the open-source community. > I've done some google and freshmeat searches but didn't find anything > that seemed to fit the bill. The closest thing I found was E-Pad which > seems to be more related to file encryption than authentication. > > I'm interested in coding a one-time pad authentication system; similar > to SecurID or other types of token authentication only with software > tokens. The administrator would generate the one-time pads for each > user and distribute them using whatever secure method gets coded (PGP, > SSH, or whatever). > > The user then has a software token on their machine with the token code > that changes either every use, or uses some type of challenge/response > system, blah blah blah. This token is used to log into systems, > etcetera. > > I'd be interested in knowing if such an open-source tool exists, and if > not who would be interested in working on it with me (email me privately > if interested). > > Jonathan > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html >
Powered by blists - more mailing lists