Bill Stewart wrote:
Yup. It's the little keychain frob that gives you a string of numbers,
updated every 30 seconds or so, which stays roughly in sync with a server,
so you can use them as one-time passwords
instead of storing a password that's good for a long term.
So if the phisher cons you
- Original Message -
From: John Denker [EMAIL PROTECTED]
Sent: Thursday, January 06, 2005 3:06 AM
Enzo Michelangeli wrote:
[...]
If the PRNG uses a
really non-invertible algorithm (or one invertible only
with intractable complexity), its output gives no insight
whatsoever on
On Wed, 5 Jan 2005 08:49:36 +0800, Enzo Michelangeli said:
That's basically what /dev/urandom does, no? (Except that it has the
undesirable side-effect of depleting the entropy estimate maintained
inside the kernel.)
This entropy depletion issue keeps coming up every now and then, but I
I wrote:
Taking bits out of the PRNG *does* reduce its entropy.
Enzo Michelangeli wrote:
By how much exactly?
By one bit per bit.
I'd say, _under the hypothesis that the one-way
function can't be broken and other attacks fail_, exactly zero; in the
real world, maybe a little more.
If you said
Joerg Schneider wrote:
So, PassCode and similar forms of authentication help against the
current crop of phishing attacks, but that is likely to change if
PassCode gets used more widely and/or protects something of interest
to phishers.
Actually I have been waiting for phishing with MITM to
oh, and this is old discussion of a unit that has been in use in europe
... it basically is very inexpensive calculator with 7816 contacts that
you can slip a smartcard into. it is used in a challenge/response
scenario, a numeric keypad is used to enter the challenge, which is
passed to the
Florian Weimer wrote:
I think you can forward the PassCode to AOL once the victim has
entered it on a phishing site. Tokens à la SecurID can only help if
Indeed.
the phishing schemes *require* delayed exploitation of obtained
credentials, and I don't think we should make this assumption. Online