Barney Wolff wrote:
Actually, it can. The server can store challenge-responses in pairs,
then send N as the challenge and use the N+1 response (not returned)
as the key.
But why bother? What does this add over just using crypto
without their fancy physical token? The uncloneability of
their
Perry E. Metzger wrote:
An idea from some folks at MIT apparently where a physical token
consisting of a bunch of spheres embedded in epoxy is used as an
access device by shining a laser through it.
I can't dig up the memory, but I think I heard of a similar idea --
random structure in
Not really. Illuminating the device at different locations and
angles is certainly not as good as a cryptographical challenge.
Since the location and angle is done by some mechanical device,
the numers of locations and angles is certainly small
I think you're right here; in order for the
[EMAIL PROTECTED] writes:
I can't dig up the memory, but I think I heard of a similar idea --
random structure in transparent solid, difficult to copy -- used in
some kind of tag or seal for nuclear security. Can anyone remind me
what this might have been?
This isn't security -- this is a
On Sat, Sep 21, 2002 at 12:11:17AM +, David Wagner wrote:
I find the physical token a poor replacement for cryptography, when the
goal is challenge-response authentication over a network. In practice,
you never really want just challenge-response authentication; you
want to set up a
At 12:07 PM 9/20/02 -0400, Perry E. Metzger wrote:
A couple of places have reported on this:
http://www.nature.com/nsu/020916/020916-15.html
An idea from some folks at MIT apparently where a physical token
consisting of a bunch of spheres embedded in epoxy is used as an
access device by