On Wed, Feb 19, 2003 at 08:34:54PM -0500, Jeff Potter wrote:
> hashes can't be symmetric, otherwise they wouldn't be hashes.
>
> why not just take the sKey approach?
Yep, there's a SASL mechanism for that: RFC2444
It does rely on the client keeping sync with the server state: that is,
keeping a count of how many authentications have been done so far.
That's fine if you have an OTP calculator in your hand (which is the most
secure way of doing this anyway). If you wanted the POP3 client to
authenticate on your behalf, you'd need to give it more information than
just your passphrase.
> At the next authentication
> point, the client supplies the (N-2)nd hash value, and the server runs
> hash twice to check the value. (Server has to store what value of N
> should be requested to prevent a replay attack.)
Typically the server doesn't store N, but it replaces its stored hash value
with the one supplied by the user each time they authenticate - so it only
needs to do one hash for each authentication request, regardless of how many
times the user has authenticated before.
e.g. server stores state S = H^500(secret)
user supplies H^499(secret) as their authentication credentials C
server verifies that H(C) = S
server replaces S with C, i.e. now S = H^499(secret)
Regards,
Brian.
-------------------------------------------------------
This SF.net email is sponsored by: SlickEdit Inc. Develop an edge.
The most comprehensive and flexible code editor you can use.
Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial.
www.slickedit.com/sourceforge
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
