Hi,
I recommend Strong Password authentication SPEKE
http://world.std.com/~dpj/speke97.html , Secure RPC Autthentication
(SRA)mechanism ftp://net.tamu.edu/pub/security/TAMU, IBM's KryptoKnight
http://www.zurich.ibm.com/Technology/Security/extern/kryptoknight/
With regards,
==============================
Ivars Suba <[EMAIL PROTECTED]>
< -----Original Message-----
< From: Christopher Nielsen [mailto:[EMAIL PROTECTED]]
< Sent: Friday, February 05, 1999 4:24 AM
< To: David R. Conrad
< Cc: [EMAIL PROTECTED]
< Subject: Re: strong authentication without strong crypto?
<
<
< On Thu, 4 Feb 1999, Christopher Nielsen wrote:
<
< > On Thu, 4 Feb 1999, David R. Conrad wrote:
< >
< > > Quick question: does anyone know of technology or
< techniques that would
< > > facilitate strong authentication (_not_ encryption) for
< unattended high
< > > volume electronic transactions and does not require
< strong crypto along
< > > the lines of DSA or RSA? Shared secrets are not an option.
< >
< > For authentication only that requires no crypto, try SRP.
< >
< > http://srp.stanford.edu/srp/
<
< Apologies for responding to my own message, but I should
< qualify what I
< said. A subset of SRP requires no crypto. Read the paper for a better
< explanation.
<
< --
< Christopher Nielsen
< Scient: The eBusiness Systems Innovator
< <http://www.scient.com>
< [EMAIL PROTECTED]
<
<
