* Steven M. Bellovin:

> In message <[EMAIL PROTECTED]>, Nick Owen writes:
>>It would seem simple to thwart such a trojan with strong authentication
>>simply by requiring a second one-time passcode to validate the
>>transaction itself in addition to the session.
> How does the user know which transaction is really being authenticated?

You send the pass code in an SMS to the user's mobile phone, together
with some information on the transaction.  (If the SMS delay is a
problem, use a computer-generated phone call.)  The pass code is then
entered by the user to authorize the transaction.

This will eventually break down, once PCs and mobile phones are
integrated tightly, but in the meantime, it's reasonably secure even
if the client PC is compromised.

I'm not sure if users will accept it, though.  What's worse, the costs
for sending the SMS message (or making the phone call) are so
significant that it's unrealistic we'll see widespread use of such

(Manually transferring cryptographic tokens which depend on the
transaction contents seems to be infeasible, given the number of bits
which must be copied.)

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to