Seg, 2011-03-14 às 07:40 +1100, Peter Jeremy escreveu: > On 2011-Mar-10 23:09:07 +0000, Miguel Lopes Santos Ramos > <[email protected]> wrote: > >- The objection on S/KEY on that wiki page, that it's possible to > >compute all previous passwords, is a bit odd, since past passwords won't > >be used anymore. > > One weakness of S/KEY and OPIE is that if an attacker finds the > password (response) for sequence N then they can trivially determine > the response for any sequence > N. This could occur if (eg) you have > a printout of OPIE keys and are just crossing them off (which was a > common recommendation prior to smart phones etc) - an attacker just > needs to memorise the lowest N and response.
Ok, admittedly, it took me a while to see in what way that could be a weekness. It's a bit like hoping for a little remaining security after the password list was compromised. Personally, I would still prefer OPIE to OTPW. A calculator beats a list (for me). For instance, around here many banks provide little matrix cards from which they then ask for the numbers by row/column for access to some operations on home banking. Now, with banks, physical security matters. What do I do? None of the choices is good: if I hide the card, I can't use it... (obviously I encrypt the content with PGP and destroy the card). So, I think there's an elegance to the S/KEY solution that OTPW doesn't have. -- Miguel Ramos <[email protected]> PGP A006A14C _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
