[email protected] (Tony Harminc) writes: > The typical challenge-response token from around 1999 looked like a > small pocket calculator (and in many cases could run as one), and had > a (single) DES engine in it. It could be programmed with a 32 or > 64-bit key. The mainframe-based software would issue a challenge in > some fairly convenient numeric or hex format, the user would enter it > into the token on the calculator keyboard, the token would display a > response on the screen that was the DES encryption of the challenge, > also suitably formatted, the user would enter that into the logon > screen, the mainframe software would do the same DES encryption, and > if the result was the same you were in. Because the algorithms were > published, anyone could support these tokens, and indeed we do in our > software to this day, and have customers still using them 15 years > later.
re: http://www.garlic.com/~lynn/2014g.html#29 Special characters for Passwords http://www.garlic.com/~lynn/2014g.html#30 Special characters for Passwords http://www.garlic.com/~lynn/2014g.html#34 Special characters for Passwords http://www.garlic.com/~lynn/2014g.html#35 Special characters for Passwords http://www.garlic.com/~lynn/2014g.html#37 Special characters for Passwords the challenge-response scenario is still "institutional centric" having a shared secret ... the challenge-response is obfuscated way of proving you know the secret. Old post about visiting the EU company making the tokens in europe ... we stay a couple days ... and then CEO drives us down to Brussels for an EU FINREAD (standard meeting) ... and then get flt of Dusseldorf. http://www.garlic.com/~lynn/2001g.html#57 Internet banking http://www.garlic.com/~lynn/2001g.html#60 PKI/Digital signature doesn't work past posts referencing FINREAD http://www.garlic.com/~lynn/subintegrity.html#finread had a booth in 1999 world-wide, annual retail banking show (BAI) ... using prototype done with relative standard token programmed to emulate operation ... industry press release http://www.garlic.com/~lynn/ansiepay.htm#x959bai a little mainframe tie-in ... the ceo of one of the companies in the press release ... was former head of PC division ... and before that head of POK mainframe. However, got a custom chip designed done at new Infineon (gov. agency certified) security fab in Dresdon. In the late 90s I would joke that I would take a $500 milspec chip, aggressive cost reduce by 2-3 orders of magnitude while increasing the integrity. I also ask to do presentation at Intel Developer's conference in session on assurance in the TCPA track ... reference gone 404 but lives on at wayback machine http://web.archive.org/web/20011109072807/http://www.intel94.com/idf/spr2001/sessiondescription.asp?id=stp+s13 guy running TCPA was sitting in the front row, I quiped that it was nice to see that the TPM was starting to look more like the chip I designed. He quiped back that I didn't have committee of 200 people helping me with the design. -- virtualization experience starting Jan1968, online at home since Mar1970 ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
