Niels,
If you're thinking about building or modifying a system to take
advantage of the latest methods, and your goal is to provide both
strength *and* convenience, take a look at the zero-knowledge
password protocols. These were specifically designed for
strong mutual authentication based on a short secret.
EKE, SRP and SPEKE come to mind.
These are available in a variety of forms, and can be used
where the host knows either a password, a hashed password, or
a public-key that corresponds to a password.
The page at www.IntegritySciences.com/links.html lists most
of the research in this area.
At 05:12 PM 8/26/99 +0200, Niels M�ller wrote:
>It would be convenient to be able to use a short password to
>authenticate the home system (which one of the things kauth provides).
>So how to do that? There are several possibilities.
[...snip...]
>I have to think more about this, but I'd appreciate some feedback. Are
>these approaches reasonable, and is any one of them preferable over
>the others? Do you know of any existing protocols that could be used
>to solve the problem?
---------------------------------------------------
David P. Jablon [EMAIL PROTECTED]
President +1 508 898 9024
Integrity Sciences, Inc. www.IntegritySciences.com
