Some folks might be interested in
http://villagevoice.com/news/0642,torturetaxi,74732,2.html -- it's not
precisely traffic analysis, but there are enough similar techniques that I
think it's relevant to this list.
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
So I was reading about the OTP system (based on S/Key) described in RFC 2289.
It basically hashes a secret several times (with salt to individualize
it) and stores
the value that the correct password will hash to.
Now my question is, if we restrict ourselves to, say, 160-bit inputs, is SHA-1
a