[103234] in Cypherpunks
Re: ArcotSign (was Re: Does security depend on hardware?)
daemon@ATHENA.MIT.EDU (Mok-Kong Shen)
Tue Sep 22 09:44:32 1998
Date: Tue, 22 Sep 1998 15:04:14 +0100
From: Mok-Kong Shen <mok-kong.shen@stud.uni-muenchen.de>
To: Bruce Schneier <schneier@counterpane.com>
CC: cryptography@c2.net, cypherpunks@Algebra.COM, coderpunks@toad.com
Reply-To: Mok-Kong Shen <mok-kong.shen@stud.uni-muenchen.de>
Bruce Schneier wrote:
>
> >I suppose you misunderstood me. I mean the 'mathematical magic'
> >cannot be made public. (Or is 'online protocol' = 'mathematical magic'?)
> >If the 'magic' is public then the attacker with the pool of passwords
> >could brute force offline.
>
> No. You misunderstood me. There is NOTHING secret except the key.
> The online protocol, mathematical magic, source code, algorithm details,
> and everything else can be made public. There are no secrets in the
> system except for the keys.
In that case please allow me to go back to a point raised by me
previously. The user uses his 'remembered secret' (of fewer bits)
through a public algorithm (including protocol) to retrieve from a
pool the password (of more bits). If the attacker doesn't have the
pool then everything looks fine. But if he manages to get the pool
(a case someone mentioned in this thread) then he can obviously
brute force offline, I believe, since he possesses now everything
the legitimate user has, excepting the 'remembered secret'. Or is
there anything wrong with my logic?
M. K. Shen
