[17087] in cryptography@c2.net mail archive
Re: PK -> OTP?
daemon@ATHENA.MIT.EDU (Amir Herzberg)
Sun Mar 20 11:59:58 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Wed, 16 Mar 2005 12:11:33 +0200
From: Amir Herzberg <herzbea@macs.biu.ac.il>
To: Matt Crawford <crawdad@fnal.gov>
Cc: cryptography@metzdowd.com
In-Reply-To: <896bdb30c7ab44ccc81024ea887915c9@fnal.gov>
Matt Crawford wrote:
> My educated-layman's opinion is that the following is not feasible, but
> I'd be happy to be shown wrong ...
>
> Given a closed public-key device such as a typical smart card with its
> limited set of operations (chiefly "sign"), is it possible to implement
> a challenge/response function such that
>
> * Both the challenge and the response are short enough for an average
> user to be willing to type them when needed.
>
> * The challenge can be generated, and the response verified using the
> cardholder's public key and a reasonable amount of computation.
What's wrong with sending the device encryption of a random number
(using the public key of the device), and the device sending back the
number as proof of possession of the corresponding secret key?
Best, Amir Herzberg
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
