[18087] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

Re: [Clips] Escaping Password Purgatory

daemon@ATHENA.MIT.EDU (Anne & Lynn Wheeler)
Fri Aug 5 16:26:39 2005

X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Fri, 05 Aug 2005 14:24:59 -0600
From: Anne & Lynn Wheeler <lynn@garlic.com>
To: Jerrold Leichter <jerrold.leichter@smarts.com>
Cc: Bill Frantz <frantz@pwpconsult.com>, cryptography@metzdowd.com
In-Reply-To: <Pine.SOL.4.61.0508041604300.14092@frame>

Jerrold Leichter wrote:
 > Hmm.  I came up with the same idea a while back - though with a
different
> constraint:  I think it's reasonable to trade off the one-wayness of the
> hash for the ability to work out the password with pencil and paper when
> necessary.  Various classic pencil-and-paper encryption systems can be bent
> to this purpose.  Since the volume of data "encrypted" is very small and it's
> hard for an attacker to get his hands on more than tiny samples - a given
> web site only sees its own password - you don't need much strength to give a
> reasonable degree of protection.

note that rfc2289 is one time password
http://www.garlic.com/~lynn/rfcidx7.htm#2289

... takes passphrase, a site supplied salt, and iterative hashing.
supposedly this was to allow transmission in the clear and resistance to
man-in-the-middle attacks. the idea was also that the person only had to
remember a single passphrase

however, the following discusses a man-in-the-middle exploit ...
http://www.garlic.com/~lynn/2003m.html#50 public key vs passwd
authentication?
http://www.garlic.com/~lynn/2003n.html#0 public key vs passwd
authentication?
http://www.garlic.com/~lynn/2003n.html#1 public key vs passwd
authentication?
http://www.garlic.com/~lynn/2003n.html#2 public key vs passwd
authentication?
http://www.garlic.com/~lynn/2003n.html#3 public key vs passwd
authentication?
http://www.garlic.com/~lynn/2003o.html#46 What 'NSA'?
http://www.garlic.com/~lynn/2003p.html#10 Secure web logins w random
passwords

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
home help back first fref pref prev next nref lref last post