[16876] in Kerberos_V5_Development
Re: Authdata, preauth plugin headers
daemon@ATHENA.MIT.EDU (Russ Allbery)
Mon Jun 13 12:25:11 2011
From: Russ Allbery <rra@stanford.edu>
To: Linus Nordberg <linus@nordu.net>
In-Reply-To: <87ips9zt2c.fsf@nordberg.se> (Linus Nordberg's message of "Mon,
13 Jun 2011 16:47:55 +0200")
Date: Mon, 13 Jun 2011 09:25:08 -0700
Message-ID: <87fwndk8bf.fsf@windlord.stanford.edu>
MIME-Version: 1.0
Cc: krbdev@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
Linus Nordberg <linus@nordu.net> writes:
> What kind of OTP systems are vulnerable to replay attacks?
TOTP is, isn't it? Time-based OTP doesn't, so far as I understand it,
store a sequence number, so there isn't a non-time way of invalidating
used codes.
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
