[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] One-Time Pad Authentication

To: "Jonathan A. Zdziarski" <jonathan@nuclearelephant.com>
Subject: Re: [Full-Disclosure] One-Time Pad Authentication
From: Michael Sierchio <kudzu@tenebras.com>
Date: Sun, 30 Nov 2003 17:21:30 -0800

Jonathan A. Zdziarski wrote:

I'm interested in coding a one-time pad authentication system; similar to SecurID or other types of token authentication only with software tokens. The administrator would generate the one-time pads for each user and distribute them using whatever secure method gets coded (PGP, SSH, or whatever).


You've thereby reduced the security of a one-time pad to that of
the cryptologic and protocol used to distribute it.  Simply isn't
done, old chap.

Use:

        trusted courier;
        registered US mail;
        etc.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] One-Time Pad Authentication
  - From: "Jonathan A. Zdziarski" <jonathan@nuclearelephant.com>

Prev by Date: Re: [Full-Disclosure] One-Time Pad Authentication
Next by Date: Re: [Full-Disclosure] One-Time Pad Authentication
Previous by thread: Re: [Full-Disclosure] One-Time Pad Authentication
Next by thread: Re: [Full-Disclosure] One-Time Pad Authentication
Index(es):
- Date
- Thread