> The future of s/key is probably what it always has been: an otp > supplement [...] regardless of [] the access method It's always seemed to me that s/key's biggest problem is that it's *not* a true one-time password scheme: the passwords are algorithmically related. Indeed, I believe it's no coincidence that all the attacks against s/key (that I've heard of) are based on just this weakness. It's very much like the difference between a conventional stream cipher and a one-time pad, actually. Of course, a true one-time password scheme (where "true" here means that the passwords are truly random and completely unrelated) has its own problems, mostly related to storing the passwords in question. Personally, I generate passwords by rolling dice[%] and store them on a small pad of paper (which I carry on my person when I travel) - not entirely unlike a one-time pad. :-) [%] And running the result through a simple hash function - more precisely, I generate entropy by rolling dice and generate passwords from that entropy by a simple encoding scheme. der Mouse mouseat_private 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:32:02 PDT