Re: Dynamic password authentication scheme

From: Sasha (spamit_at_mail.com)
Date: 01/30/04

  • Next message: Matt Atkins: "Re: Domain HiJacking by SPAMMERS" 
    Date: Fri, 30 Jan 2004 10:49:31 +0200 (IST)
To: security-basics@securityfocus.com

    You maybe interested in the following paper:
    http://www-2.cs.cmu.edu/~hopper/secure_human_identification_protocols.pdf

    Secure Human Identification Protocols
    Nicholas J. Hopper and Manuel Blum

    One interesting and important challenge for the cryptologic community is
    that of providing secure authentication and identification for unassisted
    humans. There are a range of protocols for secure identification which
    require various forms of trusted hardware or software, aimed at protecting
    privacy and financial assets. But how do we verify our identity, securely,
    when we dont have or dont trust our smart card, palmtop, or laptop? In
    this paper, we provide definitions of what we believe to be reasonable
    goals for secure human identification. We demonstrate that existing
    solutions do not meet these reasonable definitions. Finally, we provide
    solutions which demonstrate the feasibility of the security conditions
    attached to our definitions, but which are impractical for use by humans.

    Regards,
    ASK

    ---------------------------------------------------------------------------
    Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any
    course! All of our class sizes are guaranteed to be 10 students or less.
    We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention,
    and many other technical hands on courses.
    Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off
    any course!
    ----------------------------------------------------------------------------

  • Next message: Matt Atkins: "Re: Domain HiJacking by SPAMMERS"
    Loading