Re: Pin generation algorithm question
From: Peter Fairbrother (zenadsl6186_at_zen.co.uk)
Date: 04/24/04
- Next message: Peter Fairbrother: "Re: Public Key, Set-(bi)partition"
- Previous message: Peter Fairbrother: "Re: Weak keys for RSA ?"
- In reply to: Ernst Lippe: "Re: Pin generation algorithm question"
- Next in thread: Ernst Lippe: "Re: Pin generation algorithm question"
- Reply: Ernst Lippe: "Re: Pin generation algorithm question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 24 Apr 2004 02:48:21 +0100
Ernst Lippe wrote:
> One obvious solution is to simply keep a list of all currently valid numbers
> at the central server, and to remove a number from this list when it has been
> used.
You would probably want to keep a record of the number and it's use, for a
while, to help detect cheating.
> One of the remarks that I made was that such a list is a big security
> risk. Such a list has a very high monetary value so it will be very difficult
> to secure it.
Sure the list is a big target. Alternatively, the keys would be a big
target. What's the difference? You can fit either on a USB pen drive.
You have to have a big, valuable target somewhere, you can't avoid it. How
are keys better?
What are the advantages of using a cryptographic solution? I really can't
see any. Quick checks don't have any value I can see. Secure decentralised
verification isn't possible with a 16 digit token. Did I miss something?
-- Peter Fairbrother
- Next message: Peter Fairbrother: "Re: Public Key, Set-(bi)partition"
- Previous message: Peter Fairbrother: "Re: Weak keys for RSA ?"
- In reply to: Ernst Lippe: "Re: Pin generation algorithm question"
- Next in thread: Ernst Lippe: "Re: Pin generation algorithm question"
- Reply: Ernst Lippe: "Re: Pin generation algorithm question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
