Re: Searching for a special challenge&response algorithm

From: Jan Peter Stotz <jp_news@xxxxxx>
Date: Sun, 30 Apr 2006 10:56:54 +0200

Unruh schrieb:

No, that is to prevent off line password guessing.

I know. It was just the basic idea I want to adapt to a client-server
scenario.

Online if you want to
slow things down the server can always do that. Put in a 30 sec wait before
informing the far side that the password guess is correct/incorrect.

It this is the only protection it doesn't help. The attacker could just
open 1000 connections. Each connection has to wait 30 seconds but in the
result you can still test 2000 passwords per second.

Jan
.

References:
- Searching for a special challenge&response algorithm
  - From: Jan Peter Stotz
- Re: Searching for a special challenge&response algorithm
  - From: Carlos Moreno
- Re: Searching for a special challenge&response algorithm
  - From: Jan Peter Stotz
- Re: Searching for a special challenge&response algorithm
  - From: Carlos Moreno
- Re: Searching for a special challenge&response algorithm
  - From: Jan Peter Stotz
- Re: Searching for a special challenge&response algorithm
  - From: Unruh

Prev by Date: Re: Elliptic Curve RSA
Next by Date: Re: Searching for a special challenge&response algorithm
Previous by thread: Re: Searching for a special challenge&response algorithm
Next by thread: Re: Searching for a special challenge&response algorithm
Index(es):
- Date
- Thread

Relevant Pages

Re: SBS 2003 IIS BASED SERVICES FAIL INTERMITTENTLY
... If I read your post correctly, you have a switch where the SBS ... Run DHCP server on your SBS, and set all client machine nics to dynamic. ... Once you have your nics configured, run the Connect to the Internet wizard, ... QUESTION1 - what is REFUSING CONNECTIONS? ...
(microsoft.public.windows.server.sbs)
Re: SBS Exchange 2003: too many "Current Sessions" opened
... So far everything is good and now I'm just monitoring my exchange. ... get the SMTP service to stop hanging in the first place. ... won't have dead connections. ... work for now until I put into production new server hardware with sbs 2003 ...
(microsoft.public.windows.server.sbs)
Re: SBS Exchange 2003: too many "Current Sessions" opened
... You really should go through the steps I posted and get the SMTP service to stop hanging in the first place. ... You'll be happier, you won't be clubbing your server every day with a kill script, and you won't have dead connections. ... You do *not* need to restart the server, ...
(microsoft.public.windows.server.sbs)
RE: Remote access problem
... CEICW setting RWW is OK. ... I clicked "Connect to server desktops" and got the screen with all the ... Remote connections ... > Internet Connection wizard' to configure the server networking settings? ...
(microsoft.public.windows.server.sbs)
Re: Reducing load for LAMP app?
... MySQL: as much as possible, he keeps query results in RAM, but ... His hoster says that Apache server is under significant load. ... Using apc is pretty much transparent, but memcached will require modifying your database abstraction layer using the memcached functions. ... With persistent connections, you must have the maximum number of connections *ever* required allocated *all of the time* - even if no one is using your server. ...
(comp.lang.php)