Re: public key password authentication
- From: Kristian Gjøsteen <kristiag+news@xxxxxxxxxxxx>
- Date: Mon, 30 Apr 2007 08:31:22 +0000 (UTC)
Hallvard B Furuseth <h.b.furuseth@xxxxxxxxxxx> wrote:
No, I mean the server itself - e.g. if the server's security is not
trusted. And I figure that if even the server admin can't find how to
authenticate to the server itself short of with a brute-force attack,
then it's as secure as it can get without things like a hardware black
box.
You definitely need zero knowledge. I don't know about any schemes that
satisfies such requests, but the topic has certainly been investigated.
Note that few people consider schemes attackable by exhaustive search
secure today, and passwords are almost always vulnerable to exhaustive
search.
--
Kristian Gjøsteen
.
- References:
- public key password authentication
- From: Hallvard B Furuseth
- Re: public key password authentication
- From: Kristian Gjøsteen
- Re: public key password authentication
- From: Hallvard B Furuseth
- public key password authentication
- Prev by Date: Re: Book on Pre-MATH for cryptography and cryptanalysis.
- Next by Date: byte inversion in ciphertext
- Previous by thread: Re: public key password authentication
- Next by thread: Re: public key password authentication
- Index(es):
