From: "Perry E. Metzger" <pmetzger@lehman.com>
Date: Thu, 18 Nov 93 10:21:31 PST
To: Matthew J Ghio <mg5n+@andrew.cmu.edu>
Subject: Re: List of one-shot passwords
In-Reply-To: <UguvWNa00awFM8JmNl@andrew.cmu.edu>
Message-ID: <9311181820.AA28976@snark.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain



Matthew J Ghio says:
>  "Alan (Gesture Man) Wexelblat" <wex@media.mit.edu> wrote:
> 
> > It seems to me that a simpler solution than challenge-response would
> > be to emultate the tear-sheet crypto systems and just have a series of
> > one-shot passwords generated.  Each time you log in, it requires the
> > next password from the sheet, so capturing the old one does no good
> > (just as breaking the one-time codes from tear sheets doesn't help).
> >
> > Now if I could just figure out a simple way to do this on UNIX...
> 
> You can use a sequential PRNG to do this, and then add a scrambling
> system to the output (to confuse anyone trying to break the pattern).  I
> once wrote a program to do this (just for experimentation, and not in
> UNIX...).

You want to use a cryptographically strong one, however, because most
PRNGs are easily guessed. This in practice means using MD5 or DES or
IDEA or something as an RNG.

Perry