From: Mok-Kong Shen <mok-kong.shen@stud.uni-muenchen.de>
To: Bruce Schneier <schneier@counterpane.com>
Message Hash: 9c559f09e2f0572ee87d70b2fef7273fd9fc3f647440ba00343d5f64f9f92647
Message ID: <3607960E.DD29B101@stud.uni-muenchen.de>
Reply To: <Pine.LNX.3.96.980921133001.20069A-100000@blackbox>
UTC Datetime: 1998-09-21 23:18:24 UTC
Raw Date: Tue, 22 Sep 1998 07:18:24 +0800
From: Mok-Kong Shen <mok-kong.shen@stud.uni-muenchen.de>
Date: Tue, 22 Sep 1998 07:18:24 +0800
To: Bruce Schneier <schneier@counterpane.com>
Subject: Re: ArcotSign (was Re: Does security depend on hardware?)
In-Reply-To: <Pine.LNX.3.96.980921133001.20069A-100000@blackbox>
Message-ID: <3607960E.DD29B101@stud.uni-muenchen.de>
MIME-Version: 1.0
Content-Type: text/plain
Bruce Schneier wrote:
>
> At 12:48 PM 9/22/98 +0100, Mok-Kong Shen wrote:
> >Bruce Schneier wrote:
> >> He uses a remembered secret and some mathematical magic.
> >
> >Another naive question: Why is the remembered secret not sufficient
> >(thus doing away with the magic)?
>
> One of the significant improvements is that the scheme is immune to
> offline password guessing attacks.
If the 'mathematical magic' is not to be kept secret (as in principle
shouldn't for all crypto algorithms) then presumably one could
attack through brute forcing the 'remembered secrect', I guess.
(I suppose the 'remembered secret' has less bits then the 'password'
that is to be retrieved from the pool of millions with the
'mathematical magic'). So the advantages of the scheme appear to
remain unclear as a matter of principle.
M. K. Shen
Return to September 1998
Return to ““Todd S. Glassey” <TSGman@earthlink.net>”