Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] Bits to Bits, Dust to Dust, Ashes to Ashes



Hi!

On 22.12.2005, 00:45 -0500 Jim wrote:
> On Thu, 22 Dec 2005 14:16:57 +0900 Edward Middleton <edward@example.com> wrote:
> > Probably more so literally, in that it is almost always easier to
> > extract a password from the owner then to break the cryptography.
> Why bother with the password? The owner knows what you want to know. 
> Just skip the password and ask what you want to know. 

Not always so.

For instance, there are those nice hardware crypto cards or hardware
crypto tokens which produce a one time access token (some string or
number). The holder of such a card does not know how to calculate this
string. Depending on the system you need either a password to produce
such an access token, or a password and a valid token (new tokens are
produced every 60 secs or so, and a token in valid for maybe 120 secs)
to log into such a system...

Other scenarios where the data is just too complex to be remembered
(like an HBCI key (http://en.wikipedia.org/wiki/HBCI)) also come to
mind...

-- 
  Michael Reinsch <mr@example.com>                      http://mr.uue.org/
------------------------------------------------------------------------

Attachment: signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links