Re: Cryptanalysis of SecurID (ACE/Server)

New Message	Reply	About this list	Date view	Thread view	Subject view	Author view

Perry E. Metzger (perry@piermont.com)
Wed, 30 Sep 1998 16:03:14 -0400

Next message: Jim Gillogly: "VeriSign cert reader?"
Previous message: Derek Atkins: "Re: propose: `cypherpunks license' (Re: Wanted: Twofish source code)"
In reply to: Richard Stallman: "Re: propose: `cypherpunks license' (Re: Wanted: Twofish source code)"
Next in thread: vinnie@vmeng.com: "Re: Cryptanalysis of SecurID (ACE/Server)"

Vin McLellan writes:
> Perry Metzger <perry@piermont.com> dismissed the whole genre of
> hand-held authentication tokens: "In a world of TCP hijacking, who cares if
> the one time system is good?"
>
> (Maybe someone who really wants to know who is coming through the VPN?)

Given TCP hijacking, it won't tell you who is coming through the
VPN. You need a strong cryptographic authentication system for the
entire session anyway, which makes SecureID less useful.

Perry

Next message: Jim Gillogly: "VeriSign cert reader?"
Previous message: Derek Atkins: "Re: propose: `cypherpunks license' (Re: Wanted: Twofish source code)"
In reply to: Richard Stallman: "Re: propose: `cypherpunks license' (Re: Wanted: Twofish source code)"
Next in thread: vinnie@vmeng.com: "Re: Cryptanalysis of SecurID (ACE/Server)"

New Message	Reply	About this list	Date view	Thread view	Subject view	Author view

All trademarks and copyrights are the property of their respective owners.
Other Directory Sites: SeekWonder | Directory Owners Forum

The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:14:02