'Ge' Weijers' (ge@Progressive-Systems.Com)
Thu, 25 Feb 1999 09:30:29 -0500
On Wed, Feb 24, 1999 at 02:47:44PM -0600, Bauer, Michael (C)(STP) wrote:
> I agree that storing the certificate/private-key on a hard drive is the weak
> piece of the picture. Still, in certain applications it might be an
> acceptable risk: for example, in a dial-up scenario, where your main
> concern is "random hackers from the void" rather than, say, untrusted
> insiders (consultants, like me ;-) with access to trusted users' machines,
> or corporate spies following users around in airports waiting for the
> opportunity to pilfer a laptop system. I'm talking about Joe Businessman,
> here, not government/military users.
Business espionage is at an all-time high :-)
If you allow users to choose their own passwords they will invariably
choose weak ones. If you force strong passwords on they you will
forever have to reset passwords because they forget them.
One approach is to live with the weak passwords. Some systems exist
that allow online-only authentication with a password (see for instance
http://srp.stanford.edu/ ). The advantage of these systems is that
offline attack is impossible (unless the client is modified).
The best software-only approach would combine a password with a
software 'token' file, and it would not allow any off-line attacks,
i.e. any verification will have to be done online, where you can lock
out a user after so many failed attempts.
The only reason I can see for PK crypto is to limit the exposure of
the user's secret in case the server is compromised. The server only
needs to store the public key, and this key can't be used to
compromise other systems.
There's definitely a market niche for strong, low-maintenance network
security/VPN solutions targetting small-to-medium size businesses.
Ge'
-- - Ge' Weijers Voice: (614)326 4600 Progressive Systems, Inc. FAX: (614)326 4601 2000 West Henderson Rd. Suite 400, Columbus OH 43220
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:18:28