[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ArcotSign (was Re: Does security depend on hardware?)




bram wrote:
> 
> On Mon, 21 Sep 1998, Bruce Schneier wrote:
> 
> > Here's the basic idea:  Strew a million passwords on your hard drive, and
> > make it impossible to verify which is the correct one offline.  So, someone
> > who steals the password file off the client cannot run a cracking tool
> > against the file.
> 
> Is this really patentable? It sounds a *lot* like the original public-key
> algorithm (the one involving lots of little 'puzzles')

A question : How does the legitimate user find his password?
(Sorry for not having followed this thread from the beginning.)

M. K. Shen