Re: Future of s/key (Re: S/Key & OPIE Database Vulnerability)

[mouse () RODENTS MONTREAL QC CA (der Mouse)]

> The future of s/key is probably what it always has been: an otp
> supplement [...] regardless of [] the access method

It's always seemed to me that s/key's biggest problem is that it's
*not* a true one-time password scheme: the passwords are
algorithmically related.  Indeed, I believe it's no coincidence that
all the attacks against s/key (that I've heard of) are based on just
this weakness.  It's very much like the difference between a
conventional stream cipher and a one-time pad, actually.

Of course, a true one-time password scheme (where "true" here means
that the passwords are truly random and completely unrelated) has its
own problems, mostly related to storing the passwords in question.
Personally, I generate passwords by rolling dice[%] and store them on a
small pad of paper (which I carry on my person when I travel) - not
entirely unlike a one-time pad. :-)

[%] And running the result through a simple hash function - more
    precisely, I generate entropy by rolling dice and generate
    passwords from that entropy by a simple encoding scheme.

                                        der Mouse

                               mouse () rodents montreal qc ca
                     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B