At 04:49 PM 01/18/2000 -0700, [EMAIL PROTECTED] wrote:
>I've got something with around 100 bytes of ram and an 8-bit multiply.
>Is there an authentication mechanism that can fit in this?
What types of attacks are you concerned with? That's the main question. If
you have a direct, unsniffable connection from the device to the person
being authenticated, then just stick some secret data in there, and make
the guy provide the secret. Be sure to give him/her a way to change the
secret.
If you're passing the authentication data across a sniffable connection,
then I doubt you have the resources to do unsniffable authentication. That
requires a reasonably strong crypto computation. You can throw some sand in
attackers' eyes by doing challenge/response authentication with weak
encryption, but a determined attacker should be able to recover the secret
from intercepted challenge/response pairs.
Rick.
[EMAIL PROTECTED]
"Internet Cryptography" at http://www.visi.com/crypto/
