My educated-layman's opinion is that the following is not feasible, but I'd be happy to be shown wrong ...
Given a closed public-key device such as a typical smart card with its limited set of operations (chiefly "sign"), is it possible to implement a challenge/response function such that
* Both the challenge and the response are short enough for an average user to be willing to type them when needed.
* The challenge can be generated, and the response verified using the cardholder's public key and a reasonable amount of computation.
What's wrong with sending the device encryption of a random number (using the public key of the device), and the device sending back the number as proof of possession of the corresponding secret key?
Would it not be the case that the challenge would be as long as the key, and hence to long to reasonably expect a user to type into a keypad?
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
