Barney Wolff wrote: >Actually, it can. The server can store challenge-responses in pairs, >then send N as the challenge and use the N+1 response (not returned) >as the key.
But why bother? What does this add over just using crypto without their fancy physical token? The uncloneability of their token is irrelevant to this purpose. You might as well just carry around a piece of paper, or a floppy disk, with a list of keys on it. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]