> On Wed, Nov 15, 2017 at 3:06 PM, Gareth Nelson <gar...@garethnelson.com> wr= > ote: > > Use key-based authentication? > > > > Okay, but that doesn't fit the requirement. > I want something iteratively password free. > AFAIK, somewhere along the line in key-based authentication you need > to enter a password to unlock the key. > The context of this email is a password-free SSH. (blank passwords do > not count as password-free) > > What I want to find is a crypto mechanism that allows the use of no > passwords, but with the same guarantees of key-based authentication. > > So my thoughts are that to start with something similar to Diffie > Hellman operating at the network layer, you could generate keys when > you wanted to communicate after an initial round of set up. > > You wouldn't establish faith in the security of the connection until > proof was given that you are talking to the right host, and you could > get higher or lower levels of proof. Something functioning like the > Sieve of Eratosthenes. > > For example. you just use one known fact from the network layer. a > beacon. ntp even. Each communication point in the network, remember > this is a recursive solver, would have different ping time to the > beacon over a large number of pings, or to be able to express the > confidence that this host is who it says it is. Each node has a > complete and different view. In this way you could "push" > Diffie-Hellman to the network layer. > > I think it's similar in flavour to a blockchain, but it would > eliminate the need to use passwords when speaking the protocol and > establish some sort of reality to host mapping. Remember we can never > actually verify anything in the internet due to MITM. We can just > increase our probability of success while decreasing the attack > surface for dictionaries. > > What do you think?
Sorry, I don't see a diff in your email. Oh are you just talking? If you were serious you would stop mixing terminology together and build it.
