--- begin forwarded text
Delivered-To: [EMAIL PROTECTED]
Date: Mon, 17 Oct 2005 20:02:26 -0400
To: Philodox Clips List [EMAIL PROTECTED]
From: R.A. Hettinga [EMAIL PROTECTED]
Subject: [Clips] Bypassing the Password Prompt
Reply-To: [EMAIL PROTECTED]
Sender: [EMAIL PROTECTED]
--- begin forwarded text
Delivered-To: [EMAIL PROTECTED]
Date: Mon, 17 Oct 2005 20:11:31 -0400
To: Philodox Clips List [EMAIL PROTECTED]
From: R.A. Hettinga [EMAIL PROTECTED]
Subject: [Clips] Estonians vote in world's first nationwide Internet election
Reply-To: [EMAIL PROTECTED]
Sender:
I can't say I a fan of the idea of having multiple ways of mixing entropy into
the system. In particular, the idea of producing output by XORing your PRNGs
output with the output of a semi-public RNG seems like a bad idea to me,
because an attacker can easily control those values by taking
Speaking of two-factor authentication, can anyone explain how servers
validate the code from a SecurID token in the presence of clockskew?
Does it look backwards and forwards in time a few minutes?
Similarly, how do those garage door openers with rolling codes work,
given that the user may have
On 18 okt, Greg Rose wrote:
Similarly, how do those garage door openers with rolling codes work,
given that the user may have pressed the button many times
accidentally while out of range of the receiver?
Ahh, one of the dirty little secrets. If the base receives two
sequential outputs from a
- Original Message -
From: Travis H. [EMAIL PROTECTED]
Subject: SecurID and garage door openers
Similarly, how do those garage door openers with rolling codes work,
given that the user may have pressed the button many times
accidentally while out of range of the receiver?
My