In the 1980s DEC gave us crypt16, reducing password-guessing from 25 DES operations to a suffix search requiring only 5 DES operations.
In the 1990s MS gave us LMHASH, reducing it to a single DES operation. Now, in 2012, the WiFi Alliance is proud to present WPS' wps_reg, which splits a 7-digit PIN into 4- and 3-digit halves, easily beating both DEC and MS broken auth-checking mechanisms: http://sviehb.wordpress.com/2011/12/27/wi-fi-protected-setup-pin-brute-force-vulnerability/ The WiFi Alliance is hereby nominated for the Tenex Memorial Prize [*] for innovative design in authentication mechanisms. Peter. [*] The Tenex Memorial Prize dates back to the late 1960s, when this security bug was first introduced. _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
