One Time Identification, a request for comments/testing.

Jim Rees rees at umich.edu
Fri Feb 2 10:05:09 EST 2007


So would it be fair say this is sort of like using a smartcard in that you
need both possession of the token and knowledge of a PIN?  And that the KDC
guards the PIN against brute force guessing, because each guess requires a
transaction against the KDC?  So stealing the token gets the attacker
nothing?



More information about the Kerberos mailing list