hardware preauthentication in krb5-1.3-beta4

Ken Hornstein kenh at cmf.nrl.navy.mil
Tue Jul 15 07:16:49 EDT 2003

>Just a thought, perhaps the challenge should be used as a source of 
>entropy. The user consumable
>portion of the challenge can be augmented with additional randomly 
>generated bytes. This
>approach permits the continued use of a classic hardware token and 
>provides a semi user centric experience.

I don't see how you could do that, since the challenge has to be transmitted
in the clear (there's nothing to encrypt it with).


More information about the krbdev mailing list