|
|
 | | From: | Valery Pryamikov | | Subject: | Is there any scheme of password-based ZK with randomized verifier? | | Date: | Thu, 20 Jan 2005 14:08:47 +0100 |
|
|
 | Hi,
I wonder if there any known authentication scheme that uses randomized
verifier together with interactive zero knowledge proof of identity and
precludes offline brute force password search attack based on verifier's
value?
Ex. something like extension to Schnorr identification protocol with
derivation of the password + non-disclosed random r in verifier...
or variation of SPR (RFC 2945) where random salt isn't stored with verifier
on host, but replaced with something like g^r or g^(-r)?
Thanks in advance,
-Valery.
|
|
|
