W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2010

Re: one time passwords from private keys

From: Henrik Nordström <henrik@henriknordstrom.net>
Date: Fri, 14 May 2010 11:22:31 +0200
To: Story Henry <henry.story@bblfish.net>
Cc: Semantic Web <semantic-web@w3.org>, tls@ietf.org, Working Group HTTP <ietf-http-wg@w3.org>
Message-Id: <1273828951.7134.46.camel@localhost.localdomain>
sön 2010-02-28 klockan 15:51 +0100 skrev Story Henry:
> Hello,
> 
>    I am looking around to see if anyone knows an algorithm to allow one to produce a one time password [1] from the private key part of an asymmetric key pair. 

Any of the publik key crypto methods + a challenge from the server can
produce this by simply encrypting the challenge using the private key,
and is explained well in the paper you quoted.

There need to be a challenge sent by the server as it's only this the
server can use to verify the one-time aspect.

Regards
Henrik
Received on Friday, 14 May 2010 09:23:15 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:18 GMT