General discussion

Locked

Bolster your network's authentication

By debate ·
What's your take on physics-based authentication? Does your company use a combination of the three authentication methods? Have you implemented a fourth authentication method? Share your comments about the potential of physics-based authentication, as discussed in the Nov. 14 Security Solutions e-newsletter.

If you haven't subscribed to our free Security Solutions e-newsletter, sign up today!
http://nl.com.com/acct_mgmt.jsp?brand=techrepublic

This conversation is currently closed to new comments.

5 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Say Whaaa?

by GoGoDemoDog In reply to Bolster your network's au ...

Sounds good, sounds real good, in fact it sounds a lot like cold fusion to me.
"That authentication method is the addition of a location-specific digital fingerprint (LSDF). You can create an LSDF by sampling the radio frequency to create a dynamic entropy table of secrets. "
... try as I might, I can't figure what this means. What is an LSDF? Which radio frequency?
??

Collapse -

Inherent weakness of authentication

by Flash00 In reply to Say Whaaa?

I checked out the DAT website. They have a very impressive list of government agencies who supposedly use the services of DAT. The explanation of "physics based authentication" is full of undefined sales terms like "dynamic entropy." Mostly, the way it works is a secret.

One thing that any authentication or security scheme must have out of necessity is an administrative override for when things go worng, as they always will. Someone has to be trusted with the authority to break the security. Find that person and subvert him and you have a secret door into the inner sanctum.

Collapse -

Fluff

by packet_geek In reply to Bolster your network's au ...

This article is interesting, if you have time for fluff. The approach outlined is unproven by any standard of due diligence that I can see.
If this were a technical white paper on the technology used by the firm, it might have had some merit. But, other than being a puff piece for a new start-up, I found no value in the article.

Collapse -

The laymans version....

by Todd In reply to Fluff

Basically what they do is, use a receiver to detect ramdom or stray signals that exist all around us generated by cell phones, cordless phones, radios etc...which are or can be effected by your surroundings, such as Buildings, ore's in the Earth, even weather conditions. They transform the signals into numbers and use the numbers either as codes keys or to develope code keys.

In theory, these kinds of keys would be unbreakable since so many 'somewhat' random variables are used to develop them. However, I know folks who study the sicence of Chaos, that feel, this may be wishful thinking.

My personal opinion is... no system that is developed for 'mass distribution', will never stay secure. Even if we set limits, like saying you develop a code that shouldn't be cracked within a year... someone will find a way to crack it within a year or obtain said information through non-scrupulous activity.

FWIW.

Collapse -

Further layman's explanation

by nholsh In reply to The laymans version....

Chaos or not, I have difficulty believing that any encipherment system )keyes)is unbreakable. I remember when 256 character keyes were considered safe since the computing power of even a super computer would require at least a year to decipher. Then came some enterprising students who managed to do the job in hours on several computers. Now we have beowolf clusters with previously unimaginable capabilities. When NSA gives its imprimatur om a system, then I will believe that it is indeed safe for a while.

As for scrupples, ethicalities and legalities, the act of deciphering and utlizing codes to gain unauthorized access is illegal I belive.

Back to Security Forum
5 total posts (Page 1 of 1)  

Related Discussions

Related Forums