APOP - summary

[Matus Uhlar]

In cz.net.internet was written by Bohous Michal <michal at fee.vutbr.cz>:
-> Ne - princip autentizace je takovy:
->  - server posle klientovi nahodne vytvoreny retezec
->  - klient jej modifikuje (zasifruje) uzivatelovym heslem (shared secret)
->  - server na sve strane udelal totez a porovna vysledky

-> Nevyhoda: server musi znat heslo v otevrene forme.

HMm, preco sa nepouziva unixovy sposob sifrovania ? prvykrat sa heslo
zasifruje nahodnym retazcom a takto sa ulozi, pricom zaciatok zasifrovaneho
hesla je totozny s tym nahodnym retazcom:
crypt(pwd,crypted_pwd)==crypted_pwd

vari to je bezpecnejsie ?
--
 E-mail: Matus.Uhlar at tuke.sk WWW: http://ccsun.tuke.sk/users/uhlar
 IRC: fantomas, TALK: uhlar at ccnews.ke.sanet.sk
 ...and if you think I'm talking for my employer, you're wrong...