5

As far as I know, challenge-response authentication schemes employ a shared secret (or two halves of a key pair) and an irreversible function which combines the secret and a challenge into a response that proves that the client knows the secret, but doesn't actually expose the secret to an eavesdropper.

Does such a secret and function exist that it would be feasible to calculate the response to a challenge in one's head?

matega
  • 369
  • 1
  • 8
  • "what's the 3rd and last letter of your password?" – schroeder Sep 21 '16 at 17:32
  • This is not a real challenge response which must be immune against eavesdropping. – kaidentity Sep 21 '16 at 17:36
  • @kaidentity the requirement was not to expose the secret to an eavesdropper, my proposal does not do that – schroeder Sep 21 '16 at 20:29
  • @schroeder After eavesdropping 20 challenge / responses you probably know the entire password. – kaidentity Sep 21 '16 at 20:43
  • @kaidentity I might say that if one can eavesdrop that many times, then it is no longer considered 'eavesdropping' but a compromised channel. – schroeder Sep 21 '16 at 20:48
  • @schroeder I do not agree. Authentication schemes that use public key crypto are completely immune against eavesdropping and they also can easily be made immune against replay. I understand the question like this: "Is there something equivalent to strong crypto challenge response which doesn't require computational power?" – kaidentity Sep 22 '16 at 08:25
  • @kaidentity is that what the OP meant, though? – schroeder Sep 22 '16 at 18:49
  • @matega, did you ever investigate this further? – Justin Megawarne Apr 01 '17 at 18:45

1 Answers1

2

I might be wrong but very spontaneously:
The password authentication scheme has an obvious flaw: The authenticating subject needs to send a secret in clear text in order to prove her identity. However, password authentication is widely accepted. Why? Because it is practical to use and easy to understand. If there were really good alternatives none would use password authentication any more. Everything that fixes the above flaw requires cryptography which requires math and computational power.

The only one I can think of are mechanisms which don't reveal the full secret in one run. Think of a 2nd-factor authentication where the server asks you for digits 2 and 7 of a 10 digit number and next time it will ask you for 1 and 3. An eavesdropper needs to log a lot of authentication attempts before (s)he has a reasonable chance to logon successfully. But this is not really what you are looking for.

A while ago, someone posted this on security@stackexchange. Maybe it is closer to what you are looking for but I don't think it can work, as someone commented

Security at the expense of usability comes at the expense of security

kaidentity
  • 2,634
  • 13
  • 30
  • I'm not clear on what you are trying to say in your first point. Can you expand on what you are trying to say? – schroeder Sep 21 '16 at 20:33
  • the password authentication scheme has the obvious flaw that you need to send your secret in cleartext to the recipient you are trying to prove your identity to. A human challenge-response scheme would fix this flaw. So if something like this existed it would have replaced password authentication already. – kaidentity Sep 21 '16 at 20:41
  • Can you edit your answer to make it clearer with these notes? – schroeder Sep 21 '16 at 21:01