I might be wrong but very spontaneously:
The password authentication scheme has an obvious flaw: The authenticating subject needs to send a secret in clear text in order to prove her identity. However, password authentication is widely accepted. Why? Because it is practical to use and easy to understand. If there were really good alternatives none would use password authentication any more. Everything that fixes the above flaw requires cryptography which requires math and computational power.
The only one I can think of are mechanisms which don't reveal the full secret in one run. Think of a 2nd-factor authentication where the server asks you for digits 2 and 7 of a 10 digit number and next time it will ask you for 1 and 3. An eavesdropper needs to log a lot of authentication attempts before (s)he has a reasonable chance to logon successfully. But this is not really what you are looking for.
A while ago, someone posted this on security@stackexchange. Maybe it is closer to what you are looking for but I don't think it can work, as someone commented
Security at the expense of usability comes at the expense of security