difference between one-time pad and one-time password?

difference between one-time pad and one-time password?

am 31.07.2006 22:40:35 von DFS

Can someone please explain the difference between one-time pad and one-time
password?

Thanks,

M0nst3r

Re: difference between one-time pad and one-time password?

am 31.07.2006 23:18:23 von roberson

In article <7Vtzg.8641$Ca.6536@fe1.news.blueyonder.co.uk>,
M0nst3r wrote:

>Can someone please explain the difference between one-time pad and one-time
>password?

http://en.wikipedia.org/wiki/One-time_password
http://en.wikipedia.org/wiki/One-time_pad

Re: difference between one-time pad and one-time password?

am 01.08.2006 00:15:12 von Volker Birk

M0nst3r wrote:
> Can someone please explain the difference between one-time pad and one-time
> password?

One-Time-Pad is a cryptography algorithm, one-time-password, often
called "TAN", is an authentication method.

Yours,
VB.
--
Ich würde schätzen, dass ca. 87% aller spontanen Schätzungen völlig für
den Arsch sind.

Ralph Angenendt in debate@ccc.de

Re: difference between one-time pad and one-time password?

am 01.08.2006 08:59:33 von unruh

"M0nst3r" writes:

>Can someone please explain the difference between one-time pad and one-time
>password?

One time pad usually refers to a string of "random" numbers or letters
which are combined with the message, one letter at a time, to create the
encrypted message. Nowadays this combination is often the bitwise xor, but
it could also be addition modulo 256, or modulo 26 (if just capital
letters) or whatever else.
It is in general the only provably secure system, as long as that one time
pad really is only ever used once and the entries really are unpredictable.
The problem is that the pad has to be at least as long as all the messages
that are going to be sent, and thus has a problem as to how to exchange the
pad material.


A one time password is a system in which a password is used for example for
authentication, just once. Usually this is done so that a new password is
created by some process from a fixed password plus additional informtion
(eg stuff the other side sends, or some count as in skey/opie, or the
time.) It is done so that some evesdropper who sees you use a password
cannot simply use that same password to gain access.

>Thanks,

>M0nst3r