From mboxrd@z Thu Jan  1 00:00:00 1970
From: Nick Jamieson <ncj@mcs.vuw.ac.nz>
To: 9fans@cse.psu.edu
Subject: Re: [9fans] cryptographic signatures & factotum
User-Agent: KMail/1.6
References: <76cc93f6db46e7ad7bd84bceb250ba14@collyer.net> <200403141640.00154.ncj@mcs.vuw.ac.nz> <00c001c40977$dfcdc820$67844051@SOMA>
In-Reply-To: <00c001c40977$dfcdc820$67844051@SOMA>
MIME-Version: 1.0
Content-Disposition: inline
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <200403141831.05030.ncj@mcs.vuw.ac.nz>
Date: Sun, 14 Mar 2004 18:31:05 +1300
Topicbox-Message-UUID: 2e26418a-eacd-11e9-9e20-41e7f4b1d025

> you mean a 'nonce'.  time is a really bad choice.

Time is a really bad choice *if* there is the possibility that the 
current-time source(s) can be manipulated. In this case I don't think it will 
be a problem. If general nonces are used then the work computer would need to 
keep all of the given nonces forever to prevent replay attacks.

Trade offs...

Nick