alt Hacker NewsThinking about it, there are only 10 billion different keys and somewhat fewer sboxes.
So given a single pass code and the login time, you can just compute all possible pass codes. Since more than one key could produce the same pass code, you would need 2 or 3 to narrow it down.
In fact, you don't even need to know the login time really, even just knowing roughly when would only increase the space to search by a bit.
Replies
brna-2 • yesterday at 10:07 AM
Yep known issue, was hoping someone could spice the protocol up without making it mentally to heavy, hn is full of smart playful people.
Also @MattPalmer1086 the best solution for this I have now is to have several secret keys and rotate usage. Would be nice to have some additional security boosts.