| The big question is what kind of problem is being solved? Truth is, nobody is giving up good old passwords just yet. Two-factor helps when necessary, but the password is still there. The actual issue, IMO, is avoiding recovery of the plaintext passwords en masse when a typical website gets hacked. People reuse their passwords. So, as a webmaster, I don't want to be sitting on a pile of weak hashes, etc, etc. Salted hashes like bcrypt seem to help (as far as I've read about these things). PKI offers even more potential. E.g. a password-encrypted random keypair could be something - the client gets it at will from the server, decrypts it by prompting for password, and then uses it to authenticate a random nonce from the server. Effectively, in that situation the server willingly gives up the entire authentication database, but trusts keypair blob's encryption to do its job against brute-force attacks. |
That solution doesn't really solve the problems we're seeing all too often these days, user data being stolen and used. How do you determine who gets what encrypted keypair file, what's to stop an attacker from bruteforcing a persons keypair or even selectively attacking someone and decrypting their keypair. (I'm assuming you mean encrypted with a key generated from a PBKDF here).
Authentication is quite the hard thing to accomplish. BrowserID is a step forward for what we have today, but IMO it's not a step in the right direction, it's just moving the burden somewhere else.