There has been some recent interest in authentication using two channels: an insecure broadband channel and an authenticated narrowband channel. This problem has been considered in the context of ad hoc networks, where there might not be a secret key shared by the two communicating parties, nor a public-key infrastructure to allow the use of public-key cryptography. For example, two devices might want to authenticate each other using an insecure wireless network, where the authenticated ”channel” consists of a human who manually transmits some small amount of authenticating data from one device to the other.