A distributed system may include multiple autonomous devices on a network. A first value measured at one device may be compared with a second value measured at a second device to see if the two values are the same. For example, the current times generated by a respective clock in each respective one of the two devices may be compared to see if the current times from the two devices are the same. The clocks may have been synchronized, or the clocks may share a common time server. Nevertheless, the two times may differ due to clock skew, clock drift, and latencies in communications between the two devices. To compensate for the potential difference between the two times, the two times may be compared and, as long as the two times are within an acceptable range of each other, the two times may be considered the same time.
Passwords or other security keys may be generated from values measured and/or generated by different devices or by the same device at different times. For example, the values measured or generated may be the two time values read from the respective clock in each respective one of the two devices discussed above. The security keys generated from the two time values may be compared, for example, to determine whether both devices have knowledge of the time an event occurred. Although the values may be considered the same if the values are within an acceptable range of each other, the actual values may not always be included in the passwords or other security keys. For example, each one of the security keys may include a cryptographic hash generated from a respective one of the values, but not the actual values. Therefore, if the values differ from each other, the cryptographic hash included in each one of the security keys may not be the same even though the values from which the cryptographic hashes are generated are within the acceptable range of each other. Thus, even if the values used to generate security keys are within an acceptable range of each other, the security keys cannot be used to determine whether the values are within the acceptable range of each other. Generating security keys based on shared knowledge is then limited to data that is exactly the same, not to data that may be within an acceptable range.