1 / 7

EAP-POTP: An EAP method for One-Time Passwords

EAP-POTP: An EAP method for One-Time Passwords. OTPS Workshop February 2006. EAP-POTP: A Primer. General EAP method for OTP tokens Provides mutual authentication Generates keying material Does not rely on tunnelling (provides privacy for OTP values) Enables fast session resumption

irma
Download Presentation

EAP-POTP: An EAP method for One-Time Passwords

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. EAP-POTP: An EAP method for One-Time Passwords OTPS Workshop February 2006

  2. EAP-POTP: A Primer • General EAP method for OTP tokens • Provides mutual authentication • Generates keying material • Does not rely on tunnelling (provides privacy for OTP values) • Enables fast session resumption • EAP-POTP • Complements EAP-PEAP, EAP-TTLS, and EAP-FAST • May be used as a better alternative for an “inner” EAP method than EAP-GTC, PAP, CHAP, etc

  3. Characteristics • Built on the principle of TLVs • 16 TLVs defined: Version, Server-Info, Resume, OTP, Confirm, Vendor-Specific, Counter, Time Stamp, Challenge, Keep Alive, Token Serial, User Identifier, NAK, New PIN, Protected, Crypto Algorithm

  4. Profiles • The method is profiled for RSA SecurID – EAP-POTP RSA SecurID (EAP method 32) • Profiles for other OTP algorithms expected and desired • May be seen as a framework within a framework • EAP is a framework for many authentication mechanisms • POTP is a framework for OTP-based mechanisms within EAP

  5. Recent Modifications • Draft 5 published in December 2005 • Derivation of a special session resumption key (SRK) at the same time as derivation of other keys such as the EMSK and the MSK • Avoids some issues identified with the use of the EMSK as a basis for the SRK • Parameterization of the hash, encryption, and MAC algorithms through a new "Crypto Algorithm TLV“ • Allows for cryptographic algorithm negotiation • Addition of a "Challenge TLV“ • When the challenge used in a challenge-response method otherwise would be unknown to the EAP server

  6. The SRK K_MAC | K_ENC | MSK | EMSK | SRK =PBKDF2 (OTP, …) At session resumption: K_MAC | K_ENC | MSK | EMSK | SRK = PBKDF2 (SRK, …) SRK only used for session resumption (previously MSK was used, but was also used for session keys)

  7. Current Status and Next Steps • Have asked for Designated Expert Review • Subsequent to this, or if no response from IETF EAP WG chairs, will ask for IETF Last-Call (for Informational RFC) • After OTPS participants’ confirmation • Interoperability event?

More Related