logo_kerberos.gif

Difference between revisions of "Projects/Improve OTP deployability"

From K5Wiki
Jump to: navigation, search
(New page: {{project-early}} The existing FAST-based OTP currently requires a KDC-authenticated FAST armor in order to use safely for a common OTP back end deployment scenario. (The OTP back end re...)
(No difference)

Revision as of 16:40, 13 December 2013

This is an early stage project for MIT Kerberos. It is being fleshed out by its proponents. Feel free to help flesh out the details of this project. After the project is ready, it will be presented for review and approval.


The existing FAST-based OTP currently requires a KDC-authenticated FAST armor in order to use safely for a common OTP back end deployment scenario. (The OTP back end receives the cleartext OTP value from the KDC and verifies it.)

Use cases

Some sites (including Stanford and MIT) have a need to transition users from normal a long-term password to an OTP two-factor authentication, while retaining the user's existing long-term password as one of the factors. Additionally, it is useful to transition a user from such an OTP two-factor status to remove the OTP requirement while retaining the same long-term password. (e.g., hardware OTP token is lost and user needs to get work done anyway).

Additionally, existing FAST armors suitable for use with FAST-OTP require deploying either a keytab or a KDC public key certificate (or trust anchor) on the client host. It would make OTP easier to deploy if some FAST armor suitable for FAST-OTP could be deployed with minimal configuration on the client. This probably means developing some kind of PAKE-based FAST armor.

Challenges

PAKE armor means that an online attack could potentially discover the user's long-term password without also knowing the OTP values.

PAKE algorithms might have patent issues, particularly if elliptic curve crypto (useful for size and performance) is involved.