EAP-POTP The Protected One-Time Password EAP Method - PowerPoint PPT Presentation

1 / 10
About This Presentation
Title:

EAP-POTP The Protected One-Time Password EAP Method

Description:

EAP-POTP The Protected One-Time Password EAP Method Magnus Nystrom, David Mitton RSA Security, Inc. Background EAP-POTP is an EAP method designed for One-Time ... – PowerPoint PPT presentation

Number of Views:62
Avg rating:3.0/5.0
Slides: 11
Provided by: Magn78
Learn more at: http://www.ietf.org
Category:

less

Transcript and Presenter's Notes

Title: EAP-POTP The Protected One-Time Password EAP Method


1
EAP-POTPThe Protected One-Time Password EAP
Method
  • Magnus Nystrom,David Mitton
  • RSA Security, Inc.

2
Background
  • EAP-POTP is an EAP method designed for One-Time
    Password (OTP) tokens
  • EAP-POTP offers
  • Strong user authentication
  • Mutual authentication
  • Protection of OTPs in transit
  • Establishment of key material
  • Fast session resumption
  • capabilities that are missing from existing EAP
    methods used with OTP tokens

3
Objectives
  • End-to-end protection of OTP value
  • Provide key material for lower layers (MSK, EMSK)
  • Minimal initial configuration
  • Minimize number of roundtrips
  • No PKI requirements
  • But complements PEAP, TTLS, and other tunneling
    methods
  • Meet RFC 3748, RFC 4017 requirements as well as
    requirements in keying-08
  • Support OTP corner cases such as
  • Next OTP
  • New PIN mode

4
Typical Deployment,Wireless Authentication
5
Method Specifics
  • Packet format builds on the use of TLVs
  • Similar to PEAP
  • Hardens OTPs to protect against eavesdroppers
    and MITMs
  • Extensible to various OTP types
  • Optional channel binding
  • Session Resumption mechanism
  • For further information, see the presentation
    made to the EAP WG at IETF-62http//www.drizzle.c
    om/aboba/IETF62/eap/ietf62_eap_potp.ppt

6
A few Security Features
  • Freshness each peer contributes a nonce
  • Channel binding the client indicates the server
    it thinks its talking to
  • Protected Pin change
  • Protected results Client confirmation exchange
  • Selection Server realm ID in initial request

7
Some Recent Updates
  • Introduction of Protected TLV
  • To take advantage of established key material
    already in the EAP session itself
  • Essentially, the protected TLV wraps other TLVs
    and integrity-protects them
  • Session resumption defined for basic mode

8
Planned Updates Current Status
  • Planned Updates
  • Protected ciphersuite negotiation
  • Use of dedicated session resumption key for
    session resumption (and not EMSK)
  • Status
  • Commercial implementations of protocol version 0
    exist. Will work on distinguishing differences.
  • RSA willing to contribute the method to the EMU
    community if there is interest in adopting it as
    a standards-track work item

9
IPR
  • RSA offers a reciprocal royalty-free license
    under RAND to all implementers
  • For details, see http//tinyurl.com/cvrfs

10
Documents Information
  • draft-nystrom-eap-potp-03.txt
  • Part of One-Time-Password Specifications
    http//www.rsasecurity.com/rsalabs/otps
  • CT-KIP Cryptographic Token Key Initialization
    Protocol
  • OTP PKCS11 Mechanisms
  • OTP CAPI MS CryptoAPI OTP extensions
  • OTP WSS Token WS-Security OTP Token format
  • OTP Validation Service Web service for OTP
    validation
  • Mailing list subscribe otps to
    majordomo_at_majordomo.rsasecurity.com
  • Archive available by sending get otps otps.05 to
    the above email address
Write a Comment
User Comments (0)
About PowerShow.com