OPIE considered insecure
Alexander Leidinger
Alexander at Leidinger.net
Thu Feb 12 02:00:41 PST 2009
Quoting Benjamin Lutz <mail at maxlor.com> (from Wed, 11 Feb 2009
18:21:53 +0100):
> Hello,
>
> I've been thinking about what to do about OPIE, and I see the following
> possibilities. (Note: this is mainly just a braindump to collect my
> thoughts; many details that seem obvious to me are omitted. I'm making it
> public because others might be interested in it too.)
[...]
> - Implement another algorithm: OTPW
[...]
- Implement something which is similar o freeauth.org, just better
implemented and without the "not so good" stuff / design decissions.
Short: they need something you know (PIN) + something you have (e.g.
token, or mobile phone with java with some fixed key). You then enter
your arbitrary long PIN into the phone, and it will give you a time
limited key to login (so the time needs to be in sync to some extend).
On the machine you login you need the cleartext version of your PIN,
the fixed key, and ideally it saves the the PW you just used to login
to prevent a relogin with the same PW. If you've seen the remote login
tokens from RSA or similar, then you should get the idea what this is
about.
I wrote down a while ago the algorithm somewhere (based upon my own
thoughts how to do it, this was before I've seen freeauth, so it's
independent), and also thought about the bells and whistles (some
security pitfalls you need to think about). If you are interested in
implementing this (ideally with a BSD license for inclusion into the
base system)
--
Oh, yeah, life goes on, long after the thrill of livin' is gone.
-- John Cougar, "Jack and Diane"
http://www.Leidinger.net Alexander @ Leidinger.net: PGP ID = B0063FE7
http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID = 72077137
More information about the freebsd-security
mailing list