Date: Wed, 9 Jul 2008 12:25:40 +0530 From: "Ivan Grover" <ivangrvr299@gmail.com> To: "=?ISO-8859-1?Q?Dag-Erling_Sm=F8rgrav?=" <des@des.no> Cc: freebsd-security@freebsd.org Subject: Re: OPIE Challenge sequence Message-ID: <670f29e20807082355j590a23aax6335ee3d6480d96b@mail.gmail.com> In-Reply-To: <8663rg5qvd.fsf@ds4.des.no> References: <670f29e20807080316s6cf57612jf5135bfd340e3328@mail.gmail.com> <20080708113030.GN62764@server.vk2pj.dyndns.org> <670f29e20807080641wb6f76cctfacfbb2af2f4f7e9@mail.gmail.com> <8663rg5qvd.fsf@ds4.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jul 8, 2008 at 9:07 PM, Dag-Erling Sm=F8rgrav <des@des.no> wrote: > "Ivan Grover" <ivangrvr299@gmail.com> writes: > > Thank you so much for your responses. By "predetermined ", i meant the > > challenges appear sequentially in decremented fashion, so are we aware = of > > any security hole with this. > > There is no way to deduce the next challenge from the current one. This > is documented in the opie(4) man page. Just to clarify, I think you are trying to say the next response from the current one, since the challenges are generated somehting like otp-md5 60 lo0245 ext, otp-md5 59 lo0245 ext, otp-md5 58 lo0245 ext,... so on. > > Here's the only advisory I could find for OPIE: > > http://security.freebsd.org/advisories/FreeBSD-SA-06:12.opie.asc > > > I ask this because usually the challenge/response implementations > > consider generating random challenges( i think here they have a > > weakness where the passphrase need to be in clear text). > > OPIE cannot use random challenges, because one of the requirements is > that it should be possible to print a list of pre-generated responses. > > The advantage of OPIE over traditional passwords is that OPIE is not > vulnerable to replay attacks, but this is not as relevant these days as > it was back when S/Key (on which OPIE is based) was designed. Replay > attacks aren't very effective against encrypted protocols such as SSH. > > > My problem is to determine the best challenge/response implementation > > for authenticating the clients. > > Systems like OPIE, where the challenge is actually issued to the user > and not just to the user's software, require the user to have access to > a response calculator, or to carry a sheet of precalculated responses. > The former is difficult unless the users always log in from their own > desktop or laptop computer, and the latter is usually a bad idea since > someone might steel the sheet. On the bright side, it should be fairly > easy to write an OTP calculator that run on a cell phone, such as an > S60-based Nokia phones or an iPhone. > > I'd say that the only advantage of OPIE today is that it's free. > > DES > -- > Dag-Erling Sm=F8rgrav - des@des.no >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?670f29e20807082355j590a23aax6335ee3d6480d96b>