draft-ietf-krb-wg-kerberos-sam-00.txt   draft-ietf-krb-wg-kerberos-sam-01.txt 
INTERNET-DRAFT Clifford Neuman INTERNET-DRAFT Clifford Neuman
<draft-ietf-krb-wg-kerberos-sam-00.txt> ISI <draft-ietf-krb-wg-kerberos-sam-01.txt> ISI
Updates: RFC 1510 Glen Zorn Updates: RFC 1510 Glen Zorn
September 18, 2002 Cisco Systems October 1, 2002 Cisco Systems
Ken Hornstein Ken Hornstein
Naval Research Laboratory Naval Research Laboratory
Ken Renard Ken Renard
WareOnEarth WareOnEarth
Integrating Single-use Authentication Mechanisms with Kerberos Integrating Single-use Authentication Mechanisms with Kerberos
0. Status Of this Memo 0. Status Of this Memo
This document is an Internet-Draft and is subject to all provisions This document is an Internet-Draft and is subject to all provisions
of Section 10 of RFC2026. Internet-Drafts are working documents of of Section 10 of RFC2026. Internet-Drafts are working documents of
skipping to change at page 1, line 34 skipping to change at page 1, line 34
reference material or to cite them other than as ``work in pro- reference material or to cite them other than as ``work in pro-
gress.'' gress.''
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/1id-abstracts.html http://www.ietf.org/1id-abstracts.html
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html http://www.ietf.org/shadow.html
The distribution of this memo is unlimited. It is filed as The distribution of this memo is unlimited. It is filed as
<draft-ietf-kerberos-sam-00.txt>, and expires December 22, 2002. <draft-ietf-krb-wg-kerberos-sam-01.txt>, and expires April 2, 2003.
Please send comments to the authors. Please send comments to the authors.
1. Abstract 1. Abstract
This document defines extensions to the Kerberos protocol specifi- This document defines extensions to the Kerberos protocol specifi-
cation [RFC1510] which provide a method by which a variety of cation [RFC1510] which provide a method by which a variety of
single-use authentication mechanisms may be supported within the single-use authentication mechanisms may be supported within the
protocol. The method defined specifies a standard fashion in which protocol. The method defined specifies a standard fashion in which
the preauthentication data and error data fields in Kerberos mes- the preauthentication data and error data fields in Kerberos mes-
sages may be used to support single-use authentication mechanisms. sages may be used to support single-use authentication mechanisms.
skipping to change at page 5, line 24 skipping to change at page 5, line 24
used. This includes whether a challenge is required, and if so, used. This includes whether a challenge is required, and if so,
the challenge itself; and informational data about the type of SAM the challenge itself; and informational data about the type of SAM
that is in use, and how to prompt for the SAD. The SAM type is that is in use, and how to prompt for the SAD. The SAM type is
informational only and does not affect the behavior of the client. informational only and does not affect the behavior of the client.
The prompt is also informational and may be presented to the user The prompt is also informational and may be presented to the user
by the client, or it may be safely ignored. by the client, or it may be safely ignored.
The ASN.1 definition for the SAM challenge is: The ASN.1 definition for the SAM challenge is:
PA-SAM-CHALLENGE-2 ::= SEQUENCE { PA-SAM-CHALLENGE-2 ::= SEQUENCE {
sam-body[0] PA-SAM-CHALLENGE-2-BODY,
sam-cksum[1] SEQUENCE(1..MAX) OF Checksum,
...
}
PA-SAM-CHALLENGE-2-BODY ::= SEQUENCE {
sam-type[0] INTEGER, sam-type[0] INTEGER,
sam-flags[1] SAMFlags, sam-flags[1] SAMFlags,
sam-type-name[2] GeneralString OPTIONAL, sam-type-name[2] GeneralString OPTIONAL,
sam-track-id[3] GeneralString OPTIONAL, sam-track-id[3] GeneralString OPTIONAL,
sam-challenge-label[4] GeneralString OPTIONAL, sam-challenge-label[4] GeneralString OPTIONAL,
sam-challenge[5] GeneralString OPTIONAL, sam-challenge[5] GeneralString OPTIONAL,
sam-response-prompt[6] GeneralString OPTIONAL, sam-response-prompt[6] GeneralString OPTIONAL,
sam-pk-for-sad[7] EncryptionKey OPTIONAL, sam-pk-for-sad[7] EncryptionKey OPTIONAL,
sam-nonce[8] INTEGER, sam-nonce[8] INTEGER,
sam-cksum[9] SEQUENCE OF Checksum, sam-etype[9] INTEGER,
sam-etype[10] INTEGER,
... ...
} }
SAMFlags ::= BIT STRING { SAMFlags ::= BIT STRING (SIZE (32..MAX))
use-sad-as-key[0], -- use-sad-as-key(0),
send-encrypted-sad[1], -- send-encrypted-sad(1),
must-pk-encrypt-sad[2], -- must-pk-encrypt-sad(2),
...
}
5.1.1 SAM-TYPE and SAM-TYPE-NAME Fields 5.1.1 SAM-TYPE and SAM-TYPE-NAME Fields
The sam-type field is informational only, but it must be specified The sam-type field is informational only, but it must be specified
and sam-type values must be registered with the IANA. and sam-type values must be registered with the IANA.
Initially defined values of the sam-type codes are: Initially defined values of the sam-type codes are:
PA_SAM_TYPE_ENIGMA 1 -- Enigma Logic PA_SAM_TYPE_ENIGMA 1 -- Enigma Logic
PA_SAM_TYPE_DIGI_PATH 2 -- Digital Pathways PA_SAM_TYPE_DIGI_PATH 2 -- Digital Pathways
skipping to change at page 10, line 27 skipping to change at page 10, line 31
5.3 SAM-RESPONSE PA-DATA 5.3 SAM-RESPONSE PA-DATA
The client will then send another KRB_AS_REQ message to the KDC, The client will then send another KRB_AS_REQ message to the KDC,
but with a padata field with padata-type equal to PA-SAM-RESPONSE-2 but with a padata field with padata-type equal to PA-SAM-RESPONSE-2
and padata-value defined as follows: and padata-value defined as follows:
PA-SAM-RESPONSE-2 ::= SEQUENCE { PA-SAM-RESPONSE-2 ::= SEQUENCE {
sam-type[0] INTEGER, sam-type[0] INTEGER,
sam-flags[1] SAMFlags, sam-flags[1] SAMFlags,
sam-track-id[2] GeneralString OPTIONAL, sam-track-id[2] GeneralString OPTIONAL,
sam-enc-nonce-or-sad[3] EncryptedData sam-enc-nonce-or-sad[3] EncryptedData,
-- PA-ENC-SAM-RESPONSE-ENC, -- PA-ENC-SAM-RESPONSE-ENC
sam-nonce[4] INTEGER, sam-nonce[4] INTEGER,
... ...
} }
PA-ENC-SAM-RESPONSE-ENC ::= SEQUENCE { PA-ENC-SAM-RESPONSE-ENC ::= SEQUENCE {
sam-nonce[0] INTEGER, sam-nonce[0] INTEGER,
sam-sad[1] GeneralString OPTIONAL, sam-sad[1] GeneralString OPTIONAL,
... ...
} }
skipping to change at page 10, line 57 skipping to change at page 11, line 8
message. message.
If no error reply was received (i.e., the client knows that a If no error reply was received (i.e., the client knows that a
single-use authentication mechanism is to be used), the sam-type single-use authentication mechanism is to be used), the sam-type
field must be set to a value chosen from the list of registered field must be set to a value chosen from the list of registered
sam-type codes. sam-type codes.
The value of the sam-flags field may vary depending upon the type The value of the sam-flags field may vary depending upon the type
of SAM in use, but in all cases the must-pk-encrypt-sad flag must of SAM in use, but in all cases the must-pk-encrypt-sad flag must
be zero. If the send-encrypted-sad flag is set, the sam-sad field be zero. If the send-encrypted-sad flag is set, the sam-sad field
must contain the entered single-use authentication data (see must contain the entered single-use authentication data (see Sec-
Section 5.3.3). tion 5.3.3).
5.3.2 SAM-TRACK-ID Field 5.3.2 SAM-TRACK-ID Field
Note that is there is no sam-track-id in the request, it should be Note that is there is no sam-track-id in the request, it should be
omitted in the response. Otherwise, the sam-track-id data must be omitted in the response. Otherwise, the sam-track-id data must be
copied from the SAM-CHALLENGE-2 to the SAM-RESPONSE-2. copied from the SAM-CHALLENGE-2 to the SAM-RESPONSE-2.
5.3.3 SAM-ENC-NONCE-OR-SAD 5.3.3 SAM-ENC-NONCE-OR-SAD
The sam-enc-nonce-or-sad field represends the results of the preau- The sam-enc-nonce-or-sad field represends the results of the preau-
skipping to change at page 12, line 54 skipping to change at page 12, line 57
decrypt the response and obtain the single-use authentication data. decrypt the response and obtain the single-use authentication data.
This is dependent on the SAM technology used. This is dependent on the SAM technology used.
If the KDC sets the must-pk-encrypt-sad flag of the sam-flags field If the KDC sets the must-pk-encrypt-sad flag of the sam-flags field
but the client software being used does not support public-key but the client software being used does not support public-key
cryptography, it is possible that legitimate users may be denied cryptography, it is possible that legitimate users may be denied
service. service.
An attacker in possession of the users encryption key (again, which An attacker in possession of the users encryption key (again, which
doesn't change from login to login) might be able to doesn't change from login to login) might be able to
generate/modify a SAM challenge and attach the appropriate check- generate/modify a SAM challenge and attach the appropriate
sum. This affects the security of both the send-encrypted-sad checksum. This affects the security of both the send-encrypted-sad
option and the must-pk-encrypt-sad option. option and the must-pk-encrypt-sad option.
8. Expiration 8. Expiration
This Internet-Draft expires on December 22, 2002. This Internet-Draft expires on April 2, 2003.
9. References 9. References
[RFC1510] [RFC1510]
The Kerberos Network Authentication System; Kohl and Neuman; The Kerberos Network Authentication System; Kohl and Neuman;
September 1993. September 1993.
[RFC1760] [RFC1760]
The S/Key One-Time Password System; Haller; February 1995 The S/Key One-Time Password System; Haller; February 1995
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/