The EAP Protected One-Time Password Protocol (EAP-POTP)
RFC 4793
Document | Type |
RFC
- Informational
(February 2007)
Was
draft-nystrom-eap-potp
(individual in int area)
|
|
---|---|---|---|
Author | Magnus Nyström | ||
Last updated | 2015-10-14 | ||
RFC stream | Internet Engineering Task Force (IETF) | ||
Formats | |||
IESG | Responsible AD | Jari Arkko | |
Send notices to | (None) |
RFC 4793
Network Working Group M. Nystroem Request for Comments: 4793 RSA Security Category: Informational February 2007 The EAP Protected One-Time Password Protocol (EAP-POTP) Status of This Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The IETF Trust (2007). Abstract This document describes a general Extensible Authentication Protocol (EAP) method suitable for use with One-Time Password (OTP) tokens, and offers particular advantages for tokens with direct electronic interfaces to their associated clients. The method can be used to provide unilateral or mutual authentication, and key material, in protocols utilizing EAP, such as PPP, IEEE 802.1X, and Internet Key Exchange Protocol Version 2 (IKEv2). Nystroem Informational [Page 1] RFC 4793 EAP-POTP February 2007 Table of Contents 1. Introduction ....................................................4 1.1. Scope ......................................................4 1.2. Background .................................................4 1.3. Rationale behind the Design ................................4 1.4. Relationship with EAP Methods in RFC 3748 ..................5 2. Conventions Used in This Document ...............................5 3. Authentication Model ............................................5 4. Description of the EAP-POTP Method ..............................6 4.1. Overview ...................................................6 4.2. Version Negotiation ........................................9 4.3. Cryptographic Algorithm Negotiation .......................10 4.4. Session Resumption ........................................11 4.5. Key Derivation and Session Identifiers ....................13 4.6. Error Handling and Result Indications .....................13 4.7. Use of the EAP Notification Method ........................14 4.8. Protection against Brute-Force Attacks ....................14 4.9. MAC Calculations in EAP-POTP ..............................16 4.9.1. Introduction .......................................16 4.9.2. MAC Calculation ....................................16 4.9.3. Message Hash Algorithm .............................16 4.9.4. Design Rationale ...................................17 4.9.5. Implementation Considerations ......................17 4.10. EAP-POTP Packet Format ...................................17 4.11. EAP-POTP TLV Objects .....................................20 4.11.1. Version TLV .......................................20 4.11.2. Server-Info TLV ...................................21 4.11.3. OTP TLV ...........................................23 4.11.4. NAK TLV ...........................................33 4.11.5. New PIN TLV .......................................35 4.11.6. Confirm TLV .......................................38 4.11.7. Vendor-Specific TLV ...............................41 4.11.8. Resume TLV ........................................43 4.11.9. User Identifier TLV ...............................46 4.11.10. Token Key Identifier TLV .........................47 4.11.11. Time Stamp TLV ...................................48 4.11.12. Counter TLV ......................................49 4.11.13. Challenge TLV ....................................50 4.11.14. Keep-Alive TLV ...................................51 4.11.15. Protected TLV ....................................52 4.11.16. Crypto Algorithm TLV .............................54 5. EAP Key Management Framework Considerations ....................57 6. Security Considerations ........................................57 6.1. Security Claims ...........................................57 6.2. Passive and Active Attacks ................................58 6.3. Denial-of-Service Attacks .................................59 6.4. The Use of Pepper .........................................59 Nystroem Informational [Page 2] RFC 4793 EAP-POTP February 2007 6.5. The Race Attack ...........................................60 7. IANA Considerations ............................................60 7.1. General ...................................................60 7.2. Cryptographic Algorithm Identifier Octets .................61