Hi , Iam trying to choose OPIE as my OTP implementation for authenticating the clients. I have the following queries, could anyone please let me know these -- why does the challenge in OPIE are in predetermined form.. is it for determining the decryption key for the encrypted passphrase(stored in opiekeys). -- is it possible to generate random challenges using opiechallenge Any pointers/links will be very much helpful. Regards, Ivan
"Ivan Grover" <ivangrvr299@gmail.com> writes:> Iam trying to choose OPIE as my OTP implementation for authenticating the > clients. I have the following queries, could anyone please let me know these > -- why does the challenge in OPIE are in predetermined form.. > is it for determining the decryption key for the encrypted passphrase(stored > in opiekeys).There is no encryption involved; OPIE is based on a one-way hash function (usually MD5). I'm not sure what you mean by "predetermined form", but one of the features of OPIE is that you should be able to use it even when you don't have a key calculator, by pre-generating and printing a list of responses.> -- is it possible to generate random challenges using opiechallengeNo. There is a random seed, but it remains the same until you either run out of keys or generate a new series.> Any pointers/links will be very much helpful.The opie(4) man page describes the algorithm. DES -- Dag-Erling Sm?rgrav - des@des.no
Thank you so much for your responses. By "predetermined ", i meant the challenges appear sequentially in decremented fashion, so are we aware of any security hole with this. I ask this because usually the challenge/response implementations consider generating random challenges( i think here they have a weakness where the passphrase need to be in clear text). My problem is to determine the best challenge/response implementation for authenticating the clients. Please correct me if i missed something. Thanks and Regards, Ivan On Tue, Jul 8, 2008 at 5:00 PM, Peter Jeremy <peterjeremy@optushome.com.au> wrote:> On 2008-Jul-08 15:46:37 +0530, Ivan Grover <ivangrvr299@gmail.com> wrote: > >Iam trying to choose OPIE as my OTP implementation for authenticating the > >clients. I have the following queries, could anyone please let me know > these > >-- why does the challenge in OPIE are in predetermined form.. > >is it for determining the decryption key for the encrypted > passphrase(stored > >in opiekeys). > > The passphrase is not encrypted - it is hashed and cannot be "decrypted". > Basically, the passphrase and seed are concatenated and the result is > hashed (using MD5) the number of times specified by the iteration count > and the seed, count and final hash are stored in /etc/opiekeys. > > The supplied response is easily verified because when you run it thru > MD5, you should get the hash in /etc/opiekeys. You then replace that > hash with the one the user supplied. > > >-- is it possible to generate random challenges using opiechallenge > > No. The seed has to match the seed that was used to generate the > hash with opiepasswd. > > -- > Peter Jeremy > Please excuse any delays as the result of my ISP's inability to implement > an MTA that is either RFC2821-compliant or matches their claimed behaviour. >
On 2008-Jul-08 15:46:37 +0530, Ivan Grover <ivangrvr299@gmail.com> wrote:>Iam trying to choose OPIE as my OTP implementation for authenticating the >clients. I have the following queries, could anyone please let me know these >-- why does the challenge in OPIE are in predetermined form.. >is it for determining the decryption key for the encrypted passphrase(stored >in opiekeys).The passphrase is not encrypted - it is hashed and cannot be "decrypted". Basically, the passphrase and seed are concatenated and the result is hashed (using MD5) the number of times specified by the iteration count and the seed, count and final hash are stored in /etc/opiekeys. The supplied response is easily verified because when you run it thru MD5, you should get the hash in /etc/opiekeys. You then replace that hash with the one the user supplied.>-- is it possible to generate random challenges using opiechallengeNo. The seed has to match the seed that was used to generate the hash with opiepasswd. -- Peter Jeremy Please excuse any delays as the result of my ISP's inability to implement an MTA that is either RFC2821-compliant or matches their claimed behaviour. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 195 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20080709/a7fee300/attachment-0001.pgp