Two factor autentication on Ciphersaber without loosing compatibility

From: giorgio.tani (giorgio.tani_at_email.it)
Date: 05/16/05


Date: 15 May 2005 23:59:53 -0700

Hi, I was thinking about practical problems implementing a two factor
autentication (in the sense, something you have and something you know)
on Ciphersaber without loosing compatibility with any other Ciphersaber
implementation.
In my mind, the user could be asked to insert a key file and a
passphrase, and may be allowed to skip any of the two stages in order
to make the application compatible with any other Cs. implementation.
The problem is that a generic Ciphersaber prepend the Initialization
Vector to the encrypted file, but with a two factor autentication we'll
have two keys to be seeded with the single IV...
If we prepend two IV's we will loose compatibility with a generic CS
implementation that expect a single IV, on the other side if we split
the IV, in example, in order to use the first half with the key from
the key file and the second half with the key from the passphrase we
will loose compatibilty as well since a non-two factor implementation
will logically use the full IV as usual.
So the two solution i wondered about introducing two factor
autentication without loosing full compatibility with other Ciphersaber
implementations are:
1) combining (many ways are possible) the two keys and then the IV and
send them to the Key Scheduling Algorithm, so we actually have the two
factor autentication but if only one key is missing the other key+IV
will work in the expected Ciphersaber-way;
2) combining the first key with the IV in the Ciphersaber-way, run KSA
then combine the second key with the same IV and run the KSA a second
time (this time the S-boxes will start with an arrangement resulting
from the first key scheduling), i wonder if this way has been used
before and if the reuse of the same IV in two consecutive stages have
known issues.