Re: public key password authentication

Hallvard B Furuseth <h.b.furuseth@xxxxxxxxxxx> writes:
Are there useful and efficient password auth methods where the server
admin, possessing a user's server-side secret and a log of his auth
sessions, will not learn how to authenticate as the user?

there original kerberos pk-init draft ... simply allowed for registering
a public key in lieu of a password. the server then presented some
random data to the client ... which was digitally signed ... and the
server verified the digital signature with the on-file public
key. public/private key operation basically is countermeasure to "replay
attacks" i.e. presentation of static authentication data than can be
evesdropped and replayed. Having the client digitally sign some server
supplied random data is similarly a countermeasure to replay attacks
(where the attacker evesdrops an digital signature that is always the
same). the other characteristic of public/private key operation is that
the information used to verify the digital signature isn't what is used
to generate the digital signature.

no, depending on the public/private key technology chosen there can be a
significant difference in the efficiency in the verifying of the digital
signature.

it wasn't until later that pki and digital certificate based operation
was addeded to kerberos pk-init operation ... along with all the
additional complexity, overhead, and waste.

aka ... PKI and digital certificate paradigm is for the situation
analogous to the letters of credit/introduction from the sailing ship
days (and earlier) ... where the relying party has absolutely no prior
knowledge of the stranger that they are dealing with ... and absolutely
no other means of obtaining that information. By definition, if the
client has to (pre)register anything with the server ... it invalidates
the assumptions justifying the complex PKI operations and making the
digital certificates redundant and superfluous.

lots of past posts mentioning kerberos pk-init
http://www.garlic.com/~lynn/subpubkey.html#kerberos

the other widely deployed and prevalent authentication infrastrature
found in the internet world is radius ... and there have been similar
simple definitions/implementations for radius ... where a public key is
registered in lieu of a password
http://www.garlic.com/~lynn/subpubkey.html#radius
.

Relevant Pages

  • Re: SSL - Different procedures to authenticate Server and Client
    ... Successful key exchange and the commencement of symmetric encryption using that key thus has implicitly verified the server's digital signature. ... SSL - Different procedures to authenticate Server and Client ... the public key in the certificate. ...
    (Security-Basics)
  • Re: Which public key was used?
    ... They access the server via SSH using public/private key authentication. ... Impossibility of determination who was doing what is one of reasons. ... I do need to give access to a single account to many people. ...
    (comp.unix.shell)
  • How do I create a Digital Signature using MS Win 2003 SBS?
    ... Can I get Microsoft Certificate Server to create a Digital Signature ... Right now we have to have security set to Low in Access in order to use ...
    (microsoft.public.windows.server.sbs)
  • Re: Assign different digital certificate
    ... I think that if you do your digital signature with the mime/smime ... you only have -one cert per server group-, ... signature" pipeline component, with those properties set at runtime, ...
    (microsoft.public.biztalk.general)
  • Re: public key vs passwd authentication?
    ... > 1) digital signature authenticates both the entity as well as the ... > 2) digital signature can operate with message originating from the ... server uses the same password addendas for all accounts ... then signals transmission error/drop to the client once the response ...
    (comp.security.ssh)