[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPSRA and "legacy systems"
"Steven M. Bellovin" wrote:
> Presumably, you're talking about schemes like EKE, SPEKE, and SRP. Obviously
> -- as the co-inventor of one of them -- I applaud the concept. But I'm not
> convinced that we can make them work here. Other than plaintext passwords,
> the most important legacy scheme is the SecurID card, where the two parties
> don't have an accessible shared secret. The user's secret is buried inside
> the card; it's used (in effect) to encrypt a timer. The server has the secret,
> but it doesn't have a strong idea of the user's timer's accuracy. Instead, it
> accepts any encrypted values that would result from a range of times. Can we
> make any of those schemes work with SecurID cards? I'm not convinced.
Furthermore, in large companies, there's lots of legacy *infrastructure* to
support the legacy *mechanism*, along with the *credentials*.
No amount of "gee, you don't have to use passwords in the same old way" is
change the fact that changing largish infrastructures overnight just doesn't
work. I work for a moderately large concern, and I can tell you that
changes happen slowly, which unfortunately means living with the mechanism
for quite some time.