[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPSRA and "legacy systems"

"Steven M. Bellovin" wrote:

> Presumably, you're talking about schemes like EKE, SPEKE, and SRP.  Obviously
> -- as the co-inventor of one of them -- I applaud the concept.  But I'm not
> convinced that we can make them work here.  Other than plaintext passwords,
> the most important legacy scheme is the SecurID card, where the two parties
> don't have an accessible shared secret.  The user's secret is buried inside
> the card; it's used (in effect) to encrypt a timer.  The server has the secret,
> but it doesn't have a strong idea of the user's timer's accuracy.  Instead, it
> accepts any encrypted values that would result from a range of times.  Can we
> make any of those schemes work with SecurID cards?  I'm not convinced.
Furthermore, in large companies, there's lots of legacy *infrastructure* to
  support the legacy *mechanism*, along with the *credentials*.

No amount of "gee, you don't have to use passwords in the same old way" is
going to
  change the fact that changing largish infrastructures overnight just doesn't
  work.  I work for a moderately large concern, and I can tell you that
  changes happen slowly, which unfortunately means living with the mechanism
  for quite some time.