Network Working Group C. Newman
Request for Comments: 2444 Innosoft
Updates: 2222 October 1998
Category: Standards Track
Network Working Group C. Newman
Request for Comments: 2444 Innosoft
Updates: 2222 October 1998
Category: Standards Track
The One-Time-Password SASL Mechanism
一次性口令SASL机制
Status of this Memo
本备忘录的状况
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
本文件规定了互联网社区的互联网标准跟踪协议,并要求进行讨论和提出改进建议。有关本协议的标准化状态和状态,请参考当前版本的“互联网官方协议标准”(STD 1)。本备忘录的分发不受限制。
Copyright Notice
版权公告
Copyright (C) The Internet Society (1998). All Rights Reserved.
版权所有(C)互联网协会(1998年)。版权所有。
Abstract
摘要
OTP [OTP] provides a useful authentication mechanism for situations where there is limited client or server trust. Currently, OTP is added to protocols in an ad-hoc fashion with heuristic parsing. This specification defines an OTP SASL [SASL] mechanism so it can be easily and formally integrated into many application protocols.
OTP[OTP]为客户端或服务器信任有限的情况提供了一种有用的身份验证机制。目前,OTP以一种带有启发式解析的特别方式添加到协议中。该规范定义了OTP SASL[SASL]机制,因此可以轻松、正式地集成到许多应用程序协议中。
The key words "MUST", "MUST NOT", "REQUIRED", "SHOULD", "SHOULD NOT", "RECOMMENDED" and "MAY" in this document are to be interpreted as defined in "Key words for use in RFCs to Indicate Requirement Levels" [KEYWORDS].
本文件中的关键词“必须”、“不得”、“必需”、“应该”、“不应该”、“建议”和“可能”应按照“RFC中用于指示需求水平的关键词”[关键词]中的定义进行解释。
This memo assumes the reader is familiar with OTP [OTP], OTP extended responses [OTP-EXT] and SASL [SASL].
本备忘录假设读者熟悉OTP[OTP]、OTP扩展响应[OTP-EXT]和SASL[SASL]。
The OTP SASL mechanism replaces the SKEY SASL mechanism [SASL]. OTP is a good choice for usage scenarios where the client is untrusted (e.g., a kiosk client), as a one-time password will only give the client a single opportunity to act on behalf of the user. OTP is also a good choice for situations where interactive logins are permitted to the server, as a compromised OTP authentication database is only subject to dictionary attacks, unlike authentication databases for other simple mechanisms such as CRAM-MD5 [CRAM-MD5].
OTP SASL机制取代了SKEY SASL机制[SASL]。OTP对于客户端不受信任的使用场景(例如,kiosk客户端)是一个不错的选择,因为一次性密码只会给客户端一次代表用户行事的机会。OTP对于允许服务器进行交互式登录的情况也是一个不错的选择,因为受损的OTP身份验证数据库只会受到字典攻击,而不像其他简单机制(如CRAM-MD5[CRAM-MD5])的身份验证数据库。
It is important to note that each use of the OTP mechanism causes the authentication database entry for a user to be updated.
需要注意的是,每次使用OTP机制都会导致更新用户的身份验证数据库条目。
This SASL mechanism provides a formal way to integrate OTP into SASL-enabled protocols including IMAP [IMAP4], ACAP [ACAP], POP3 [POP-AUTH] and LDAPv3 [LDAPv3].
这种SASL机制提供了一种将OTP集成到支持SASL的协议中的正式方法,包括IMAP[IMAP4]、ACAP[ACAP]、POP3[POP-AUTH]和LDAPv3[LDAPv3]。
OTP [OTP] and OTP extended responses [OTP-EXT] offer a number of options. However, for authentication to succeed, the client and server need compatible option sets. This specification defines a single SASL mechanism: OTP. The following rules apply to this mechanism:
OTP[OTP]和OTP扩展响应[OTP-EXT]提供了许多选项。但是,要使身份验证成功,客户端和服务器需要兼容的选项集。本规范定义了单个SASL机制:OTP。以下规则适用于该机制:
o The extended response syntax MUST be used.
o 必须使用扩展响应语法。
o Servers MUST support the following four OTP extended responses: "hex", "word", "init-hex" and "init-word". Servers MUST support the "word" and "init-word" responses for the standard dictionary and SHOULD support alternate dictionaries. Servers MUST NOT require use of any additional OTP extensions or options.
o 服务器必须支持以下四个OTP扩展响应:“hex”、“word”、“init hex”和“init word”。服务器必须支持标准字典的“word”和“init word”响应,并且应该支持备用字典。服务器不得要求使用任何其他OTP扩展或选项。
o Clients SHOULD support display of the OTP challenge to the user and entry of an OTP in multi-word format. Clients MAY also support direct entry of the pass phrase and compute the "hex" or "word" response.
o 客户端应支持向用户显示OTP质询,并以多字格式输入OTP。客户端还可以支持直接输入密码短语并计算“十六进制”或“单词”响应。
o Clients MUST indicate when authentication fails due to the sequence number getting too low and SHOULD offer the user the option to reset the sequence using the "init-hex" or "init-word" response.
o 当由于序列号过低而导致身份验证失败时,客户端必须指出,并应向用户提供使用“init hex”或“init word”响应重置序列的选项。
Support for the MD5 algorithm is REQUIRED, and support for the SHA1 algorithm is RECOMMENDED.
需要支持MD5算法,建议支持SHA1算法。
The mechanism does not provide any security layer.
该机制不提供任何安全层。
The client begins by sending a message to the server containing the following two pieces of information.
客户端首先向服务器发送包含以下两条信息的消息。
(1) An authorization identity. When the empty string is used, this defaults to the authentication identity. This is used by system administrators or proxy servers to login with a different user identity. This field may be up to 255 octets and is terminated by a NUL (0) octet. US-ASCII printable characters are preferred, although
(1) 授权标识。使用空字符串时,默认为身份验证标识。系统管理员或代理服务器使用此选项以不同的用户身份登录。此字段最多可包含255个八位字节,并以NUL(0)个八位字节结尾。US-ASCII可打印字符是首选,但
UTF-8 [UTF-8] printable characters are permitted to support international names. Use of character sets other than US-ASCII and UTF-8 is forbidden.
允许UTF-8[UTF-8]可打印字符支持国际名称。禁止使用US-ASCII和UTF-8以外的字符集。
(2) An authentication identity. The identity whose pass phrase will be used. This field may be up to 255 octets. US-ASCII printable characters are preferred, although UTF-8 [UTF-8] printable characters are permitted to support international names. Use of character sets other than US-ASCII and UTF-8 is forbidden.
(2) 身份验证标识。将使用其通行短语的标识。此字段最多可包含255个八位字节。首选US-ASCII可打印字符,尽管允许UTF-8[UTF-8]可打印字符支持国际名称。禁止使用US-ASCII和UTF-8以外的字符集。
The server responds by sending a message containing the OTP challenge as described in OTP [OTP] and OTP extended responses [OTP-EXT].
服务器通过发送包含OTP[OTP]和OTP扩展响应[OTP-EXT]中描述的OTP质询的消息进行响应。
If a client sees an unknown hash algorithm name it will not be able to process a pass phrase input by the user. In this situation the client MAY prompt for the six-word format, issue the cancel sequence as specified by the SASL profile for the protocol in use and try a different SASL mechanism, or close the connection and refuse to authenticate. As a result of this behavior, a server is restricted to one OTP hash algorithm per user.
如果客户端看到未知的哈希算法名称,它将无法处理用户输入的密码短语。在这种情况下,客户端可能会提示输入六字格式,为正在使用的协议发出SASL配置文件指定的取消序列,并尝试不同的SASL机制,或者关闭连接并拒绝身份验证。由于这种行为,服务器被限制为每个用户一个OTP哈希算法。
On success, the client generates an extended response in the "hex", "word", "init-hex" or "init-word" format. The client is not required to terminate the response with a space or a newline and SHOULD NOT include unnecessary whitespace.
成功后,客户端将以“hex”、“word”、“init hex”或“init word”格式生成扩展响应。客户端无需使用空格或换行符终止响应,并且不应包含不必要的空格。
Servers MUST tolerate input of arbitrary length, but MAY fail the authentication if the length of client input exceeds reasonable size.
服务器必须允许任意长度的输入,但如果客户端输入的长度超过合理的大小,则可能会导致身份验证失败。
In these example, "C:" represents lines sent from the client to the server and "S:" represents lines sent from the server to the client. The user name is "tim" and no authorization identity is provided. The "<NUL>" below represents an ASCII NUL octet.
在这些示例中,“C:”表示从客户端发送到服务器的行,“S:”表示从服务器发送到客户端的行。用户名为“tim”,未提供授权标识。下面的“<NUL>”表示ASCII NUL八位字节。
The following is an example of the OTP mechanism using the ACAP [ACAP] profile of SASL. The pass phrase used in this example is: This is a test.
以下是使用SASL的ACAP[ACAP]配置文件的OTP机制示例。本例中使用的pass短语是:这是一个测试。
C: a001 AUTHENTICATE "OTP" {4}
C: <NUL>tim
S: + "otp-md5 499 ke1234 ext"
C: "hex:5bf075d9959d036f"
S: a001 OK "AUTHENTICATE completed"
C: a001 AUTHENTICATE "OTP" {4}
C: <NUL>tim
S: + "otp-md5 499 ke1234 ext"
C: "hex:5bf075d9959d036f"
S: a001 OK "AUTHENTICATE completed"
Here is the same example using the six-words response:
以下是使用六个单词回答的相同示例:
C: a001 AUTHENTICATE "OTP" {4}
C: <NUL>tim
S: + "otp-md5 499 ke1234 ext"
C: "word:BOND FOGY DRAB NE RISE MART"
S: a001 OK "AUTHENTICATE completed"
C: a001 AUTHENTICATE "OTP" {4}
C: <NUL>tim
S: + "otp-md5 499 ke1234 ext"
C: "word:BOND FOGY DRAB NE RISE MART"
S: a001 OK "AUTHENTICATE completed"
Here is the same example using the OTP-SHA1 mechanism:
下面是使用OTP-SHA1机制的相同示例:
C: a001 AUTHENTICATE "OTP" {4}
C: <NUL>tim
S: + "otp-sha1 499 ke1234 ext"
C: "hex:c90fc02cc488df5e"
S: a001 OK "AUTHENTICATE completed"
C: a001 AUTHENTICATE "OTP" {4}
C: <NUL>tim
S: + "otp-sha1 499 ke1234 ext"
C: "hex:c90fc02cc488df5e"
S: a001 OK "AUTHENTICATE completed"
Here is the same example with the init-hex extended response
下面是与init hex扩展响应相同的示例
C: a001 AUTHENTICATE "OTP" {4}
C: <NUL>tim
S: + "otp-md5 499 ke1234 ext"
C: "init-hex:5bf075d9959d036f:md5 499 ke1235:3712dcb4aa5316c1"
S: a001 OK "OTP sequence reset, authentication complete"
C: a001 AUTHENTICATE "OTP" {4}
C: <NUL>tim
S: + "otp-md5 499 ke1234 ext"
C: "init-hex:5bf075d9959d036f:md5 499 ke1235:3712dcb4aa5316c1"
S: a001 OK "OTP sequence reset, authentication complete"
The following is an example of the OTP mechanism using the IMAP [IMAP4] profile of SASL. The pass phrase used in this example is: this is a test
下面是使用SASL的IMAP[IMAP4]配置文件的OTP机制示例。本例中使用的pass短语是:这是一个测试
C: a001 AUTHENTICATE OTP
S: +
C: AHRpbQ==
S: + b3RwLW1kNSAxMjMga2UxMjM0IGV4dA==
C: aGV4OjExZDRjMTQ3ZTIyN2MxZjE=
S: a001 OK AUTHENTICATE completed
C: a001 AUTHENTICATE OTP
S: +
C: AHRpbQ==
S: + b3RwLW1kNSAxMjMga2UxMjM0IGV4dA==
C: aGV4OjExZDRjMTQ3ZTIyN2MxZjE=
S: a001 OK AUTHENTICATE completed
Note that the lack of an initial client response and the base64 encoding are characteristics of the IMAP profile of SASL. The server challenge is "otp-md5 123 ke1234 ext" and the client response is "hex:11d4c147e227c1f1".
请注意,缺少初始客户端响应和base64编码是SASL的IMAP配置文件的特征。服务器质询为“otp-md5 123 ke1234 ext”,客户端响应为“hex:11d4c147e227c1f1”。
This specification introduces no security considerations beyond those those described in SASL [SASL], OTP [OTP] and OTP extended responses [OTP-EXT]. A brief summary of these considerations follows:
除了SASL[SASL]、OTP[OTP]和OTP扩展响应[OTP-EXT]中描述的安全注意事项外,本规范未引入其他安全注意事项。这些考虑事项的简要总结如下:
This mechanism does not provide session privacy, server authentication or protection from active attacks.
此机制不提供会话隐私、服务器身份验证或主动攻击保护。
This mechanism is subject to passive dictionary attacks. The severity of this attack can be reduced by choosing pass phrases well.
此机制会受到被动字典攻击。通过正确选择通行短语,可以降低此攻击的严重性。
The server authentication database necessary for use with OTP need not be plaintext-equivalent.
与OTP一起使用所需的服务器身份验证数据库不必是纯文本等效数据库。
Server implementations MUST protect against the race attack [OTP].
服务器实现必须防止竞争攻击[OTP]。
As remote access is a crucial service, users are encouraged to restrict user names and pass phrases to the US-ASCII character set. However, if characters outside the US-ASCII chracter set are used in user names and pass phrases, then they are interpreted according to UTF-8 [UTF-8].
由于远程访问是一项至关重要的服务,因此鼓励用户限制用户名并将短语传递给US-ASCII字符集。但是,如果用户名和密码短语中使用US-ASCII字符集之外的字符,则将根据UTF-8[UTF-8]对其进行解释。
Server support for alternate dictionaries is strongly RECOMMENDED to permit use of the six-word format with non-English words.
强烈建议服务器支持备用字典,以允许对非英语单词使用六字格式。
Here is the registration template for the OTP SASL mechanism:
以下是OTP SASL机制的注册模板:
SASL mechanism name: OTP Security Considerations: See section 6 of this memo Published specification: this memo Person & email address to contact for futher information: see author's address section below Intended usage: COMMON Author/Change controller: see author's address section below
SASL机制名称:OTP安全注意事项:参见本备忘录第6节发布规范:本备忘录联系人和电子邮件地址以获取更多信息:参见下面的作者地址部分预期用途:通用作者/变更控制者:参见下面的作者地址部分
This memo also amends the SKEY SASL mechanism registration [SASL] by changing its intended usage to OBSOLETE.
本备忘录还修改了SKEY SASL机制注册[SASL],将其预期用途更改为过时。
[ACAP] Newman, C. and J. Myers, "ACAP -- Application Configuration Access Protocol", RFC 2244, November 1997.
[ACAP]Newman,C.和J.Myers,“ACAP——应用程序配置访问协议”,RFC22441997年11月。
[CRAM-MD5] Klensin, J., Catoe, R. and P. Krumviede, "IMAP/POP AUTHorize Extension for Simple Challenge/Response", RFC 2195, September 1997.
[CRAM-MD5]Klensin,J.,Catoe,R.和P.Krumviede,“简单质询/响应的IMAP/POP授权扩展”,RFC 21951997年9月。
[IMAP4] Crispin, M., "Internet Message Access Protocol - Version 4rev1", RFC 2060, December 1996.
[IMAP4]Crispin,M.,“互联网消息访问协议-版本4rev1”,RFC20601996年12月。
[KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[关键词]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[LDAPv3] Wahl, M., Howes, T. and S. Kille, "Lightweight Directory Access Protocol (v3)", RFC 2251, December 1997.
[LDAPv3]Wahl,M.,Howes,T.和S.Kille,“轻量级目录访问协议(v3)”,RFC 2251,1997年12月。
[MD5] Rivest, R., "The MD5 Message Digest Algorithm", RFC 1321, April 1992.
[MD5]Rivest,R.,“MD5消息摘要算法”,RFC 13211992年4月。
[OTP] Haller, N., Metz, C., Nesser, P. and M. Straw, "A One-Time Password System", RFC 2289, February 1998.
[OTP]Haller,N.,Metz,C.,Nesser,P.和M.Straw,“一次性密码系统”,RFC 2289,1998年2月。
[OTP-EXT] Metz, C., "OTP Extended Responses", RFC 2243, November 1997.
[OTP-EXT]Metz,C.,“OTP扩展响应”,RFC 2243,1997年11月。
[POP-AUTH] Myers, J., "POP3 AUTHentication command", RFC 1734, December 1994.
[POP-AUTH]迈尔斯,J.,“POP3认证命令”,RFC 17341994年12月。
[SASL] Myers, J., "Simple Authentication and Security Layer (SASL)", RFC 2222, October 1997.
[SASL]迈尔斯,J.,“简单认证和安全层(SASL)”,RFC22221997年10月。
[UTF-8] Yergeau, F., "UTF-8, a transformation format of ISO 10646", RFC 2279, January 1998.
[UTF-8]Yergeau,F.,“UTF-8,ISO 10646的转换格式”,RFC 2279,1998年1月。
Chris Newman Innosoft International, Inc. 1050 Lakes Drive West Covina, CA 91790 USA
Chris Newman Innosoft International,Inc.美国加利福尼亚州西科维纳湖大道1050号,邮编:91790
EMail: chris.newman@innosoft.com
EMail: chris.newman@innosoft.com
Copyright (C) The Internet Society (1998). All Rights Reserved.
版权所有(C)互联网协会(1998年)。版权所有。
This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English.
本文件及其译本可复制并提供给他人,对其进行评论或解释或协助其实施的衍生作品可全部或部分编制、复制、出版和分发,不受任何限制,前提是上述版权声明和本段包含在所有此类副本和衍生作品中。但是,不得以任何方式修改本文件本身,例如删除版权通知或对互联网协会或其他互联网组织的引用,除非出于制定互联网标准的需要,在这种情况下,必须遵循互联网标准过程中定义的版权程序,或根据需要将其翻译成英语以外的其他语言。
The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns.
上述授予的有限许可是永久性的,互联网协会或其继承人或受让人不会撤销。
This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件和其中包含的信息是按“原样”提供的,互联网协会和互联网工程任务组否认所有明示或暗示的保证,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。