RFC 4793:The EAP Protected One-Time Password Proto...
RFC-Ref

The EAP Protected One-Time Password Protocol (EAP-POTP)


1. Introduction
1.1. Scope
1.2. Background
1.3. Rationale behind the Design
1.4. Relationship with EAP Methods in RFC 3748
2. Conventions Used in This Document
3. Authentication Model
4. Description of the EAP-POTP Method
4.1. Overview
4.2. Version Negotiation
4.3. Cryptographic Algorithm Negotiation
4.4. Session Resumption
4.5. Key Derivation and Session Identifiers
4.6. Error Handling and Result Indications
4.7. Use of the EAP Notification Method
4.8. Protection against Brute-Force Attacks
4.9. MAC Calculations in EAP-POTP
4.9.1. Introduction
4.9.2. MAC Calculation
4.9.3. Message Hash Algorithm
4.9.4. Design Rationale
4.9.5. Implementation Considerations
4.10. EAP-POTP Packet Format
4.11. EAP-POTP TLV Objects
4.11.1. Version TLV
4.11.2. Server-Info TLV
4.11.3. OTP TLV
4.11.4. NAK TLV
4.11.5. New PIN TLV
4.11.6. Confirm TLV
4.11.7. Vendor-Specific TLV
4.11.8. Resume TLV
4.11.9. User Identifier TLV
4.11.10. Token Key Identifier TLV
4.11.11. Time Stamp TLV
4.11.12. Counter TLV
4.11.13. Challenge TLV
4.11.14. Keep-Alive TLV
4.11.15. Protected TLV
4.11.16. Crypto Algorithm TLV
5. EAP Key Management Framework Considerations
6. Security Considerations
6.1. Security Claims
6.2. Passive and Active Attacks
6.3. Denial-of-Service Attacks
6.4. The Use of Pepper
6.5. The Race Attack
7. IANA Considerations
7.1. General
7.2. Cryptographic Algorithm Identifier Octets
8. Intellectual Property Considerations
9. Acknowledgments
10. References
10.1. Normative References
10.2. Informative References
11. Appendix A. Profile of EAP-POTP for RSA SecurID
12. Appendix B. Examples of EAP-POTP Exchanges
13. Appendix C. Use of the MPPE-Send/Receive-Key RADIUS Attributes
14. Appendix D. Key Strength Considerations
15. Author's Address
16. Full Copyright Statement
17. Intellectual Property
18. Acknowledgement

Google
Web
RFC-Ref
RFC-Ref.org
Frontpage
Global Index
RFC
Sister Sites
Chess-Ref.org
Law-Ref.org
InChI.info
Zvon.org