eap-9----Page:3
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
|
State of affairs Current EAP support for OTP algorithms is poor GTC User Prompts are text sent from server to client Unilateral authentication No generation of keying material EAP OTP Despite it’s name, a specialized method for a particular algorithm (S/Key). No generation of keying material, no session resume EAP MS-Chap Challenge-Response based Requires MD4, DES. No features to slow down attacker Lack of suitable support motivates us to develop a new EAP method oriented towards OTP Tokens Protocol should be usable for handheld and machine readable devices |