[PATCH] Introducing Zero-Knowledge user authentication
Darren Tucker
dtucker at zip.com.au
Thu Nov 24 21:47:05 EST 2005
On Tue, Nov 22, 2005 at 09:49:40PM +0100, Andreas Gaupmann wrote:
> First we would like to describe the purpose of using Zero-Knowledge (ZK) for
> user authentication. Traditional authentication methods like
> challenge-response with passwords or public keys leak information about the
> credentials of a user
I'm not qualified to comment on the crypto aspects nor on the prospects
for inclusion. That said, I have some comments on the patch itself.
Obviously password or C/R authentication leaks authentication information
to the server, but how does public-key? (assuming the public-key
algorithm has not been broken) Are you referring to a server collecting
signatures with various sessionids?
>From the patch, it looks like multiple rounds are required. What impact
does that have on the authentication times, particularly on high-latency
links?
You use the string "oo-zk" in the SSH protocol to identify the publickey
mechanism you implement. Unless this has been registered with IANA you
should use a local method (ie "oo-zk at yourdomain.org") as specified in
section 6 of the "SSH Protocol Architecture" document.
The OpenBSD patch on your page includes all of the *.orig files, which
makes it hard to read.
Some of the files you add are under the GPL. This isn't a problem while
you're publishing it as a patch, but it would prevent it from being
incorporated.
You also have some minor errors in the patch (use of C++/c99 "//" style
comments, declarations after code eg in key_fingerprint_raw()). While
some compilers will permit those, some won't. There's also some
whitespace-only changes which are unnecessary.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list