[4864] in Kerberos
Proposal for a SmartCard-Kerberos Implementation
daemon@ATHENA.MIT.EDU (Clifford Neuman)
Sat Mar 25 12:20:54 1995
Date: Sat, 25 Mar 1995 09:06:54 -0800
From: Clifford Neuman <bcn@ISI.EDU>
To: kdrenard@arl.mil
Cc: kerberos@MIT.EDU
In-Reply-To: Kenneth D. Renard 's message of Fri, 24 Mar 1995 19:35:42 GMT <1995Mar24.193542.17366@arl.mil>
I use the term smartcard to mean a card that plugs into a reader and
does at least some of the encryption operations without requiring the
involvement of the user, and without the key leaving the card. There
was a paper on such an implementation done at MITRE in the 1993 (i
think) ISOC Security Symposium, and I think a revised version of the
paper appeared in the Usenix Computing Systems journal.
What you describe is what might be described as one-time-passcode
integration with Kerberos. For a more generic integration, see the
internet draft ietf-cat-kerberos-passwords-00. You can reference to a
copy of this by following the documents link from
http://nii.isi.edu/info/Kerberos.
~ Cliff