OTP-PKCS #11

Magnus Nyström, RSA Security

23 May 2005

Objectives

• Describes general PKCS #11 objects, attributes, and procedures for retrieval and verification of OTPs

• Intended to meet the needs of applications wishing to access connected OTP tokens in an interoperable manner

— Eases the task for vendors of OTP-consuming applications

— Enables a better user experience

Principles of Operation

PKCS #11 OTP Objects

• OTP key type with a defined set of new, common, attributes

— OTP Format (Hex, Decimal, …)

— OTP Length

— PIN related: PIN Pad, Default PIN, …

— Challenge/Counter/Time-based

— Service Name (Identifier)

• Common OTP mechanism object attributes

— Minimum and Maximum OTP length

— Note: Added since initial draft, based on mailing list discussions

PKCS #11 OTP Functions

• Retains existing v2.20 function set

• General approach is to use C_Sign and C_Verify

— Follows PKCS #11 HMAC approach

PKCS #11 OTP Mechanisms

• Defines five OTP mechanisms based on the foregoing

— CKM_SECURID, CKM_SECURID_TRADITIONAL, CKM_SECURID_KEY_GEN, CKM_HOTP, CKM_HOTP_KEY_GEN

— HOTP mechanisms added since initial draft

• Defines additional key attributes for keys of type CKK_SECURID and CKK_HOTP

— CKA_ACCEPT_{TIME, COUNTER}

— CKA_TIME_INTERVAL/CKA_COUNTER_VALUE

Current status

• Agreement on mailing list on current design, content— Document stable since 3rd draft (April 1st)

— Agreement also among workshop participants?

• Final Draft published on May 11— 30-day review, ending on June 9

— Intent is to publish v1.0 shortly thereafter

• New mechanisms for other OTP algorithms can be added later on— Similar to how new mechanisms can be added to PKCS #11 in

general

— This document provides a framework – and defines some initial mechanisms using the framework