From owner-freebsd-security  Fri Jun  7 14:42:18 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id OAA24780
          for security-outgoing; Fri, 7 Jun 1996 14:42:18 -0700 (PDT)
Received: from mexico.brainstorm.eu.org (root@mexico.brainstorm.eu.org [193.56.58.253])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id OAA24764
          for <freebsd-security@freebsd.org>; Fri, 7 Jun 1996 14:42:10 -0700 (PDT)
Received: from brasil.brainstorm.eu.org (brasil.brainstorm.eu.org [193.56.58.33]) by mexico.brainstorm.eu.org (8.7.5/8.7.3) with ESMTP id XAA13379; Fri, 7 Jun 1996 23:42:06 +0200
Received: (from uucp@localhost) by brasil.brainstorm.eu.org (8.6.12/8.6.12) with UUCP id XAA05614; Fri, 7 Jun 1996 23:41:41 +0200
Received: (from roberto@localhost) by keltia.freenix.fr (8.8.Alpha.4/keltia-uucp-2.8) id VAA18214; Fri, 7 Jun 1996 21:26:42 +0200 (MET DST)
From: Ollivier Robert <roberto@keltia.freenix.fr>
Message-Id: <199606071926.VAA18214@keltia.freenix.fr>
Subject: Re: s/key and OTP [was: MD5 Crack code]
To: ewb@zns.net (Will Brown)
Date: Fri, 7 Jun 1996 21:26:41 +0200 (MET DST)
Cc: pst@shockwave.com, freebsd-security@freebsd.org
In-Reply-To: <199606071404.KAA02891@selway.i.com> from Will Brown at "Jun 7, 96 10:04:52 am"
X-Operating-System: FreeBSD 2.2-CURRENT ctm#2084
X-Mailer: ELM [version 2.4ME+ PL19 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

It seems that Will Brown said:
> IF s/key is approaching "defacto standardization" then that process
> should be allowed to continue and OTP should go away. IMHO it is more
> important that a standard be established and rolled into the *many*

AFAIK S/Key -- the one from Bellcore -- is dead. 

Some guys in the US Navy have  taken over it and  now release OPIE (look on
ftp.nrl.navy.mil). It is the same as S/Key although there are more features
(see below)

It conforms to the OTP defined by the IETF and  is compatible with S/Key in
MD4 mode.

 6 May 1996   169.3 Ko  /sources/security/passwd/opie-2.21.tar.gz

Here is an extract from the README:

OPIE Software Distribution, Release 2.21                  Important Information
========================================                  =====================

Introduction
============

	"One-time Passwords In Everything" (OPIE) is a freely distributable
software package originally developed at and for the US Naval Research
Laboratory (NRL). Recent versions are the result of a cooperative effort
between of NRL, several of the original NRL authors, The Inner Net, and many
other contributors from the Internet community.

	OPIE is an implementation of the One-Time Password (OTP) System that
is being considered for the Internet standards-track. OPIE provides a one-time
password system. The system should be secure against the passive attacks
now commonplace on the Internet (see RFC 1704 for more details). The system
is vulnerable to active dictionary attacks, though these are not widespread
at present and can be detected through proper use of system audit
software. 

	OPIE is primarily written for UNIX-like operating systems, but
we are working to make applicable portions portable to other operating systems.
The OPIE software is derived in part from and is fully interoperable with the
Bell Communications Research (Bellcore) S/Key Release 1 software. Because
Bellcore claims "S/Key" as a trademark for their software, NRL was forced to
use a different name (we picked "OPIE") for this software distribution.

	OPIE includes the following additions/modifications to the
original Bellcore S/Key(tm) Version 1 software:

* Just about one-command installation for many common platforms. While we
  still recommend that you follow instructions and test things by hand, the
  more adventurous can install OPIE quickly.

* A modified BSD FTP daemon that does OPIE. The small and simple BSD ftpd(8)
  was deliberately chosen over the wuarchive ftpd(8) because we didn't have 
  the time needed to convince ourselves that the wuarchive ftpd(8) didn't have
  any security holes lurking in its many extra features.

* By default, the "su" binary always gives you an OPIE challenge, even on the
  console. This was a hole for rlogin/telnet sessions in the original S/Key 
  software.

* MD5 support. MD5 is now the default algorithm, though MD4 is still supported
  by changing a parameter in the Makefile. This change was made because MD5 is
  widely believed to be cryptographically stronger than MD4 (see RFC 1321).

* A more portable version of MD4 has been substituted for the original MD4. 
  This should solve many of the endian problems.

* Most of the system-dependencies have been moved to a new file "opie_cfg.h".

* Configuration options have been moved to the Makefile.

* Isolated system dependencies (e.g. BSDisms) with appropriate #ifdefs.

* Revised the opiekey(1) program to simultaneously support MD4 and MD5, with
  the default algorithm being tunable using the MDX symbol in the Makefile.

* More operating systems are supported by recent versions of OPIE, but older
  BSD systems that aren't close to being compliant with the POSIX standard are
  no longer supported.

* Transition mechanisms are optional to prevent potential back doors.

* On systems using the /etc/opieaccess transition mechanism, users can choose
  to require the use of OPIE to login to their accounts when it would 
  otherwise be optional.

* Bug fixes

* Cosmetic changes

* Prompts (optionally) identify specifically what kind of entry (system
  password, secret pass phrase, or OTP response) is allowed.

* Changes to mostly conform with the draft Internet OTP standard.

* Optional autoconf support


-- 
Ollivier ROBERT    -=- The daemon is FREE! -=-    roberto@keltia.freenix.fr
FreeBSD keltia.freenix.fr 2.2-CURRENT #7: Thu Jun  6 20:43:22 MET DST 1996