


Network Working Group                    Internet Engineering Task Force
Internet-Draft                                      Telnet Working Group
                                                        Kannan Alagappan
                                           Digital Equipment Corporation
                                                            October 1991


                      Telnet Authentication : RSA_ENCPWD


Status of this Memo

   This draft document will be submitted to the RFC editor as a protocol
   specification.  Distribution of this memo is unlimited.  Please send
   comments to the telnet-ietf@cray.com mailing list.

1. Command Names and Codes

   Authentication Types

      RSA_ENCPWD    6

   Suboption Commands

      AUTH          0
      REJECT        1
      ACCEPT        2
      CHALLENGEKEY  3

2.  Command Meanings

   IAC SB AUTHENTICATION <authentication-type-pair> AUTH <password
   and challenge encrypted with RSA public key key> IAC SE

      This is used to pass the password and challenge encrypted with
      the RSA public key to the remote side of the connect.  For more
      details on how transferred data elements are represented and
      encrypted, please refer to the Appendix section.  The first
      octet of the <authentication-type-pair> value is RSA_ENCPWD.
      The second octet is a modifier to the RSA_ENCPWD authentication
      type.  The AUTH_HOW bit in the second octet is AUTH_HOW_ONE_WAY.
      Mutual authentication is not supported with this mechanism.
      The AUTH_WHO bit in the second octet is AUTH_WHO_CLIENT.
      Server authentication to a client is not supported with this
      mechanism.


   IAC SB AUTHENTICATION <authentication-type-pair> ACCEPT IAC SE

      This command indicates that the authentication was successful.

   IAC SB AUTHENTICATION <authentication-type-pair> REJECT <optional
   reason for rejection> IAC SE

      This command indicates that the authentication was not successful,
      and if there is any more data in the sub-option, it is an ASCII
      text message of the reason for the rejection.


Telnet Working Group                                            [Page 1]



Internet-Draft            RSA_ENCPWD for Telnet             October 1991



   IAC SB AUTHENTICATION <authentication-type-pair> CHALLENGEKEY <random
   cleartext challenge and RSA public key> IAC SE

      This is used to pass a random challenge, up to 16 bytes, and
      a RSA public key to the remote side of the connect.  For details
      on how transferred data elements are represented, please refer to
      the Appendix section.  The challenge value should have the
      characteristic that it is one-time only.

3.  Implementation Rules

   Every command after the first AUTHENTICATION IS must carry the same
   set of modifiers (e.g., CLIENT|ONE_WAY) for subsequent AUTHENTICATION
   IS and AUTHENTICATION REPLY commands.

   Since the second octet of the authentication-type-pair must have the
   AUTH_WHO bit set to AUTH_WHO_CLIENT, the server sends an initial
   CHALLENGE command.  The server also sends a RSA public key using
   the KEY command.  Next, the client sends the AUTH command, and the
   server responds with either ACCEPT or REJECT.

4.  Examples

   
   User "pete" may wish to protect his own password when logging on
   machine "foo".  Then the client would send IAC SB AUTHENTICATION
   NAME "pete" IAC SE IAC SB AUTHENTICATION IS RSA_ENCPWD IAC SE to select
   an authentication mechanism.  The server sends an IAC SB AUTHENTICATION
   REPLY RSA_ENCPWD CHALLENGEKEY <random cleartext challenge and server's
   RSA public key> IAC SE.  Next, the client sends IAC SB AUTHENTICATION
   IS RSA_ENCPWD AUTH <pete's password and challenge encrypted with the
   RSA public key> IAC SE.  The server would decrypt pete's encrypted
   password and challenge with its private key.  Server checks if the
   challenge matches the value sent previously and if pete's password
   is correct on this host.  The server would send back either ACCEPT
   or REJECT.














Telnet Working Group                                            [Page 2]




Internet-Draft            RSA_ENCPWD for Telnet             October 1991









       _C_l_i_e_n_t                           _S_e_r_v_e_r

                                        IAC DO AUTHENTICATION
       IAC WILL AUTHENTICATION
       [ The server is now free to request authentication information.
         ]
                                        IAC SB AUTHENTICATION SEND
                                        RSA_ENCPWD CLIENT|ONE_WAY
                                        IAC SE
       [ The server has requested RSA_ENCPWD authentication.

         The client will now respond with the name of the user that it
         wants to log in as.  ]
       IAC SB AUTHENTICATION NAME
       "pete" IAC SE
       IAC SB AUTHENTICATION IS
       RSA_ENCPWD CLIENT|ONE_WAY
       IAC SE
       [ The server responds with a CHALLENGEKEY command to pass along
         a random cleartext value and RSA public key.  ]
                                        IAC SB AUTHENTICATION REPLY
                                        RSA_ENCPWD CLIENT|ONE_WAY
					CHALLENGEKEY <random challenge,
					public key> IAC SE

       [ The client responds with the RSA encrypted password
         authentication data.  ]
       IAC SB AUTHENTICATION IS
       RSA_ENCPWD CLIENT|ONE_WAY
       AUTH <encrypted password
       and challenge> IAC SE
       [ The server responds with an ACCEPT command to state that the
         authentication was successful.  ]
                                        IAC SB AUTHENTICATION REPLY
                                        RSA_ENCPWD CLIENT|ONE_WAY
                                        ACCEPT IAC SE












Telnet Working Group                                            [Page 3]




Internet-Draft            RSA_ENCPWD for Telnet             October 1991


Appendix


   The authentication data sent during an AUTHENTICATION AUTH command can
   be specified as an ASN.1 value AuthData, described below, which shall
   be BER-encoded to give a bit string.  For details on RSA encryption
   please refer to [1], section 8.

      EncryptedPwd ::= BIT STRING
                            -- password and challenge value encrypted
                            --     with RSA key
                            -- first byte contains length of challenge
			    --     (up to 16 bytes)
                            -- next m bytes contain challenge
                            -- next byte contains length of password
			    --     (up to 32 bytes)
                            -- next n bytes contain password
                            -- padded with random bytes as specified in
                            --     block type 02, per the cited [1],
                            --     section 8.1
                            -- encrypted using target public key


   The data sent during an AUTHENTICATION CHALLENGEKEY command can be
   specified as an ASN.1 value ChallengeKey, described below, which
   shall be BER-encoded to give an octet string.

      Challenge ::= OCTET STRING
                            -- up to 16 random bytes (one-time only)

      PublicKey ::= BIT STRING
                            -- value is a BER encoding of a RSA public key
                                   as cited in [1], section 7.1

      ChallengeKey ::= SEQUENCE {
         challenge               Challenge ,
         publickey               PublicKey
      }


References

[1]  RSA Data Security, Inc., "PKCS #1 : RSA Encryption Standard". Version
     1.4, June 1991.


Author's Address

   Kannan Alagappan
   Digital Equipment Corporation
   550 King Street, LKG1-2/A19
   Littleton, MA 01460

   Mailing List: telnet-ietf@CRAY.COM
   EMail: kannan@sejour.lkg.dec.com


Telnet Working Group                                            [Page 4]
