Brigham & Women's Hospital
Surgical Planning Lab
Introduction to S/key

Dear User,

This is one of four letters you will be getting from me today regarding procedures for remote logins to BWH machines. This letter, is an introduction to what we are doing and why. The second is a set of technical notes on why I've made the decisions that I have made, the third is instructions for getting the PGP encryption package running on your local computer, and the fourth contains instructions for using PGP & S/key.

As you may know, BWH & our collaborators are moving ahead on a variety of projects that will involve experimental clinical work being done on patients. Some of these projects involve computer assisted surgery.

As a result, we have examined the security policies and procedures in place, and feel that they are insufficient. We have examined a variety of solutions, and chosen one we feel provides an extremely high level of security for our computers (and the patients in whose treatment the computers are involved) with minimal intrusion into your ability to remotely access the BWH computers.

Naturally, our first concern is for the safety of our patients, and we will take whatever measures we deem necessary to preserve our confidence in the security of our network. Obviously, we must have a secure network in order to confidently provide our patients with computer assisted surgery.

In order for you to understand the solution I have chosen, I need to explain a little bit of the problem. Everything I say here is well known to computer security professionals, and none of it is secret. If you want more details, thats what the second letter is about, and I will happily discuss this further on request.

The problem that we need to address today is that when you telnet to the Brigham from outside, your password is transmitted as you type it, sometimes over a long and possibly treacherous path. It is not encrypted, hidden, or otherwise protected from someone with enough knowledge and privileges to read network packets. (This is not to say you should not do your best to keep your password a secret--don't write it down, don't share it with anyone, don't send it through email).

I have chosen to work with a system that acknowledges that your password may be intercepted, and makes that irrelevant, by giving you a list of 'one shot' passwords. Each is used once, and then becomes irrelevant.

We send these lists to you encrypted with what is known as public key cryptography. This allows us to be sure that the lists I send can only be read by you, and allows you to be sure that the list you get actually came from me.

The list that you get from us is intended to be printed out, folded up, and stuck in your wallet/purse/pocket. If it is stolen, you'll need to tell us, and we will generate a new list for you. However, its being stolen does not seriously compromise the security of the system. (See tech notes for details on why.)

There is also a Mac program and a Windows applet available if you will be using one machine to dial up from home. These will make logging in easier, but I would still reccomend that you carry a printed list, in case you want to login from somewhere other than home.

Once you get the list, you will need it to login. Print out a copy, and stick it next to your credit cards in your wallet. Then delete the file on disk. Again, you will need this list, so don't lose it, or forget where you put it. I will be able to generate a new list for you on short notice if there is ever a problem.

The actual login procedure will look something like this:

Trying ...
Connected to gw1.
Escape character is '^]'.

SunOS UNIX (gw1)

login: adam s/key 72 du15343 Password: (turning echo on) Password: foss bane fell bub joel max

As you see, the response is six words, of up to 4 letters each. You choose the response by looking at the list of one time passwords I'll send you. Each has a number next to it, that was number 72. You can see what you type as you type it, and correct it if necessary. I've been using this for a little while now, and its not too bad; the words are short enough that I look at the paper about twice during each login.

Questions & answers:

Q: When will I need to use this one-time password?

A: Any time you login from a machine not in the Brigham, you are forced to login through the gateway. Anytime you login to the gateway, you will need to enter a one time password.

Q: Does that include rsh'ing to gw1?

A: Yes it does. It means anytime you login to duke, you will need to enter a one time password.

Q: How many password set will be on the list?

A: As many as I can fit. Looks like thats somewhere around 130 per page on our local printers.

Q: Can I use someone else's keylist to login?

A: No. If you look at someone else's keylist, you can login as them. Logging in under someone else's account is totally forbidden. Your access may be permanently closed for doing so from outside the hospital.

Q: How do I get more when I need them?

A: You'll send me an encrypted request for more keys, and I'll send you a response inside of 24 hours. See the BWH PGP users guide for how to do this.

Q: Does this restrict my ability to get out of bwh at all?

A: Not at all.

Q: Will I still have a short list of hosts that I can log in from?

A: No. Since this method of authentication is secure, I see no need to restrict where people can login from. If you have the authentication string, then you are considered authenticated. We will not be allowing logins from the entire net, since we have no connection with anyone at (eg) Alaska University, so we'll block access attempts from there.

Q: What if I have trouble getting started?

A: There will be a per user changeover period, when both normal & skey passwords will work. If you see an skey prompt, I would strongly suggest starting to use Skey, to iron out the bugs before you are required to use Skey. Durring this period, if you can't make Skey work, your normal password will suffice.

© Copyright 1994 Adam Shostack. All rights reserved.