Building a One-Time-Password Token Authentication Infrastructure

Explore the intricacies of building a robust one-time-password (OTP) token authentication infrastructure in this 42-minute conference talk from USENIX LISA14. Delve into the experiences of Jonathan Hanks from LIGO Lab/California Institute of Technology and Abe Singer from Laser Interferometer Gravitational Wave Observatory, Caltech, as they share their approach to implementing a secure, multi-site OTP system. Learn how to support a single token across multiple sites, maintain functionality during network failures, and minimize overhead in token management and distribution. Discover strategies for evaluating and deploying token authentication without relying on third-party services or custom client software. Gain insights into integrating OTP with Kerberos without client-side modifications. The talk covers crucial aspects such as risk assessment, requirement analysis, system architecture, multi-site support, fault tolerance, and real-world implementation experiences over a two-year period.