So, the USB flash stores the 160-bit RSA encrypted user identity?
I think that this approach or something like it could be useful. I'm not sure I'm happy with your key schedule, or some of the crypto details. I'd prefer to think about whether RFC 3961 might provide better options. Similarly, I'm not sure what you get out of RSA encryption. An alternative proposal that seems like it would do the same thing from a security standpoint would be a way to combine a password key with pkinit. You could store a soft certificate on a USB token. Ultimately, though, I think that the important thing is the user experience. I agree with you that providing stronger authentication when someone provides a USB flash disk with some secret information is desirable. I think the specific details of how to do this should be worked out in the Kerberos working group of the IETF. I encourage you to take your proposal there. --Sam
