1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
ONE TIME PASSWORD PARAMETERS
-----------------------------
RFC 2289 describes a one-time password authentication system (OTP).
The system provides authentication for system access (login) and other
applications requiring authentication that is secure against passive
attacks based on replaying captured reusable passwords. OTP evolved
from the S/KEY (S/KEY is a trademark of Bellcore) One-Time Password
System that was released by Bellcore.
The sequence number and seed together constitute a larger unit of data
called the challenge. The challenge gives the generator the parameters
it needs to calculate the correct one-time password from the secret
pass-phrase. The challenge MUST be in a standard syntax so that
automated generators can recognize the challenge in context and
extract these parameters. The syntax of the challenge is:
otp-<algorithm identifier> <sequence integer> <seed>
Algorithm Identifier Description REFERENCE
------------------ ------------------------------------ ---------
md4 MD4 Message Digest [RFC2289]
md5 MD5 Message Digest [RFC2289]
sha1 NIST Secure Hash Algorithm Revision 1 [RFC2289]
RFC 2243 defines "extension set identifiers" for OTP responses and the
IANA lists these here:
Extension Set Id Description REFERENCE
------------------ ------------------------------------ ---------
hex hexadecimal number [RFC2243]
word six dictionary words [RFC2243]
init-hex re-initialize using hexadecimal [RFC2243]
init-word re-initialize using six words [RFC2243]
References
[RFC2289] Haller, N., C. Metz, P. Nesser, and M. Straw, "A One-Time
Password System", RFC 2289, Bellcore, Kaman Sciences
Corporation, Nesser and Nesser Consulting, February 1998.
[RFC2243] Metz, C., "OTP Extended Responses", RFc 2243, The Inner Net,
November 1997.
(last updated May 04 2001)
[]
|
