Tcl Library Source Code
otp - RFC 2289 A One-Time Password System
Not logged in
Core Home Blog DocsDownloads Tickets Timeline Branches Wiki Login
Bounty program for improvements to Tcl and certain Tcl packages.
Tcl 2018 Conference, Houston/TX, US, Oct 15-19
Send your abstracts to tclconference@googlegroups.com or submit via the online form
by Aug 20.
[ Main Table Of Contents | Table Of Contents | Keyword Index | Categories | Modules | Applications ]

otp(n) 1.0.0 tcllib "RFC 2289 A One-Time Password System"

Name

otp - One-Time Passwords

Description

This package is an implementation in Tcl of the One-Time Password system as described in RFC 2289 (1). This system uses message-digest algorithms to sequentially hash a passphrase to create single-use passwords. The resulting data is then provided to the user as either hexadecimal digits or encoded using a dictionary of 2048 words. This system is used by OpenBSD for secure login and can be used as a SASL mechanism for authenticating users.

In this implementation we provide support for four algorithms that are included in the tcllib distribution: MD5 (2), MD4 (3), RIPE-MD160 (4) and SHA-1 (5).

EXAMPLES

% otp::otp-md5 -count 99 -seed host67821 "My Secret Pass Phrase"
(binary gibberish)
% otp::otp-md5 -words -count 99 -seed host67821 "My Secret Pass Phrase"
SOON ARAB BURG LIMB FILE WAD
% otp::otp-md5 -hex -count 99 -seed host67821 "My Secret Pass Phrase"
e249b58257c80087

REFERENCES

  1. Haller, N. et al., "A One-Time Password System", RFC 2289, February 1998. http://www.rfc-editor.org/rfc/rfc2289.txt

  2. Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, MIT and RSA Data Security, Inc, April 1992. (http://www.rfc-editor.org/rfc/rfc1321.txt)

  3. Rivest, R., "The MD4 Message Digest Algorithm", RFC 1320, MIT, April 1992. (http://www.rfc-editor.org/rfc/rfc1320.txt)

  4. H. Dobbertin, A. Bosselaers, B. Preneel, "RIPEMD-160, a strengthened version of RIPEMD" http://www.esat.kuleuven.ac.be/~cosicart/pdf/AB-9601/AB-9601.pdf

  5. "Secure Hash Standard", National Institute of Standards and Technology, U.S. Department Of Commerce, April 1995. (http://www.itl.nist.gov/fipspubs/fip180-1.htm)

Bugs, Ideas, Feedback

This document, and the package it describes, will undoubtedly contain bugs and other problems. Please report such in the category otp of the Tcllib Trackers. Please also report any ideas for enhancements you may have for either package and/or documentation.

When proposing code changes, please provide unified diffs, i.e the output of diff -u.

Note further that attachments are strongly preferred over inlined patches. Attachments can be made by going to the Edit form of the ticket immediately after its creation, and then using the left-most button in the secondary navigation bar.

Category

Hashes, checksums, and encryption

This page was generated in about 0.006s by Fossil 2.7 [9aa9ba8bd2] 2018-09-22 17:40:11