1otp(n) RFC 2289 A One-Time Password System otp(n)
2______________________________________________________________________________
6
8 otp - One-Time Passwords
9
11 package require Tcl 8.2
12 package require otp ?1.0.0?
14 ::otp::otp-md4 ?-hex? ?-words? -seed seed -count count data
16 ::otp::otp-md5 ?-hex? ?-words? -seed seed -count count data
18 ::otp::otp-sha1 ?-hex? ?-words? -seed seed -count count data
20 ::otp::otp-rmd160 ?-hex? ?-words? -seed seed -count count data
22______________________________________________________________________________
24
26 This package is an implementation in Tcl of the One-Time Password sys‐
27 tem as described in RFC 2289 (1). This system uses message-digest algo‐
28 rithms to sequentially hash a passphrase to create single-use pass‐
29 words. The resulting data is then provided to the user as either hexa‐
30 decimal digits or encoded using a dictionary of 2048 words. This system
31 is used by OpenBSD for secure login and can be used as a SASL mechanism
32 for authenticating users.
33 In this implementation we provide support for four algorithms that are
35 included in the tcllib distribution: MD5 (2), MD4 (3), RIPE-MD160 (4)
36 and SHA-1 (5).
37
39 ::otp::otp-md4 ?-hex? ?-words? -seed seed -count count data
40 ::otp::otp-md5 ?-hex? ?-words? -seed seed -count count data
42 ::otp::otp-sha1 ?-hex? ?-words? -seed seed -count count data
44 ::otp::otp-rmd160 ?-hex? ?-words? -seed seed -count count data
46
48 % otp::otp-md5 -count 99 -seed host67821 "My Secret Pass Phrase"
49 (binary gibberish)
50 % otp::otp-md5 -words -count 99 -seed host67821 "My Secret Pass Phrase"
51 SOON ARAB BURG LIMB FILE WAD
52 % otp::otp-md5 -hex -count 99 -seed host67821 "My Secret Pass Phrase"
53 e249b58257c80087
54
57 [1] Haller, N. et al., "A One-Time Password System", RFC 2289, Feb‐
58 ruary 1998. http://www.rfc-editor.org/rfc/rfc2289.txt
59 [2] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, MIT
61 and RSA Data Security, Inc, April 1992. (http://www.rfc-edi‐
62 tor.org/rfc/rfc1321.txt)
63 [3] Rivest, R., "The MD4 Message Digest Algorithm", RFC 1320, MIT,
65 April 1992. (http://www.rfc-editor.org/rfc/rfc1320.txt)
66 [4] H. Dobbertin, A. Bosselaers, B. Preneel, "RIPEMD-160, a
68 strengthened version of RIPEMD" http://www.esat.kuleu‐
69 ven.ac.be/~cosicart/pdf/AB-9601/AB-9601.pdf
70 [5] "Secure Hash Standard", National Institute of Standards and
72 Technology, U.S. Department Of Commerce, April 1995.
73 (http://www.itl.nist.gov/fipspubs/fip180-1.htm)
74
76 This document, and the package it describes, will undoubtedly contain
77 bugs and other problems. Please report such in the category otp of the
78 Tcllib Trackers [http://core.tcl.tk/tcllib/reportlist]. Please also
79 report any ideas for enhancements you may have for either package
80 and/or documentation.
81 When proposing code changes, please provide unified diffs, i.e the out‐
83 put of diff -u.
84 Note further that attachments are strongly preferred over inlined
86 patches. Attachments can be made by going to the Edit form of the
87 ticket immediately after its creation, and then using the left-most
88 button in the secondary navigation bar.
89
91 SASL, md4, md5, ripemd160, sha1
92
94 hashing, message-digest, password, rfc 2289, security
95
97 Hashes, checksums, and encryption
98
100 Copyright (c) 2006, Pat Thoyts <patthoyts@users.sourceforge.net>
101tcllib 1.0.0 otp(n)