otp(3tcl) RFC 2289 A One-Time Password System otp(3tcl)______________________________________________________________________________NAMEotp - One-Time Passwords
SYNOPSIS
package require Tcl 8.2
package require otp ?1.0.0?
::otp::otp-md4 ?-hex? ?-words? -seed seed -count count data
::otp::otp-md5 ?-hex? ?-words? -seed seed -count count data
::otp::otp-sha1 ?-hex? ?-words? -seed seed -count count data
::otp::otp-rmd160 ?-hex? ?-words? -seed seed -count count data
_________________________________________________________________DESCRIPTION
This package is an implementation in Tcl of the One-Time Password sys‐
tem as described in RFC 2289 (1). This system uses message-digest algo‐
rithms to sequentially hash a passphrase to create single-use pass‐
words. The resulting data is then provided to the user as either hexa‐
decimal digits or encoded using a dictionary of 2048 words. This system
is used by OpenBSD for secure login and can be used as a SASL mechanism
for authenticating users.
In this implementation we provide support for four algorithms that are
included in the tcllib distribution: MD5 (2), MD4 (3), RIPE-MD160 (4)
and SHA-1 (5).
COMMANDS
::otp::otp-md4 ?-hex? ?-words? -seed seed -count count data
::otp::otp-md5 ?-hex? ?-words? -seed seed -count count data
::otp::otp-sha1 ?-hex? ?-words? -seed seed -count count data
::otp::otp-rmd160 ?-hex? ?-words? -seed seed -count count data
EXAMPLES
% otp::otp-md5 -count 99 -seed host67821 "My Secret Pass Phrase"
(binary gibberish)
% otp::otp-md5 -words -count 99 -seed host67821 "My Secret Pass Phrase"
SOON ARAB BURG LIMB FILE WAD
% otp::otp-md5 -hex -count 99 -seed host67821 "My Secret Pass Phrase"
e249b58257c80087
REFERENCES
[1] Haller, N. et al., "A One-Time Password System", RFC 2289, Feb‐
ruary 1998. http://www.rfc-editor.org/rfc/rfc2289.txt
[2] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, MIT
and RSA Data Security, Inc, April 1992. (http://www.rfc-edi‐
tor.org/rfc/rfc1321.txt)
[3] Rivest, R., "The MD4 Message Digest Algorithm", RFC 1320, MIT,
April 1992. (http://www.rfc-editor.org/rfc/rfc1320.txt)
[4] H. Dobbertin, A. Bosselaers, B. Preneel, "RIPEMD-160, a
strengthened version of RIPEMD" http://www.esat.kuleu‐
ven.ac.be/~cosicart/pdf/AB-9601/AB-9601.pdf
[5] "Secure Hash Standard", National Institute of Standards and
Technology, U.S. Department Of Commerce, April 1995.
(http://www.itl.nist.gov/fipspubs/fip180-1.htm)
BUGS, IDEAS, FEEDBACK
This document, and the package it describes, will undoubtedly contain
bugs and other problems. Please report such in the category otp of the
Tcllib SF Trackers [http://sourceforge.net/tracker/?group_id=12883].
Please also report any ideas for enhancements you may have for either
package and/or documentation.
SEE ALSO
SASL, md4, md5, ripemd160, sha1
KEYWORDS
hashing, message-digest, password, rfc 2289, security
CATEGORY
Hashes, checksums, and encryption
COPYRIGHT
Copyright (c) 2006, Pat Thoyts <patthoyts@users.sourceforge.net>
otp 1.0.0 otp(3tcl)