otp man page

otp — One-Time Passwords

Synopsis

package require Tcl 8.2

package require otp ?1.0.0?

::otp::otp-md4 ?-hex? ?-words? -seed seed -count count data

::otp::otp-md5 ?-hex? ?-words? -seed seed -count count data

::otp::otp-sha1 ?-hex? ?-words? -seed seed -count count data

::otp::otp-rmd160 ?-hex? ?-words? -seed seed -count count data

Description

This package is an implementation in Tcl of the One-Time Password system as described in RFC 2289 (1). This system uses message-digest algorithms to sequentially hash a passphrase to create single-use passwords. The resulting data is then provided to the user as either hexadecimal digits or encoded using a dictionary of 2048 words. This system is used by OpenBSD for secure login and can be used as a SASL mechanism for authenticating users.

In this implementation we provide support for four algorithms that are included in the tcllib distribution: MD5 (2), MD4 (3), RIPE-MD160 (4) and SHA-1 (5).

Commands

::otp::otp-md4 ?-hex? ?-words? -seed seed -count count data

::otp::otp-md5 ?-hex? ?-words? -seed seed -count count data

::otp::otp-sha1 ?-hex? ?-words? -seed seed -count count data

::otp::otp-rmd160 ?-hex? ?-words? -seed seed -count count data

Examples

% otp::otp-md5 -count 99 -seed host67821 "My Secret Pass Phrase"
(binary gibberish)
% otp::otp-md5 -words -count 99 -seed host67821 "My Secret Pass Phrase"
SOON ARAB BURG LIMB FILE WAD
% otp::otp-md5 -hex -count 99 -seed host67821 "My Secret Pass Phrase"
e249b58257c80087

References

[1]
Haller, N. et al., "A One-Time Password System", RFC 2289, February 1998. http://www.rfc-editor.org/rfc/rfc2289.t…
[2]
Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, MIT and RSA Data Security, Inc, April 1992. (http://www.rfc-editor.org/rfc/rfc1321.t…)
[3]
Rivest, R., "The MD4 Message Digest Algorithm", RFC 1320, MIT, April 1992. (http://www.rfc-editor.org/rfc/rfc1320.t…)
[4]
H. Dobbertin, A. Bosselaers, B. Preneel, "RIPEMD-160, a strengthened version of RIPEMD" http://www.esat.kuleuven.ac.be/~cosicar…
[5]
"Secure Hash Standard", National Institute of Standards and Technology, U.S. Department Of Commerce, April 1995. (http://www.itl.nist.gov/fipspubs/fip180…)

Bugs, Ideas, Feedback

This document, and the package it describes, will undoubtedly contain bugs and other problems. Please report such in the category otp of the Tcllib Trackers [http://core.tcl.tk/tcllib/reportlist]. Please also report any ideas for enhancements you may have for either package and/or documentation.

See Also

SASL, md4, md5, ripemd160, sha1

Keywords

hashing, message-digest, password, rfc 2289, security

Category

Hashes, checksums, and encryption

Info

1.0.0 tcllib RFC 2289 A One-Time Password System