otp(3tcl) RFC 2289 A One-Time Password System otp(3tcl)
______________________________________________________________________________
NAME
otp - One-Time Passwords
SYNOPSIS
package require Tcl 8.2
package require otp ?1.0.0?
::otp::otp-md4 ?-hex? ?-words? -seed seed -count count data
::otp::otp-md5 ?-hex? ?-words? -seed seed -count count data
::otp::otp-sha1 ?-hex? ?-words? -seed seed -count count data
::otp::otp-rmd160 ?-hex? ?-words? -seed seed -count count data
______________________________________________________________________________
DESCRIPTION
This package is an implementation in Tcl of the One-Time Password sys-
tem as described in RFC 2289 (1). This system uses message-digest algo-
rithms to sequentially hash a passphrase to create single-use pass-
words. The resulting data is then provided to the user as either hexa-
decimal digits or encoded using a dictionary of 2048 words. This system
is used by OpenBSD for secure login and can be used as a SASL mechanism
for authenticating users.
In this implementation we provide support for four algorithms that are
included in the tcllib distribution: MD5 (2), MD4 (3), RIPE-MD160 (4)
and SHA-1 (5).
COMMANDS
::otp::otp-md4 ?-hex? ?-words? -seed seed -count count data
::otp::otp-md5 ?-hex? ?-words? -seed seed -count count data
::otp::otp-sha1 ?-hex? ?-words? -seed seed -count count data
::otp::otp-rmd160 ?-hex? ?-words? -seed seed -count count data
EXAMPLES
% otp::otp-md5 -count 99 -seed host67821 "My Secret Pass Phrase"
(binary gibberish)
% otp::otp-md5 -words -count 99 -seed host67821 "My Secret Pass Phrase"
SOON ARAB BURG LIMB FILE WAD
% otp::otp-md5 -hex -count 99 -seed host67821 "My Secret Pass Phrase"
e249b58257c80087
REFERENCES
[1] Haller, N. et al., "A One-Time Password System", RFC 2289, Feb-
ruary 1998. http://www.rfc-editor.org/rfc/rfc2289.txt
[2] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, MIT
and RSA Data Security, Inc, April 1992. (http://www.rfc-edi-
tor.org/rfc/rfc1321.txt)
[3] Rivest, R., "The MD4 Message Digest Algorithm", RFC 1320, MIT,
April 1992. (http://www.rfc-editor.org/rfc/rfc1320.txt)
[4] H. Dobbertin, A. Bosselaers, B. Preneel, "RIPEMD-160, a
strengthened version of RIPEMD" http://www.esat.kuleu-
ven.ac.be/~cosicart/pdf/AB-9601/AB-9601.pdf
[5] "Secure Hash Standard", National Institute of Standards and
Technology, U.S. Department Of Commerce, April 1995.
(http://www.itl.nist.gov/fipspubs/fip180-1.htm)
BUGS, IDEAS, FEEDBACK
This document, and the package it describes, will undoubtedly contain
bugs and other problems. Please report such in the category otp of the
Tcllib Trackers [http://core.tcl.tk/tcllib/reportlist]. Please also
report any ideas for enhancements you may have for either package
and/or documentation.
When proposing code changes, please provide unified diffs, i.e the out-
put of diff -u.
Note further that attachments are strongly preferred over inlined
patches. Attachments can be made by going to the Edit form of the
ticket immediately after its creation, and then using the left-most
button in the secondary navigation bar.
SEE ALSO
SASL, md4, md5, ripemd160, sha1
KEYWORDS
hashing, message-digest, password, rfc 2289, security
CATEGORY
Hashes, checksums, and encryption
COPYRIGHT
Copyright (c) 2006, Pat Thoyts <patthoyts@users.sourceforge.net>
tcllib 1.0.0 otp(3tcl)