ONE TIME PASSWORD PARAMETERS ----------------------------- RFC 2289 describes a one-time password authentication system (OTP). The system provides authentication for system access (login) and other applications requiring authentication that is secure against passive attacks based on replaying captured reusable passwords. OTP evolved from the S/KEY (S/KEY is a trademark of Bellcore) One-Time Password System that was released by Bellcore. The sequence number and seed together constitute a larger unit of data called the challenge. The challenge gives the generator the parameters it needs to calculate the correct one-time password from the secret pass-phrase. The challenge MUST be in a standard syntax so that automated generators can recognize the challenge in context and extract these parameters. The syntax of the challenge is: otp- Algorithm Identifier Description REFERENCE ------------------ ------------------------------------ --------- md4 MD4 Message Digest [RFC2289] md5 MD5 Message Digest [RFC2289] sha1 NIST Secure Hash Algorithm Revision 1 [RFC2289] RFC 2243 defines "extension set identifiers" for OTP responses and the IANA lists these here: Extension Set Id Description REFERENCE ------------------ ------------------------------------ --------- hex hexadecimal number [RFC2243] word six dictionary words [RFC2243] init-hex re-initialize using hexadecimal [RFC2243] init-word re-initialize using six words [RFC2243] References [RFC2289] Haller, N., C. Metz, P. Nesser, and M. Straw, "A One-Time Password System", RFC 2289, Bellcore, Kaman Sciences Corporation, Nesser and Nesser Consulting, February 1998. [RFC2243] Metz, C., "OTP Extended Responses", RFc 2243, The Inner Net, November 1997. []