One Time Password - A two factor authentication system
-
Upload
swetha-kogatam -
Category
Software
-
view
583 -
download
3
description
Transcript of One Time Password - A two factor authentication system
ONE TIME PASSWORD
BySwetha Kogatam
SJSU ID: 009439339
AGENDA
Introduction Brief History of OTP systems Benefits &Costs, Categories of OTP Methods of Generation• HOTP & TOTP Methods of delivery RFCs and standards Attacks OTP Development Libraries
What is a One-time Password? A single-use password or series of codes
used to authenticate a user over an untrusted communication channel
• Complements a user password
Two-Factor Authentication
Brief & Probable History
Leslie Lamport wrote an article on chaining hashes for authentication (CACM 1981)
Bellcore developed S/Key based on the Lamport scheme (1994)
Hardware tokens are developed OPIE was a more modern implementation
and compatible with S/Key OTPW developed
Modern day examples for OTP
Benefits of OTPs
Cost effective alternative for expensive digital certificates
Cannot be reused Avoids expensive Hardware tokens Can be time-limited Can be used over untrusted communication
paths • Telnet, web-based, serial terminals Can use with a compromised user password Multiple generation/delivery mechanisms
Costs
Difficult for human beings to memorize and require additional technology to work
Based on a shared secret Software tools can be compromised Attacks are still possible
Categories of OTPs
More often used two types of OTPs are1. Event Based - HMAC-based One-time
Password (HOTP)2. Time Based - Time-based One time
Password (TOTP) Others include1. Challenge-based - User enters a key sent
from server plus a password2. Proprietary – RSA SecureID
Methods of Generation - HOTP HOTP (HMAC-based)• Computes a HMAC-SHA-1 and truncation to compute the HOTP value• HOTP(K,C) = Truncate(HMAC-SHA-1(K,C))Where the Key (K), the Counter (C),
HOTP
We can describe the operations in 3 distinct steps: Step 1: Generate an HMAC-SHA-1 value Let HS = HMAC-SHA-1(K, C) // HS is a 20-byte string Step 2: Generate a 4-byte string (Dynamic
Truncation) Let Sbits = DT (HS) // DT, defined below, // returns a 31-bit string Step 3: Compute an HOTP valueLet Snum = StToNum (Sbits) // Convert S to a number in 0...2^{31}-1Return D = Snum mod 10^Digit // D is a number in the range 0...10^ {Digit}-1
TOTP
TOTP (Time-based)• An extension of HOTP to support time• TOTP = HOTP (K, T), • TOTP(K,C) = Truncate(HMAC-SHA-1(K,T))• Where T = (Current Unix time - T0) / X, where the default floor function is used in the computation• For example, with T0 = 0 and Time Step X = 30, T = 1 if the current UNIX time is 59 seconds, and T = 2 if the current UNIX time is 60 seconds
Methods of Delivery
Software applications• Command line OTP calculators Text messaging• Requests are made to send a code via SMS• Requests from SMS itself or out-of-band Phone call• During the authentication process, you receive a phone call and enter a PIN
More Methods of Delivery
Paper• Lists of passwords or codes to use• Some systems use paper codes as a backup Hardware token• Token has a rotating display of the current code• May have buttons for challenges Mobile applications• The code is displayed exactly like a HW token• OTP calculators can work with counter-based OTP
RFCs and Standards
RFC 1760, The S/KEY One-Time Password System
RFC 2289, A One-time Password System RFC 4226, HOTP: An HMAC-Based One-
Time Password Algorithm RFC 6238, TOTP: Time-based One-time
Password Algorithm
Attacks on OTP
Man-in-the-Middle• Attacker captures and resends authentication data to legitimate server Mobile based delivery for OTPs can be
attacked Paper based delivery for OTPs - theft
OTP Development Libraries
Java: javaotp Ruby: ropt, ruby-otp Python: POTP PHP: OTPHP, multiOTP C/C++: OpenOTP Many more available
Questions