This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Time-based One-time Password Algorithm
Time-based One-time Password Algorithm

Version management

Difference between version and

At line 1 added 24 lines
!!! Overview
[{$pagename}] ([TOTP]) is defined in [RFC 6238] as an extension of the [One-time password|One-Time password] ([OTP]) algorithm, namely the [HMAC-based One-Time Password Algorithm] ([HOTP]), as defined in [RFC 4226], to support the [time]-based moving factor.
[{$pagename}] is generated by HMAC([Shared Secret], timestamp), where timestamp typically change, by default, every 30 [seconds].
The [HMAC-based One-Time Password Algorithm] ([HOTP]) specifies an event-based [OTP] algorithm, where the moving factor is an event counter. The present work bases the moving factor on a time value. A time-based variant of the [OTP] algorithm provides short-lived OTP values, which are desirable for enhanced security.
[{$pagename}] has been adopted as Internet Engineering Task Force standard [RFC 6238] is the cornerstone of Initiative For Open Authentication [Initiative for Open Authentication] and is used in a number of [multi factor authentication systems|Multi-Factor Authentication].
[{$pagename}] is an example of a hash-based message authentication code [HMAC]. [{$pagename}] combines a secret key with the current timestamp using a [cryptographic Hash Functions|Cryptographic Hash Function] to generate a one-time password. The timestamp typically increases in 30-second intervals, so passwords generated close together in time from the same secret key will be equal.
The [{$pagename}], uses the counter for a value derived from the current [Unix Time].
The derived value T, is calculated using an initial time T0 and a step X as follows:
%%prettify
{{{
T = (Current Unix time - T0) / X
}}} /%
Each generated OTP is valid for X seconds, by default 30.
[{$pagename}] is used by Google Authenticator and the e Yubico [Initiative for Open Authentication] applet.!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Time-based One-time Password Algorithm|https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm|target='_blank'] - based on 2015-02-12
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop