Open Access
HOTP: An HMAC-Based One-Time Password Algorithm
Frank Hoornaert,David Naccache,Mihir Bellare,Ohad Ranen +3 more
- Vol. 4226, pp 1-37
TLDR
This document describes an algorithm to generate one-time password values, based on Hashed Message Authentication Code (HMAC), which will facilitate adoption of two-factor authentication on the Internet by enabling interoperability across commercial and open-source implementations.Abstract:
This document describes an algorithm to generate one-time password
values, based on Hashed Message Authentication Code (HMAC). A security
analysis of the algorithm is presented, and important parameters
related to the secure deployment of the algorithm are discussed. The
proposed algorithm can be used across a wide range of network
applications ranging from remote Virtual Private Network (VPN) access,
Wi-Fi network logon to transaction-oriented Web applications. This
work is a joint effort by the OATH (Open AuTHentication) membership to
specify an algorithm that can be freely distributed to the technical
community. The authors believe that a common and shared algorithm will
facilitate adoption of two-factor authentication on the Internet by
enabling interoperability across commercial and open-source
implementations. This memo provides information for the Internet
community.read more
Citations
More filters
Proceedings ArticleDOI
The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes
TL;DR: It is concluded that many academic proposals to replace text passwords for general-purpose user authentication on the web have failed to gain traction because researchers rarely consider a sufficiently wide range of real-world constraints.
Journal ArticleDOI
BSeIn: A blockchain-based secure mutual authentication with fine-grained access control system for industry 4.0
TL;DR: This work presents a blockchain-based system for secure mutual authentication, BSeIn, to enforce fine-grained access control polices and is designed to provide privacy and security guarantees such as anonymous authentication, auditability, and confidentiality.
TOTP: Time-Based One-Time Password Algorithm
TL;DR: This document describes an extension of one-time password algorithm HOTP as defined in [RFC4226] to support time based moving factor.
Book ChapterDOI
New proofs for NMAC and HMAC: security without collision-resistance
TL;DR: It is shown that an even weaker-than-PRF condition on the compression function, namely that it is a privacy-preserving MAC, suffices to establish HMAC is a secure MAC as long as the hash function meets the very weak requirement of being computationally almost universal.
Journal ArticleDOI
New Proofs for NMAC and HMAC: Security without Collision Resistance
TL;DR: In this paper, it was shown that HMAC is a PRF under the assumption that the compression function is a P-F and the iterated hash function is weakly collision resistant.