datatracker.ietf.org
Sign in
Version 5.13.0, 2015-03-25
Report a bug

HOTP: An HMAC-Based One-Time Password Algorithm
RFC 4226

Document type: RFC - Informational (December 2005; Errata)
Was draft-mraihi-oath-hmac-otp (individual in sec area)
Document stream: IETF
Last updated: 2013-03-02
Other versions: plain text, pdf, html

IETF State: (None)
Consensus: Unknown
Document shepherd: No shepherd assigned

IESG State: RFC 4226 (Informational)
Responsible AD: Russ Housley
Send notices to: dmraihi@verisign.com, SVaeth@DIVERSINET.COM

Network Working Group                                         D. M'Raihi
Request for Comments: 4226                                      VeriSign
Category: Informational                                       M. Bellare
                                                                    UCSD
                                                            F. Hoornaert
                                                                   Vasco
                                                             D. Naccache
                                                                 Gemplus
                                                                O. Ranen
                                                                 Aladdin
                                                           December 2005

           HOTP: An HMAC-Based One-Time Password Algorithm

Status of This Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2005).

Abstract

   This document describes an algorithm to generate one-time password
   values, based on Hashed Message Authentication Code (HMAC).  A
   security analysis of the algorithm is presented, and important
   parameters related to the secure deployment of the algorithm are
   discussed.  The proposed algorithm can be used across a wide range of
   network applications ranging from remote Virtual Private Network
   (VPN) access, Wi-Fi network logon to transaction-oriented Web
   applications.

   This work is a joint effort by the OATH (Open AuTHentication)
   membership to specify an algorithm that can be freely distributed to
   the technical community.  The authors believe that a common and
   shared algorithm will facilitate adoption of two-factor
   authentication on the Internet by enabling interoperability across
   commercial and open-source implementations.

M'Raihi, et al.              Informational                      [Page 1]
RFC 4226                     HOTP Algorithm                December 2005

Table of Contents

   1. Overview ........................................................3
   2. Introduction ....................................................3
   3. Requirements Terminology ........................................4
   4. Algorithm Requirements ..........................................4
   5. HOTP Algorithm ..................................................5
      5.1. Notation and Symbols .......................................5
      5.2. Description ................................................6
      5.3. Generating an HOTP Value ...................................6
      5.4. Example of HOTP Computation for Digit = 6 ..................7
   6. Security Considerations .........................................8
   7. Security Requirements ...........................................9
      7.1. Authentication Protocol Requirements .......................9
      7.2. Validation of HOTP Values .................................10
      7.3. Throttling at the Server ..................................10
      7.4. Resynchronization of the Counter ..........................11
      7.5. Management of Shared Secrets ..............................11
   8. Composite Shared Secrets .......................................14
   9. Bi-Directional Authentication ..................................14
   10. Conclusion ....................................................15
   11. Acknowledgements ..............................................15
   12. Contributors ..................................................15
   13. References ....................................................15
      13.1. Normative References .....................................15
      13.2. Informative References ...................................16
   Appendix A - HOTP Algorithm Security: Detailed Analysis ...........17
      A.1. Definitions and Notations .................................17
      A.2. The Idealized Algorithm: HOTP-IDEAL .......................17
      A.3. Model of Security .........................................18
      A.4. Security of the Ideal Authentication Algorithm ............19
           A.4.1. From Bits to Digits ................................19
           A.4.2. Brute Force Attacks ................................21
           A.4.3. Brute force attacks are the best possible attacks ..22
      A.5. Security Analysis of HOTP .................................23
   Appendix B - SHA-1 Attacks ........................................25
      B.1. SHA-1 Status ..............................................25
      B.2. HMAC-SHA-1 Status .........................................26
      B.3. HOTP Status ...............................................26

[include full document text]