[cryptography] anyone know how OTP tokens work?

Lea Kissner chialea at gmail.com
Wed Sep 8 01:27:28 EDT 2010

On Tue, Sep 7, 2010 at 2:17 PM,
<travis+ml-rbcryptography at subspacefield.org> wrote:
> I'm curious how OTP tokens work.

Most of them are HOTP (http://en.wikipedia.org/wiki/HOTP) of one form
or another, which is basically an application of HMAC to a secret key
and a nonce of some kind. Some implementations derive the nonce from
the current time. Some derive it from a counter value. Some do
proprietary backflips so as to require you use their server-side
software along with the client tokens.

If you assume HMAC is a perfect MAC algorithm, then the security of
HOTP follows straight from that assumption. An attacker who can forge
a HOTP value must be able to forge a corresponding MAC value. Because
we have assumed that our MAC algorithm is perfect, no such attacker
can exist.


More information about the cryptography mailing list