0

I want to build a custom OTP implementation that utilizes the HOTP/TOTP algorithm.

I need to create several codes (one time passwords), which are all valid for the same time window in the future (e.g. five hours), but each code can only be used once.

HOTP and TOTP basically work the same way, the difference is that for HOTP, the message for the HMAC algorithm is a counter and for TOTP it is a (unix) timestamp. For popular implementations like Google Authenticator, the message is 8 bytes long.

A possible solution would be to create a message, that contains the concatenated counter and timestamp, therefore creating a message larger than 8 bytes. The timestamp can then be used multiple times, because the counter will be incremented.

Is this a valid approach? Are there security risks?

schroeder
  • 123,438
  • 55
  • 284
  • 319
earthling
  • 151
  • 3
  • Is this related to your other question?https://security.stackexchange.com/questions/221093/one-time-password-combine-time-window-and-counter – schroeder Mar 02 '20 at 16:12
  • My question here is the same as there. Why not track the usage of the issued codes? Don't encode control logic within the code, create a database with the time window. – schroeder Mar 02 '20 at 16:15
  • @schroeder, yes, it is related. The difference is, that I know that I want to use HOTP/TOTP and have a possible solution. I would have had to edit the previous question too much, I think. And my answer is the same, if I understand your suggestion as you intended: I need to create several codes in advance for a specific time window (not 30s, but e.g. 5h). With TOTP, only one code would be valid in that window. Therefore the need of a counter. TY & BR – earthling Mar 03 '20 at 07:25
  • No... that's not what I said ... When you issue a code to a user, you create an entry in the database for the time period it is valid for ... And you said that you wanted several codes valid for the same time window. Has your requirement changed? Alternatively, you can specify in the user database when any code generated on their side would be valid "can only use codes during X and Y". – schroeder Mar 03 '20 at 07:32
  • This is starting to look like an X/Y situation. You are focused on xOTP as a solution, but I'm not sure you're approachign the problem correctly – schroeder Mar 03 '20 at 07:38
  • Ok, now I get it (I think :) ). I cannot track the codes, as the device that generates the code and the one that receives it are not synced (both are offline). The only shared information is the key. Thanks for your input, again. – earthling Mar 03 '20 at 08:30
  • Ok, then accepting that the code generator is off-line and out of your control (I still have a curiosity about that), the proper place to put the control on the server-side: "user can only use codes from TimeX to TimeY". Don't try to encode business logic in the client-side, off-line, out-of-control space. Keep business logic server-side. – schroeder Mar 03 '20 at 09:20
  • I see that I give too little information. There is no server. The code generator and the receiver are both offline devices. One person controls the code generator and creates codes for other people to use on the receiver. Codes are not transmitted over the web. The code receiver registers wrong codes and will block the device itself. – earthling Mar 03 '20 at 10:21
  • I don't see why the response length would change if you include more information when creating the digest. You are aware that TOTP just uses a time value instead of the counter HOTP uses? – U. Windl Nov 05 '21 at 11:46
  • It doesn't, that's not what I said. My question was if it is valid to use a message with more than 8 bytes (by concatenating the time and counter) to create the digest. Also yes, as I have written in my question. Thanks – earthling Nov 10 '21 at 10:10

0 Answers0