Time-based One-time Password algorithm

The Time-based One-time Password algorithm (TOTP) is an extension of the HMAC-based One-time Password algorithm (HOTP) that generates a one-time password (OTP) by instead taking uniqueness from the current time. It has been adopted as Internet Engineering Task Force (IETF)[1] standard RFC 6238,[1] is the cornerstone of Initiative for Open Authentication (OATH), and is used in a number of two-factor authentication (2FA) systems.

Because of latency, both network and human, and unsynchronised clocks, the one-time password must validate over a range of times between the authenticator and the authenticatee. Here, time is downsampled into larger durations (e.g., 30 seconds) to allow for validity between the parties.

Algorithm

To establish TOTP authentication, the authenticatee and authenticator must pre-establish both the HOTP parameters and the following TOTP parameters:

T₀, the Unix time from which to start counting time steps (default is 0)
T_X, an interval which will be used to calculate the value of the counter C_T (default is 30 seconds)

Both the authenticator and the authenticatee compute the TOTP value, then the authenticator checks if the TOTP value supplied by the authenticatee matches the locally generated TOTP value. Some authenticators allow values that should have been generated before or after the current time in order to account for slight clock skews, network latency and user delays.

TOTP value

TOTP uses the HOTP algorithm, substituting the counter with a non-decreasing value based on the current time.

TOTP value(K) = HOTP value(K, C_T)

Calculating counter value

C_{T}=\left\lfloor {\frac {T-T_{0}}{T_{X}}}\right\rfloor

C_T	Count of the number of durations T_X between T₀ and T	integer
T	Current time or Unix time	integer
T₀	some epoch (eg. Unix epoch is 0)	integer
T_X	length of one time duration (eg 30 seconds)	integer

Note that Unix time is not strictly increasing. When a leap second is inserted into UTC, Unix time repeats one second. But a single leap second does not cause the integer part of Unix time to decrease, and C_T is non-decreasing as well so long as T_X is a multiple of one second.

Practical considerations

For subsequent authentications to work, the clocks of the authenticatee and the authenticator need to be roughly synchronized (the authenticator will typically accept one-time passwords generated from timestamps that differ by ±1 time interval from the authenticatee's timestamp).[1]

Weaknesses and vulnerabilities

TOTP values can be phished like passwords, though this requires attackers to proxy the credentials in real time.[2]

An attacker who steals the shared secret can generate new, valid TOTP values at will. This can be a particular problem if the attacker breaches a large authentication database.[3]

TOTP values are typically valid for longer than 30 seconds so that client and server time delays are accounted for.[1]

History

A TOTP draft was developed through the collaboration of several OATH members in order to create an industry-backed standard. It complements the event-based one-time standard HOTP, and it offers end user organizations and enterprises more choice in selecting technologies that best fit their application requirements and security guidelines. In 2008, OATH submitted a draft version of the specification to the IETF. This version incorporates all the feedback and commentary that the authors received from the technical community based on the prior versions submitted to the IETF.[4] In May, 2011, TOTP officially became RFC 6238.[1]

gollark: Oh, in that case it's a ReferenceError: no such variable f.

gollark: funny! = type error.

gollark: 3! = 6

gollark: 3 ≠ 3!

gollark: something reduction.

References

"RFC 6238 – TOTP: Time-Based One-Time Password Algorithm". Retrieved July 13, 2011.
Umawing, Jovi (21 January 2019). "Has two-factor authentication been defeated? A spotlight on 2FA's latest challenge". Malwarebytes Labs. Retrieved 9 August 2020.
Zetter, Kim. "RSA Agrees to Replace Security Tokens After Admitting Compromise". WIRED. Retrieved 17 February 2017.
Alexander, Madison. "OATH Submits TOTP: Time-Based One Time Password Specification to IETF". Open Authentication. Retrieved 22 February 2010.

External links

Step by step Python implementation in a Jupyter Notebook
Designing Docker Hub Two-Factor Authentication, (section "Using Time-Based One-Time Password (TOTP) Authentication").

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.

[RFC6238-1] "RFC 6238 – TOTP: Time-Based One-Time Password Algorithm". Retrieved July 13, 2011.

[2] Umawing, Jovi (21 January 2019). "Has two-factor authentication been defeated? A spotlight on 2FA's latest challenge". Malwarebytes Labs. Retrieved 9 August 2020.

[3] Zetter, Kim. "RSA Agrees to Replace Security Tokens After Admitting Compromise". WIRED. Retrieved 17 February 2017.

[4] Alexander, Madison. "OATH Submits TOTP: Time-Based One Time Password Specification to IETF". Open Authentication. Retrieved 22 February 2010.