Provided by: tcllib_1.21+dfsg-1_all bug

NAME

       otp - One-Time Passwords

SYNOPSIS

       package require Tcl  8.2

       package require otp  ?1.0.0?

       ::otp::otp-md4 ?-hex? ?-words? -seed seed -count count data

       ::otp::otp-md5 ?-hex? ?-words? -seed seed -count count data

       ::otp::otp-sha1 ?-hex? ?-words? -seed seed -count count data

       ::otp::otp-rmd160 ?-hex? ?-words? -seed seed -count count data

_________________________________________________________________________________________________

DESCRIPTION

       This  package  is an implementation in Tcl of the One-Time Password system as described in
       RFC 2289 (1). This system uses message-digest algorithms to sequentially hash a passphrase
       to  create single-use passwords. The resulting data is then provided to the user as either
       hexadecimal digits or encoded using a dictionary of 2048 words. This  system  is  used  by
       OpenBSD for secure login and can be used as a SASL mechanism for authenticating users.

       In  this  implementation  we  provide support for four algorithms that are included in the
       tcllib distribution: MD5 (2), MD4 (3), RIPE-MD160 (4) and SHA-1 (5).

COMMANDS

       ::otp::otp-md4 ?-hex? ?-words? -seed seed -count count data

       ::otp::otp-md5 ?-hex? ?-words? -seed seed -count count data

       ::otp::otp-sha1 ?-hex? ?-words? -seed seed -count count data

       ::otp::otp-rmd160 ?-hex? ?-words? -seed seed -count count data

EXAMPLES

              % otp::otp-md5 -count 99 -seed host67821 "My Secret Pass Phrase"
              (binary gibberish)
              % otp::otp-md5 -words -count 99 -seed host67821 "My Secret Pass Phrase"
              SOON ARAB BURG LIMB FILE WAD
              % otp::otp-md5 -hex -count 99 -seed host67821 "My Secret Pass Phrase"
              e249b58257c80087

REFERENCES

       [1]    Haller, N.  et  al.,  "A  One-Time  Password  System",  RFC  2289,  February  1998.
              http://www.rfc-editor.org/rfc/rfc2289.txt

       [2]    Rivest,  R.,  "The  MD5  Message-Digest  Algorithm",  RFC  1321,  MIT  and RSA Data
              Security, Inc, April 1992.  (http://www.rfc-editor.org/rfc/rfc1321.txt)

       [3]    Rivest, R., "The  MD4  Message  Digest  Algorithm",  RFC  1320,  MIT,  April  1992.
              (http://www.rfc-editor.org/rfc/rfc1320.txt)

       [4]    H.  Dobbertin,  A.  Bosselaers,  B. Preneel, "RIPEMD-160, a strengthened version of
              RIPEMD" http://www.esat.kuleuven.ac.be/~cosicart/pdf/AB-9601/AB-9601.pdf

       [5]    "Secure Hash Standard",  National  Institute  of  Standards  and  Technology,  U.S.
              Department             Of             Commerce,             April             1995.
              (http://www.itl.nist.gov/fipspubs/fip180-1.htm)

BUGS, IDEAS, FEEDBACK

       This document, and the package it describes,  will  undoubtedly  contain  bugs  and  other
       problems.    Please   report   such   in   the   category   otp  of  the  Tcllib  Trackers
       [http://core.tcl.tk/tcllib/reportlist].  Please also report any ideas for enhancements you
       may have for either package and/or documentation.

       When proposing code changes, please provide unified diffs, i.e the output of diff -u.

       Note further that attachments are strongly preferred over inlined patches. Attachments can
       be made by going to the Edit form of the ticket immediately after its creation,  and  then
       using the left-most button in the secondary navigation bar.

SEE ALSO

       SASL, md4, md5, ripemd160, sha1

KEYWORDS

       hashing, message-digest, password, rfc 2289, security

CATEGORY

       Hashes, checksums, and encryption

COPYRIGHT

       Copyright (c) 2006, Pat Thoyts <patthoyts@users.sourceforge.net>