Time-based One Time Passwords from Melvin Carvalho on 2012-08-28 (public-rww@w3.org from August 2012)

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Tue, 28 Aug 2012 12:43:39 +0200
To: public-webid <public-webid@w3.org>, public-rww <public-rww@w3.org>
Message-ID: <CAKaEYhJ8uM2d2VK8DPXobp_P1J-A6rOv+x2Sp9OnFyFGFptgjA@mail.gmail.com>

Could be quite useful, topic has come up a few times ...

http://chmod777self.blogspot.de/2012/08/dropbox-and-time-based-one-time.html

The news that Dropbox had enabled Two-factor authentication was very
welcome. What's even cooler is that they did so using the same basic
mechanism that Google uses for their stuff. Standards are Good:
http://tools.ietf.org/html/rfc6238

 What you may not know is that working with Time-based One-Time Passwords
is actually quite simple. As long as you can get the private key,
generating the OTP is pretty straight forward... consider:

 int len = Math.max(1, Math.min(9, size));
 byte[] h = hmac(getMovingFactor());
 int o = h[h.length - 1] & 0xf;
 return
   pad(
     Integer.toString(
       (((h[o] & 0x7f) << 24) |
       ((h[o + 1] & 0xff) << 16) |
       ((h[o + 2] & 0xff) << 8) |
       (h[o + 3] & 0xff))
         % (int)Math.pow(10, len)),
     len,'0');

 Here we see all the basic necessary steps for generating a TOTP of any
length up to 9-digits. These are pretty straight forward...

   1. Determine the length of the generated TOTP
   2. Determine the current "Moving Factor".. in this case, the current
   time-bracket for which the One-time password is being generated.
   3. Generate an HMAC from that Moving Factor using the Secret Key.
   4. Generating a Truncated Hash from the HMAC
   5. Converting the TH to a String and padding the front with zeroes if
   necessary to ensure that it's the right length.

 For step 1, the Google Authenticator application (and corresponding Linux
PAM Authenticator Module <http://goo.gl/pZTTj>) use a 6-digit TOTP.. so
that's out of the way...

 For step 2, Google Authenticator uses a 30-second time window.. so our
Moving Factor will be generated using the code...  where step = 30.

 protected byte[] getMovingFactor() {
   return toByteArray(
    (System.currentTimeMillis() / 1000l) / step);
 }

 Simple enough. Next, using the Secret Code provided by the authentication
provider, Google Authenticator generates an HmacSHA1 signature over the
moving factor. That signature is converted into an integer and mod'd
against 10^6 (10 to the power of the length of the generated OTP).

 The Secret Code provided by Google and Dropbox is a Base32-encoded string,
so in order to generate the hmac properly, you'll have to decode that into
a byte array but that's easy enough to do. Given that key (which you can
extract from the QRCode using a basic Bar Code Scanner app on your Android
or iOS device), so long as your system clock is in sync with the server,
you can generate the TOTP on your own without having the Google
Authenticator client application.

 Nice that something so simple can make such a big difference in online
security.  Would be excellent to see more services adopting TOTP's.

Received on Tuesday, 28 August 2012 10:44:08 UTC