IETF Logo Mail Archive

RFC 4226 on HOTP: An HMAC-Based One-Time Password Algorithm

rfc-editor@rfc-editor.org Fri, 23 December 2005 21:37 UTC

Received: from localhost.cnri.reston.va.us ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EpubR-0001wU-Ex; Fri, 23 Dec 2005 16:37:29 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EpubP-0001wP-7w for ietf-announce@megatron.ietf.org; Fri, 23 Dec 2005 16:37:27 -0500
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA10297 for <ietf-announce@ietf.org>; Fri, 23 Dec 2005 16:36:21 -0500 (EST)
Received: from boreas.isi.edu ([128.9.160.161]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EpueT-0001Rv-8r for ietf-announce@ietf.org; Fri, 23 Dec 2005 16:40:39 -0500
Received: from ISI.EDU (adma.isi.edu [128.9.160.239]) by boreas.isi.edu (8.11.6p2+0917/8.11.2) with ESMTP id jBNLaww16657; Fri, 23 Dec 2005 13:36:58 -0800 (PST)
Message-Id: <200512232136.jBNLaww16657@boreas.isi.edu>
To: ietf-announce@ietf.org
From: rfc-editor@rfc-editor.org
Mime-Version: 1.0
Content-Type: Multipart/Mixed; Boundary="NextPart"
Date: Fri, 23 Dec 2005 13:36:58 -0800
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: rfc-ed@isi.edu
X-Spam-Score: -14.6 (--------------)
X-Scan-Signature: a87a9cdae4ac5d3fbeee75cd0026d632
Cc: rfc-editor@rfc-editor.org
Subject: RFC 4226 on HOTP: An HMAC-Based One-Time Password Algorithm
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: ietf-announce.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
Sender: ietf-announce-bounces@ietf.org
Errors-To: ietf-announce-bounces@ietf.org

A new Request for Comments is now available in online RFC libraries.


        RFC 4226

        Title:      HOTP: An HMAC-Based One-Time Password Algorithm
        Author(s):  D. M'Raihi, M. Bellare, F. Hoornaert, D. Naccache,
                    O. Ranen
        Status:     Informational
        Date:       December 2005
        Mailbox:    dmraihi@verisign.com, mihir@cs.ucsd.edu,
                    frh@vasco.com, david.naccache@gemplus.com
        Pages:      37
        Characters: 77117
        Updates/Obsoletes/SeeAlso:    None

        I-D Tag:    draft-mraihi-oath-hmac-otp-04.txt

        URL:        ftp://ftp.rfc-editor.org/in-notes/rfc4226.txt


This document describes an algorithm to generate one-time password
values, based on Hashed Message Authentication Code (HMAC).  A
security analysis of the algorithm is presented, and important
parameters related to the secure deployment of the algorithm are
discussed.  The proposed algorithm can be used across a wide range of
network applications ranging from remote Virtual Private Network (VPN)
access, Wi-Fi network logon to transaction-oriented Web applications.

This work is a joint effort by the OATH (Open AuTHentication)
membership to specify an algorithm that can be freely distributed
to the technical community.  The authors believe that a common and
shared algorithm will facilitate adoption of two-factor
authentication on the Internet by enabling interoperability across
commercial and open-source implementations.

This memo provides information for the Internet community.  It does
not specify an Internet standard of any kind.  Distribution of this
memo is unlimited.

This announcement is sent to the IETF list and the RFC-DIST list.
Requests to be added to or deleted from the IETF distribution list
should be sent to IETF-REQUEST@IETF.ORG.  Requests to be
added to or deleted from the RFC-DIST distribution list should
be sent to RFC-DIST-REQUEST@RFC-EDITOR.ORG.

Details on obtaining RFCs via FTP or EMAIL may be obtained by sending
an EMAIL message to rfc-info@RFC-EDITOR.ORG with the message body 
help: ways_to_get_rfcs.  For example:

        To: rfc-info@RFC-EDITOR.ORG
        Subject: getting rfcs

        help: ways_to_get_rfcs

Requests for special distribution should be addressed to either the
author of the RFC in question, or to RFC-Manager@RFC-EDITOR.ORG.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.

Submissions for Requests for Comments should be sent to
RFC-EDITOR@RFC-EDITOR.ORG.  Please consult RFC 2223, Instructions to RFC
Authors, for further information.


Joyce K. Reynolds and Sandy Ginoza
USC/Information Sciences Institute

...

Below is the data which will enable a MIME compliant Mail Reader 
implementation to automatically retrieve the ASCII version
of the RFCs.
ftp://ftp.isi.edu/in-notes/rfc4226.txt"><ftp://ftp.isi.edu/in-notes/rfc4226.txt>
_______________________________________________
IETF-Announce mailing list
IETF-Announce@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf-announce

v2.23.0 | Report a Bug | By Email