OPIE Challenge sequence
Dag-Erling Smørgrav
des at des.no
Tue Jul 8 11:41:52 UTC 2008
"Ivan Grover" <ivangrvr299 at gmail.com> writes:
> Iam trying to choose OPIE as my OTP implementation for authenticating the
> clients. I have the following queries, could anyone please let me know these
> -- why does the challenge in OPIE are in predetermined form..
> is it for determining the decryption key for the encrypted passphrase(stored
> in opiekeys).
There is no encryption involved; OPIE is based on a one-way hash
function (usually MD5).
I'm not sure what you mean by "predetermined form", but one of the
features of OPIE is that you should be able to use it even when you
don't have a key calculator, by pre-generating and printing a list of
responses.
> -- is it possible to generate random challenges using opiechallenge
No. There is a random seed, but it remains the same until you either
run out of keys or generate a new series.
> Any pointers/links will be very much helpful.
The opie(4) man page describes the algorithm.
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the freebsd-security
mailing list