S/Key (RFC 2289, 1998)
Last updated
Last updated
Authentication credentials.
A password (pwd).
The authenticator knows.
The last used one-time password (OTP).
The last used OTP index.
Defines an order among consecutive OTPs.
A seed value for each person’s OTPs.
The seed is similar to a UNIX salt.
The authenticator defines a random seed.
The person generates an initial OTP as:
Some S/Key versions also use MD5 or SHA-1.
The authenticator stores seed, n and OTPn as authentication credentials
The authenticator sends the seed and index of the person.
They act as a challenge.
The person generates index-1 OTPs in a row.
And selects the last one as a result.
result = OPT_(index-1).
The authenticator computes h(result) and compares the result with the stored OPT_index.
If they match, the authentication succeeds.
Upon success, stores the recently used index & OTP.
index-1 and OPT_(index-1).
Users' passwords are unknown to authenticators.
OTPs can be used as ordinary passwords.
People need an application to compute OTPs.
Passwords can be derived using dictionary attacks.
From data stored in authenticators.
From captured protocol runs.