Time-based one-time password

Time-based One-time Password Algorithm (TOTP) is an algorithm that computes a one-time password from a shared secret key and the current time. It has been adopted as Internet Engineering Task Force standard RFC 6238,^[1] is the cornerstone of Initiative For Open Authentication (OATH) and is used in a number of two factor authentication systems.

TOTP is an example of a hash-based message authentication code (HMAC). It combines a secret key with the current timestamp using a cryptographic hash function to generate a one-time password. The timestamp typically increases in 30-second intervals, so passwords generated close together in time from the same secret key will be equal.

In a typical two-factor authentication application, user authentication proceeds as follows: a user will enter username and password into a website or other server, generate a one-time password for the server using TOTP running locally on a smartphone or other device, and type that password into the server as well. The server will then also run TOTP to verify the entered one-time password. For this to work, the clocks of the user's device and the server need to be roughly synchronized (the server will typically accept one-time passwords generated from timestamps that differ by ±1 from the client's timestamp). A single secret key, to be used for all subsequent authentication sessions, must have been shared between the server and the user's device over a secure channel ahead of time. If some more steps are carried out, the user can also authenticate the server using TOTP.

Definition

TOTP is based on HOTP with a timestamp replacing the incrementing counter.

The current timestamp is turned into an integer time-counter (TC) by defining the start of an epoch (T0) and counting in units of a time step (TS). For example:

TC = (unixtime(now) - unixtime(T0)) / TS

TOTP = HOTP(SecretKey, TC), where the HOTP algorithm is defined below.

TOTP-Value = TOTP mod 10^d, where d is the desired number of digits of the one-time password.

Let:

K be a secret key
C be a counter
HMAC(K,C) = SHA1(K ⊕ 0x5c5c... ∥ SHA1(K ⊕ 0x3636... ∥ C)) be an HMAC calculated with the SHA-1 cryptographic hash algorithm
Truncate be a function that selects 4 bytes from the result of the HMAC in a defined manner

Then we define

HOTP(K,C) = Truncate(HMAC(K,C)) & 0x7FFFFFFF

The mask is used to disregard the most significant bit to provide better interoperability between processors.^{[citation needed]}

History

A TOTP draft was developed through the collaboration of several OATH members in order to create an industry-backed standard. It complements the event-based one-time standard HOTP and offers end user organizations and enterprises more choice in selecting technologies that best fit their application requirements and security guidelines. In 2008, OATH submitted a draft version of the specification to the IETF. This version incorporates all the feedback and commentary that the authors received from the technical community based on the prior versions submitted to the IETF.^[2] In May, 2011, TOTP officially became RFC 6238.^[1]

Server implementations

Microsoft has implemented TOTP in its "two-step verification".^[3]
Salesforce has implemented TOTP for account access and for step-up authentication when accessing parts of the application that requires high level security session.
Google has implemented TOTP in its Google Authenticator which is the basis of its two-factor authentication.^[4]
Facebook uses TOTP for its "Login approval" and "Code generator".^[5]
Amazon Web Services also supports TOTP for AWS console logins using Amazon Virtual MFA or Google Authenticator.^[6]
Dropbox,^[7] Evernote^{[citation needed]}, Gandi,^[8] GitHub,^[9] LastPass,^[10] Linode,^[11] and WordPress^[12] have enabled the technology for account access.
Hover has enabled the technology for account access.^[13]
LinOTP is open source and supports various TOTP and HOTP client authenticators
OpenAM is an open source Java based Single Sign On server that supports various TOTP and HOTP client authenticators
multiOTP is an opensource PHP implementation for HOTP, TOTP, mOTP and other tokens. It can be used as a command line tool, integrated in a web site, as a web service, as a radius plugin, etc.
XenForo has an add-on to enable the technology for account access.^[14]

Client implementations

Authy, closed source iOS and Android client.
Google Authenticator closed source client for Android, iOS, and BlackBerry, and also PAM module for the server side.
Microsoft's Authenticator, a closed source client for Windows Phone
OATH Toolkit Open source library and command line implementation of client for Linux systems, and also PAM module for the server side.
Red Hat's FreeOTP, a open-source client for Android and iOS.
Salesforce# client for iOS and Android
SailOTP, a free software Sailfish OS client.
Duo Mobile, a client for iOS, Android, BlackBerry, Windows Phone and other mobile platforms, implements TOTP in addition to a proprietary push-based authentication method.

References

^ ^a ^b "RFC 6238 - TOTP: Time-Based One-Time Password Algorithm". Retrieved July 13, 2011.
^ Alexander, Madison. "OATH Submits TOTP: Time-Based One Time Password Specification to IETF". Open Authentication. Retrieved 22 February 2010.
^ "Microsoft Account Gets More Secure". The Official Microsoft Blog. Retrieved 17 April 2013.
^ "google-authenticator – Project Hosting on Google Code". Retrieved 22 February 2010.
^ "Extra security feature". Retrieved 30 January 2014.
^ "AWS Multi-Factor Authentication". Retrieved 6 March 2012.
^ "Another layer of security for your Dropbox account". Retrieved 4 May 2013.
^ "Gandi rolls out two-factor authentication". Retrieved 21 November 2013.
^ "About Two-Factor Authentication". Retrieved 4 September 2013.
^ "Introducing Support for Google Authenticator". Retrieved 4 November 2011.
^ "Linode Manager Two-Step Authentication". Retrieved 2 May 2013.
^ "Two Step Authentication". WordPress. Retrieved 29 January 2014.
^ "Two-step Signin is Here". Retrieved 25 February 2014.
^ "[FreddysHouse] Two-factor Authentication". FreddysHouse. Retrieved 10 February 2014.

External links

[RFC6238-1] "RFC 6238 - TOTP: Time-Based One-Time Password Algorithm". Retrieved July 13, 2011.

[2] Alexander, Madison. "OATH Submits TOTP: Time-Based One Time Password Specification to IETF". Open Authentication. Retrieved 22 February 2010.

[3] "Microsoft Account Gets More Secure". The Official Microsoft Blog. Retrieved 17 April 2013.

[4] "google-authenticator – Project Hosting on Google Code". Retrieved 22 February 2010.

[5] "Extra security feature". Retrieved 30 January 2014.

[6] "AWS Multi-Factor Authentication". Retrieved 6 March 2012.

[7] "Another layer of security for your Dropbox account". Retrieved 4 May 2013.

[8] "Gandi rolls out two-factor authentication". Retrieved 21 November 2013.

[9] "About Two-Factor Authentication". Retrieved 4 September 2013.

[10] "Introducing Support for Google Authenticator". Retrieved 4 November 2011.

[11] "Linode Manager Two-Step Authentication". Retrieved 2 May 2013.

[12] "Two Step Authentication". WordPress. Retrieved 29 January 2014.

[13] "Two-step Signin is Here". Retrieved 25 February 2014.

[14] "[FreddysHouse] Two-factor Authentication". FreddysHouse. Retrieved 10 February 2014.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]