Date: Tue, 08 Jul 2008 13:22:49 +0200 From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> To: "Ivan Grover" <ivangrvr299@gmail.com> Cc: freebsd-security@freebsd.org Subject: Re: OPIE Challenge sequence Message-ID: <86abgs7h86.fsf@ds4.des.no> In-Reply-To: <670f29e20807080316s6cf57612jf5135bfd340e3328@mail.gmail.com> (Ivan Grover's message of "Tue\, 8 Jul 2008 15\:46\:37 %2B0530") References: <670f29e20807080316s6cf57612jf5135bfd340e3328@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
"Ivan Grover" <ivangrvr299@gmail.com> writes: > Iam trying to choose OPIE as my OTP implementation for authenticating the > clients. I have the following queries, could anyone please let me know th= ese > -- why does the challenge in OPIE are in predetermined form.. > is it for determining the decryption key for the encrypted passphrase(sto= red > in opiekeys). There is no encryption involved; OPIE is based on a one-way hash function (usually MD5). I'm not sure what you mean by "predetermined form", but one of the features of OPIE is that you should be able to use it even when you don't have a key calculator, by pre-generating and printing a list of responses. > -- is it possible to generate random challenges using opiechallenge No. There is a random seed, but it remains the same until you either run out of keys or generate a new series. > Any pointers/links will be very much helpful. The opie(4) man page describes the algorithm. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86abgs7h86.fsf>