rfc2289.txt

著名的RFC文档,其中有一些文档是已经翻译成中文的的.

     /* Fold the 160 bit result to 64 bits */
     sha.digest[0] ^= sha.digest[2];
     sha.digest[1] ^= sha.digest[3];
     sha.digest[0] ^= sha.digest[4];

     /*
      * copy the resulting 64 bits to the result buffer in little endian
      * fashion (analogous to the way MD4Final() and MD5Final() do).
      */
     for (i = 0, j = 0; j < 8; i++, j += 4)
     {
             result[j]   = (unsigned char)(sha.digest[i] & 0xff);
             result[j+1] = (unsigned char)((sha.digest[i] >> 8) & 0xff);
             result[j+2] = (unsigned char)((sha.digest[i] >> 16) & 0xff);
             result[j+3] = (unsigned char)((sha.digest[i] >> 24) & 0xff);
     }










Haller                      Standards Track                    [Page 13]

RFC 2289               A One-Time Password System          February 1998


Appendix B   -   Alternative Dictionary Algorithm

   The purpose of alternative dictionary encoding of the OTP one-time
   password is to allow the use of language specific or friendly words.
   As case translation is not always well defined, the alternative
   dictionary encoding is case sensitive.  Servers SHOULD accept this
   encoding in addition to the standard 6-word and hexadecimal
   encodings.


   GENERATOR ENCODING USING AN ALTERNATE DICTIONARY

     The standard 6-word encoding uses the placement of a word in the
     dictionary to represent an 11-bit number. The 64-bit one-time
     password can then be represented by six words.

     An alternative dictionary of 2048 words may be created such that
     each word W and position of the word in the dictionary N obey the
     relationship:

             alg( W ) % 2048 == N
     where
             alg is the hash algorithm used (e.g. MD4, MD5, SHA1).

     In addition, no words in the standard dictionary may be chosen.

     The generator expands the 64-bit one-time password to 66 bits by
     computing parity as with the standard 6-word encoding.  The six 11-
     bit numbers are then converted to words using the dictionary that
     was created such that the above relationship holds.

   SERVER DECODING OF ALTERNATE DICTIONARY ONE-TIME PASSWORDS

     The server accepting alternative dictionary encoding converts each
     word to an 11-bit number using the above encoding. These numbers
     are then used in the same way as the decoded standard dictionary
     words to form the 66-bit one-time password.

     The server does not need to have access to the alternate dictionary
     that was used to create the one-time password it is authenticating.
     This is because the decoding from word to 11-bit number does not
     make any use of the dictionary.  As a result of the independence of
     the dictionary, a server accepting one alternate dictionary accept
     all alternate dictionaries.







Haller                      Standards Track                    [Page 14]

RFC 2289               A One-Time Password System          February 1998


Appendix C  -  OTP Verification Examples

   This appendix provides a series of inputs and correct outputs for all
   three of the defined OTP cryptographic hashes, specifically MD4, MD5,
   and SHA1.  This document is intended to be used by developers for
   interoperability checks when creating generators or servers.  Output
   is provided in both hexadecimal notation and the six word encoding
   documented in Appendix D.

   GENERAL CHECKS

   Note that the output given for these checks is not intended to be
   taken literally, but describes the type of action that should be
   taken.

   Pass Phrase Length

 Input:
   Pass Phrase: Too_short
   Seed: iamvalid
   Count: 99
   Hash: ANY
 Output:
   ERROR:  Pass Phrase too short

 Input:
   Pass Phrase:
     1234567890123456789012345678901234567890123456789012345678901234
   Seed: iamvalid
   Count: 99
   Hash: ANY
 Output:
   WARNING: Pass Phrase longer than the recommended maximum length of
63

Seed Values

 Input:
   Pass Phrase:  A_Valid_Pass_Phrase
   Seed: Length_Okay
   Count: 99
   Hash: ANY
 Output:
   ERROR: Seed must be purely alphanumeric

 Input:
   Pass Phrase:  A_Valid_Pass_Phrase
   Seed: LengthOfSeventeen



Haller                      Standards Track                    [Page 15]

RFC 2289               A One-Time Password System          February 1998


   Count: 99
   Hash: ANY

 Output:
   ERROR: Seed must be between 1 and 16 characters in length

 Input:
   Pass Phrase:  A_Valid_Pass_Phrase
   Seed: A Seed
   Count: 99
   Hash: ANY
 Output:
   ERROR: Seed must not contain any spaces

Parity Calculations

 Input:
   Pass Phrase: A_Valid_Pass_Phrase
   Seed: AValidSeed
   Count: 99
   Hash: MD5
 Output:
   Hex: 85c43ee03857765b
   Six Word(CORRECT):          FOWL KID MASH DEAD DUAL OAF
   Six Word(INCORRECT PARITY): FOWL KID MASH DEAD DUAL NUT
   Six Word(INCORRECT PARITY): FOWL KID MASH DEAD DUAL O
   Six Word(INCORRECT PARITY): FOWL KID MASH DEAD DUAL OAK
























Haller                      Standards Track                    [Page 16]

RFC 2289               A One-Time Password System          February 1998


MD4 ENCODINGS

Pass Phrase     Seed    Cnt Hex                 Six Word Format
========================================================================
This is a test. TeSt     0  D185 4218 EBBB 0B51
                                           ROME MUG FRED SCAN LIVE LACE
This is a test. TeSt     1  6347 3EF0 1CD0 B444
                                           CARD SAD MINI RYE COL KIN
This is a test. TeSt    99  C5E6 1277 6E6C 237A
                                           NOTE OUT IBIS SINK NAVE MODE
AbCdEfGhIjK     alpha1   0  5007 6F47 EB1A DE4E
                                           AWAY SEN ROOK SALT LICE MAP
AbCdEfGhIjK     alpha1   1  65D2 0D19 49B5 F7AB
                                           CHEW GRIM WU HANG BUCK SAID
AbCdEfGhIjK     alpha1  99  D150 C82C CE6F 62D1
                                           ROIL FREE COG HUNK WAIT COCA
OTP's are good  correct  0  849C 79D4 F6F5 5388
                                           FOOL STEM DONE TOOL BECK NILE
OTP's are good  correct  1  8C09 92FB 2508 47B1
                                           GIST AMOS MOOT AIDS FOOD SEEM
OTP's are good  correct 99  3F3B F4B4 145F D74B
                                           TAG SLOW NOV MIN WOOL KENO





























Haller                      Standards Track                    [Page 17]

RFC 2289               A One-Time Password System          February 1998


MD5 ENCODINGS

Pass Phrase     Seed    Cnt Hex                 Six Word Format
========================================================================
This is a test. TeSt     0  9E87 6134 D904 99DD
                                           INCH SEA ANNE LONG AHEM TOUR
This is a test. TeSt     1  7965 E054 36F5 029F
                                           EASE OIL FUM CURE AWRY AVIS
This is a test. TeSt    99  50FE 1962 C496 5880
                                           BAIL TUFT BITS GANG CHEF THY
AbCdEfGhIjK     alpha1   0  8706 6DD9 644B F206
                                           FULL PEW DOWN ONCE MORT ARC
AbCdEfGhIjK     alpha1   1  7CD3 4C10 40AD D14B
                                           FACT HOOF AT FIST SITE KENT
AbCdEfGhIjK     alpha1  99  5AA3 7A81 F212 146C
                                           BODE HOP JAKE STOW JUT RAP
OTP's are good  correct  0  F205 7539 43DE 4CF9
                                           ULAN NEW ARMY FUSE SUIT EYED
OTP's are good  correct  1  DDCD AC95 6F23 4937
                                           SKIM CULT LOB SLAM POE HOWL
OTP's are good  correct 99  B203 E28F A525 BE47
                                           LONG IVY JULY AJAR BOND LEE


SHA1 ENCODINGS

Pass Phrase     Seed    Cnt Hex                 Six Word Format
========================================================================
This is a test. TeSt     0  BB9E 6AE1 979D 8FF4
                                           MILT VARY MAST OK SEES WENT
This is a test. TeSt     1  63D9 3663 9734 385B
                                           CART OTTO HIVE ODE VAT NUT
This is a test. TeSt    99  87FE C776 8B73 CCF9
                                           GAFF WAIT SKID GIG SKY EYED
AbCdEfGhIjK     alpha1   0  AD85 F658 EBE3 83C9
                                           LEST OR HEEL SCOT ROB SUIT
AbCdEfGhIjK     alpha1   1  D07C E229 B5CF 119B
                                           RITE TAKE GELD COST TUNE RECK
AbCdEfGhIjK     alpha1  99  27BC 7103 5AAF 3DC6
                                           MAY STAR TIN LYON VEDA STAN
OTP's are good  correct  0  D51F 3E99 BF8E 6F0B
                                           RUST WELT KICK FELL TAIL FRAU
OTP's are good  correct  1  82AE B52D 9437 74E4
                                           FLIT DOSE ALSO MEW DRUM DEFY
OTP's are good  correct 99  4F29 6A74 FE15 67EC
                                           AURA ALOE HURL WING BERG WAIT





Haller                      Standards Track                    [Page 18]

RFC 2289               A One-Time Password System          February 1998


Appendix D   -   Dictionary for Converting Between 6-Word and Binary Formats

   This dictionary is from the module put.c in the original Bellcore
   reference distribution.

{        "A",     "ABE",   "ACE",   "ACT",   "AD",    "ADA",   "ADD",
"AGO",   "AID",   "AIM",   "AIR",   "ALL",   "ALP",   "AM",    "AMY",
"AN",    "ANA",   "AND",   "ANN",   "ANT",   "ANY",   "APE",   "APS",
"APT",   "ARC",   "ARE",   "ARK",   "ARM",   "ART",   "AS",    "ASH",
"ASK",   "AT",    "ATE",   "AUG",   "AUK",   "AVE",   "AWE",   "AWK",
"AWL",   "AWN",   "AX",   "AYE",   "BAD",   "BAG",   "BAH",   "BAM",
"BAN",   "BAR",   "BAT",   "BAY",   "BE",    "BED",   "BEE",   "BEG",
"BEN",   "BET",   "BEY",   "BIB",   "BID",   "BIG",   "BIN",   "BIT",
"BOB",   "BOG",   "BON",   "BOO",   "BOP",   "BOW",   "BOY",   "BUB",
"BUD",   "BUG",   "BUM",   "BUN",   "BUS",   "BUT",   "BUY",   "BY",
"BYE",   "CAB",   "CAL",   "CAM",   "CAN",   "CAP",   "CAR",   "CAT",
"CAW",   "COD",   "COG",   "COL",   "CON",   "COO",   "COP",   "COT",
"COW",   "COY",   "CRY",   "CUB",   "CUE",   "CUP",   "CUR",   "CUT",
"DAB",   "DAD",   "DAM",   "DAN",   "DAR",   "DAY",   "DEE",   "DEL",
"DEN",   "DES",   "DEW",   "DID",   "DIE",   "DIG",   "DIN",   "DIP",
"DO",    "DOE",   "DOG",   "DON",   "DOT",   "DOW",   "DRY",   "DUB",
"DUD",   "DUE",   "DUG",   "DUN",   "EAR",   "EAT",   "ED",    "EEL",
"EGG",   "EGO",   "ELI",   "ELK",   "ELM",   "ELY",   "EM",    "END",
"EST",   "ETC",   "EVA",   "EVE",   "EWE",   "EYE",   "FAD",   "FAN",
"FAR",   "FAT",   "FAY",   "FED",   "FEE",   "FEW",   "FIB",   "FIG",
"FIN",   "FIR",   "FIT",   "FLO",   "FLY",   "FOE",   "FOG",   "FOR",
"FRY",   "FUM",   "FUN",   "FUR",   "GAB",   "GAD",   "GAG",   "GAL",
"GAM",   "GAP",   "GAS",   "GAY",   "GEE",   "GEL",   "GEM",   "GET",
"GIG",   "GIL",   "GIN",   "GO",    "GOT",   "GUM",   "GUN",   "GUS",
"GUT",   "GUY",   "GYM",   "GYP",   "HA",    "HAD",   "HAL",   "HAM",
"HAN",   "HAP",   "HAS",   "HAT",   "HAW",   "HAY",   "HE",    "HEM",
"HEN",   "HER",   "HEW",   "HEY",   "HI",    "HID",   "HIM",   "HIP",
"HIS",   "HIT",   "HO",   "HOB",   "HOC",   "HOE",   "HOG",   "HOP",
"HOT",   "HOW",   "HUB",   "HUE",   "HUG",   "HUH",   "HUM",   "HUT",
"I",     "ICY",   "IDA",   "IF",    "IKE",   "ILL",   "INK",   "INN",
"IO",    "ION",   "IQ",   "IRA",   "IRE",   "IRK",   "IS",    "IT",
"ITS",   "IVY",   "JAB",   "JAG",   "JAM",   "JAN",   "JAR",   "JAW",
"JAY",   "JET",   "JIG",   "JIM",   "JO",    "JOB",   "JOE",   "JOG",
"JOT",   "JOY",   "JUG",   "JUT",   "KAY",   "KEG",   "KEN",   "KEY",