Beefy Boxes and Bandwidth Generously Provided by pair Networks
P is for Practical
 
PerlMonks  

Re: OTP (S/Key) implementation using just numbers

by jeroenes (Priest)
on Jun 13, 2001 at 18:45 UTC ( #88069=note: print w/replies, xml ) Need Help??


in reply to OTP (S/Key) implementation using just numbers

A few comments:
  1. OTP may not be secure if you use small 'pads' or numbers (like less than 1000 chars). Weigh security against userfriendliness. PGP can compensate for too small info.
  2. I don't think I have to mention that security is as strong as the weakest link, but just to be sure.
  3. Chars are easy to convert to numbers, eg see CGIPack.
  4. Or if you have 8 chars in the 0-255 ASCII range, just use pack/unpack once (quad integer, 64 bit platforms) or twice (long integer). If you have an 8-digit integer, short is enough.

Hope this helps,

Jeroen
"We are not alone"(FZ)

  • Comment on Re: OTP (S/Key) implementation using just numbers

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://88069]
help
Chatterbox?
[1nickt]: Good morning Monks and Monkettes!
[1nickt]: I have encountered a small code snippet I can not decipher: if ($?) { my $status = $? >> 8; ... }
[1nickt]: Hm, found the doc
[hippo]: >> is the bitwise shift, essentially divides the result by 256.
[haukex]: $? and system - the exit code of a process is stored in the upper bits of $?, so >> 8 does a bit shift to get at it
[hippo]: (truncating)
[erix]: aah, yes haukex++
[hippo]: Re: DBD::Sqlite queries slow - and gives wrong results has 6 upvotes. Is everyone quite well?

How do I use this? | Other CB clients
Other Users?
Others pondering the Monastery: (8)
As of 2017-12-13 11:34 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    What programming language do you hate the most?




















    Results (358 votes). Check out past polls.

    Notices?