INTERNET DRAFT Philip J. Nesser II draft-ietf-otp-ver-01.txt Nesser & Nesser Consulting January, 1997 OTP Verification Examples STATUS OF THIS MEMO This document is an Internet Draft. Internet Drafts are working documents of the Internet Engineering Task Force (IETF), its Areas and Working Groups. Note that other groups may also distribute working documents as Internet Drafts. Internet Drafts are draft documents valid for a maximum of six months. Drafts may be updated, replaced, or obsoleted by other documents at any time. It is not appropriate to use Internet Drafts as reference material or to cite them other than as a "working draft" or "work in progress." To learn the current status of any Internet Draft, please check the 1id-abstracts.txt listing contained in the Internet-Drafts Shadow Directories on ftp.is.co.za (Africa), ds.internic.net (US East Coast), nic.nordu.net (Europe), ftp.isi.com (US West Coast), or munnari.oz.au (Pacific Rim). The distribution of this Internet Draft is unlimited. It is filed as and it expires on May 21, 1997. 1.0 ABSTRACT This document provides a series of inputs and correct outputs for all three of the defined OTP cryptographic hashes, specifically MD4, MD5, and SHA1. This document is intended to be used by developers for interoperability checks when creating generators or servers. Output is provided in both hexadecimal notation and the six word encoding documented in Appendix C. 2.0 GENERAL CHECKS Note that the output given for these checks is not intended to be taken literally, but describes the type of action that should be taken. 2.1 Pass Phrase Length Input: Pass Phrase: Too_short Seed: iamvalid Count: 99 Hash: ANY Output: ERROR: Pass Phrase too short Input: Pass Phrase: 1234567890123456789012345678901234567890123456789012345678901234 Seed: iamvalid Count: 99 Hash: ANY Output: WARNING: Pass Phrase longer than the recommended maximum length of 63 2.2 Seed Values Input: Pass Phrase: A_Valid_Pass_Phrase Seed: Length_Okay Count: 99 Hash: ANY Output: ERROR: Seed must be purely alphanumeric Input: Pass Phrase: A_Valid_Pass_Phrase Seed: LengthOfSeventeen Count: 99 Hash: ANY Output: ERROR: Seed must be between 1 and 16 characters in length Input: Pass Phrase: A_Valid_Pass_Phrase Seed: A Seed Count: 99 Hash: ANY Output: ERROR: Seed must not contain any spaces 2.3 Parity Calculations Input: Pass Phrase: A_Valid_Pass_Phrase Seed: AValidSeed Count: 99 Hash: MD5 Output: Hex: 85c43ee03857765b Six Word(CORRECT): FOWL KID MASH DEAD DUAL OAF Six Word(INCORRECT PARITY): FOWL KID MASH DEAD DUAL NUT Six Word(INCORRECT PARITY): FOWL KID MASH DEAD DUAL O Six Word(INCORRECT PARITY): FOWL KID MASH DEAD DUAL OAK 3.0 MD4 Encodings Pass Phrase Seed Cnt Hex Six Word Format ======================================================================== This is a test. TeSt 0 D185 4218 EBBB 0B51 ROME MUG FRED SCAN LIVE LACE This is a test. TeSt 1 6347 3EF0 1CD0 B444 CARD SAD MINI RYE COL KIN This is a test. TeSt 99 C5E6 1277 6E6C 237A MART AVE BABE TEET BARR FLUB AbCdEfGhIjK alpha1 0 5007 6F47 EB1A DE4E AWAY SEN ROOK SALT LICE MAP AbCdEfGhIjK alpha1 1 65D2 0D19 49B5 F7AB CHEW GRIM WU HANG BUCK SAID AbCdEfGhIjK alpha1 99 D150 C82C CE6F 62D1 ROIL FREE COG HUNK WAIT COCA OTP's are good correct 0 849C 79D4 F6F5 5388 FOOL STEM DONE TOOL BECK NILE OTP's are good correct 1 8C09 92FB 2508 47B1 GIST AMOS MOOT AIDS FOOD SEEM OTP's are good correct 99 3F3B F4B4 145F D74B TAG SLOW NOV MIN WOOL KENO 4.0 MD5 Encodings Pass Phrase Seed Cnt Hex Six Word Format ============================================================================ This is a test. TeSt 0 9E87 6134 D904 99DD INCH SEA ANNE LONG AHEM TOUR This is a test. TeSt 1 7965 E054 36F5 029F EASE OIL FUM CURE AWRY AVIS This is a test. TeSt 99 50FE 1962 C496 5880 BAIL TUFT BITS GANG CHEF THY AbCdEfGhIjK alpha1 0 8706 6DD9 644B F206 FULL PEW DOWN ONCE MORT ARC AbCdEfGhIjK alpha1 1 7CD3 4C10 40AD D14B FACT HOOF AT FIST SITE KENT AbCdEfGhIjK alpha1 99 5AA3 7A81 F212 146C BODE HOP JAKE STOW JUT RAP OTP's are good correct 0 F205 7539 43DE 4CF9 ULAN NEW ARMY FUSE SUIT EYED OTP's are good correct 1 DDCD AC95 6F23 4937 SKIM CULT LOB SLAM POE HOWL OTP's are good correct 99 B203 E28F A525 BE47 LONG IVY JULY AJAR BOND LEE 5.0 SHA1 Encodings Pass Phrase Seed Cnt Hex Six Word Format ============================================================================= This is a test. TeSt 0 BB9E 6AE1 979D 8FF4 MILT VARY MAST OK SEES WENT This is a test. TeSt 1 63D9 3663 9734 385B CART OTTO HIVE ODE VAT NUT This is a test. TeSt 99 87FE C776 8B73 CCF9 GAFF WAIT SKID GIG SKY EYED AbCdEfGhIjK alpha1 0 7B4C 5831 CCED CD36 LEST OR HEEL SCOT ROB SUIT AbCdEfGhIjK alpha1 1 D07C E229 B5CF 119B RITE TAKE GELD COST TUNE RECK AbCdEfGhIjK alpha1 99 27BC 7103 5AAF 3DC6 MAY STAR TIN LYON VEDA STAN OTP's are good correct 0 D51F 3E99 BF8E 6F0B RUST WELT KICK FELL TAIL FRAU OTP's are good correct 1 82AE B52D 9437 74E4 FLIT DOSE ALSO MEW DRUM DEFY OTP's are good correct 99 4F29 6A74 FE15 67EC AURA ALOE HURL WING BERG WAIT 6.0 Security Considerations The whole concept of OTP's are part of a security system, however this document does not deal with any security issues. 7.0 References [1] Haller, N., "The S/KEY One-Time Password System", RFC 1760, Bellcore, February 1995. [2] Haller, N., Metz, C., "A One-Time Password System", RFC 1938, May 1996. [3] Rivest, R., "The MD4 Message-Digest Algorithm, RFC 1320", MIT and RSA Data Security, Inc., April 1992. [4] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, MIT and RSA Data Security, Inc., April 1992. [5] National Institute of Standards and Technology (NIST), "Announcing the Secure Hash Standard", FIPS 180-1, U.S. Department of Commerce, April 1995. 8.0 Author's Address Philip J. Nesser II Nesser & Nesser Consulting 13501 100th Ave NE Suite 5202 Kirkland, WA 98034 Phone: +1 206 481 4303 EMail: pjnesser@martigny.ai.mit.edu