{"draft":"draft-mraihi-oath-hmac-otp-04","doc_id":"RFC4226","title":"HOTP: An HMAC-Based One-Time Password Algorithm","authors":["D. M'Raihi","M. Bellare","F. Hoornaert","D. Naccache","O. Ranen"],"format":["ASCII","HTML"],"page_count":"37","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"IETF - NON WORKING GROUP","abstract":"This document describes an algorithm to generate one-time password\r\nvalues, based on Hashed Message Authentication Code (HMAC).  A\r\nsecurity analysis of the algorithm is presented, and important\r\nparameters related to the secure deployment of the algorithm are\r\ndiscussed.  The proposed algorithm can be used across a wide range of\r\nnetwork applications ranging from remote Virtual Private Network (VPN)\r\naccess, Wi-Fi network logon to transaction-oriented Web applications.\r\n\r\nThis work is a joint effort by the OATH (Open AuTHentication)\r\nmembership to specify an algorithm that can be freely distributed\r\nto the technical community.  The authors believe that a common and\r\nshared algorithm will facilitate adoption of two-factor\r\nauthentication on the Internet by enabling interoperability across\r\ncommercial and open-source implementations. This memo provides information for the Internet community. ","pub_date":"November 2005","keywords":["hashed message authentication code","security analysis","oath","open authentication","authentication","OATH"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC4226","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc4226"}