[RADIATOR-ANNOUNCE] OATH One-Time-Password support update

Mike McCauley mikem at open.com.au
Thu Oct 28 19:14:28 CDT 2010


We are pleased to announce successful testing of Radiator with a range of OATH
based One-Time-Password hardware tokens and soft tokens.

OATH is an open specification for One-Time-Passwords (OTP) developed by the
Initiative for Open Authentication (http://www.openauthentication.org). It
includes public, open specifications for event based authentication (HOTP) and
time-based authentication (TOTP), both using the public and well regarded SHA
encryption standards. 

With Event-Based tokens (HOTP), a new OTP is generated each time you press a
button or activate the token. With Time-Based tokens (TOTP), a new OTP is
generated automatically every 30 seconds.

OATH is designed to be used on both hardware tokens (a small device you carry
in your pocket which displays the OTP), and also on soft tokens (small
programs which run on your mobile phone or PC). There are a number of
commercial hardware tokens and both free and commercial soft tokens available
from a range of vendors.

Radiator RADIUS Server has supported the HOTP and TOTP specifications since
very soon after their publication and a number of customers are now using them
in production. Radiator's HOTP and TOTP support is flexible and highly 
configurable and works with any OATH compatible hard or soft token. See 
AuthBy SQLHOTP and AuthBy SQLTOTP modules included in the Radiator 
distribution.

Some of the OATH compatible hardware tokens currently available include:

Feitain http://www.ftsafe.com OTP C200, ORP C200, OTP C300 Tokens
Vasco (http://www.casco.com) GO6 (HOTP) Event-based Token

Some of the OATH compatible soft tokens currently available include:

Google Authenticator for iPhone, Andrioid and Blckberry
OATH Token for iPhone
iOATH Token for iPhone
DS3  Oath for iPhone
Pledge Token for iPhone, Android, WindowsMobile, BlackBerry, JavaPhone
Android Token  for Android
Mobile-OTP Token for JavaPhones, WindowsMobile, iPhone, Blackberry, Android
iOTP Token for iPhone

The Google Authenticator is particularly recommended, since it supports
multiple time and event based soft tokens at the same time, and provides for
secret key importing through the use of barcodes, and is available on a wide
range of devices. And its free of cost!

The availability of free or inexpensive OATH based soft tokens on ubiquitous
devices such as iPhone, driven by the use of open specification
One-Time-Password protocols means that organizations can now deploy highly
secure, flexible One-Time-Password systems for much less cost than was
previously possible. The days of expensive tokens that must be sourced,
stocked and replaced periodically or which can get lost, broken or their
batteries discharge, along with their expensive authentication software are
now gone.

Open System Consultants and Radiator are pleased to be involved in this
revolution in secure one-time-password systems. 



-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd
9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
Phone +61 7 5598-7474                       Fax   +61 7 5598-7070

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.


More information about the radiator-announce mailing list