[RADIATOR] TOTP Question

Hugh Irvine hugh at open.com.au
Mon Sep 20 03:22:04 CDT 2010


Hello Matthew -

The current implementation conforms to draft-mraihi-totp-timebased-06.txt, 
which has nothing to say about replay attacks (though perhaps it should).

regards

Hugh


On 18 Sep 2010, at 23:12, Matthew Reeves-Hairs wrote:

> Hi,
>   I have notice that with TOTP even with the TimeStep set to 0 it is still possible to use the same otp more once, is this correct?
> 
>   Most time based OTP systems I've used reject the otp if it has already been used and you have to wait for the next time window.
> 
>   Hugh, can you comment on this.
> 
> Regards
> 
> Matthew Reeves-Hairs MBCS
> (CCNA, CCNP, CCDA)
> Director
> 
> Willow ICT Limited
> 13 Willow Close
> Great Hormead
> Hertfordshire, SG9 0NW
> Mobile: +44 (0)7912 202627
> Fax: +44 (0)7092 361501
> matthew.reeves-hairs at willowict.com
> http://www.willowict.com
> <image.png>
> Please consider the environment before printing this email.
> 
> The content of this email and any attachment is private and may be privileged.  If you are not the intended recipient, any use, disclosure, copying or forwarding of this email and/or its attachments is unauthorised.  If you have received this email in error please notify the sender by email and delete this message and any attachments immediately.  Nothing in this email shall bind the Company in any contract or obligation, unless we have specifically agreed to be bound.
> 
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator



NB: 

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets), 
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.





More information about the radiator mailing list