-
Notifications
You must be signed in to change notification settings - Fork 5
Frequently Asked Questions
The et-otp soft token will not only calculate the current (larger font) code and mark it for copy'n'paste, but it will also calculate the next iteration of the code. Some servers can send you back the next code in order to allow you to verify, that you are actually talking to a legit server. This is a RFC recommended option (however no server is known to do that).
The et-otp soft token currently generates 6-digit decimal response codes for the HMAC-SHA1 algorithm with 20bytes secrets in BASE32 format. I uses 30seconds interval times since Unix-epoch (T0=0). It uses dynamic offset for truncation. HOTP is used with a 8byte moving factor (long counter). This is the RFC6238 default and compatible with Amazon MFA.
When you enter a BASE32 encoded secret on the settings screen of the et-otp soft token, it will be parsed into a 20 byte array. This array will be encrypted with AES-128. They key for the AES encryption is derived with the PBKDF2 (PKCS#5 v2) key strengthening method. A 8-byte random salt (SHA1PRNG), 1000 iterations and the PRNG HmacSHA1 is used. The salt and the encrypted secret are stored as BASE32 strings in a text file.
The et-otp soft token uses AES-128, because this key length is available on a normal JRE installation and does not require a special policy to be installed. Since the secret key for this operation is created from a password, it is unlikely that more entropy than 128bit will be available anyway. Besides, AES-256 has lousy key scheduling.
Not at all. There is no machanism to bind the Key to the hardware, the settings file can be copied freely. I plan to add support for Microsoft DPAPI with the help of jdpapi on Windows and perhaps even use a TPM stored secret. However I think reliable hardware binding is not possible with soft tokens (if the crypto primitive is not supported by the TPM).