If you like this video and want to support me, go this page for my donation crypto addresses:
https://www.youtube.com/c/mobilefish/about
This is part 34 of the IOTA tutorial.
In this video series different topics will be explained which will help you to understand IOTA.
It is recommended to watch each video sequentially as I may refer to certain IOTA topics explained earlier.
In this tutorial I will explain in detail how the Time-based One-time Password algorithm works.
This tutorial is not specific IOTA related.
It is intended for developers who wants to understand how the Time-based One-time Password algorithm works.
The Time-based One-time Password algorithm generates single use passwords, also known as tokens, which are only valid for a certain time period.
Often this time period is 60 seconds.
These generated tokens are based on a shared secret key.
The Time-Based One-Time Password algorithm was published as RFC 6238 by the Internet Engineering Task Force (IETF).
See: https://tools.ietf.org/html/rfc6238
In RFC 6238 a Java reference Time-based One-time Password algorithm can be found.
See also: https://www.mobilefish.com/download/java/TOTP.java
The Time-based One-time Password algorithm is an extension of the HMAC-Based One-Time Password (HOTP) algorithm, which was published as RFC 4226 by the IETF.
The HMAC-Based One-Time Password defines an algorithm to create an one time password from a shared secret key and a counter.
See: https://tools.ietf.org/html/rfc4226
When 2FA is enabled on the Trinity wallet, it first generates a shared secret key.
You must write down this shared secret key and safely store it.
Usually this shared secret key with additional information is embedded in a QR code which you can scan by a 2FA app such as the Google Authenticator.
After the QR code is scanned the Google Authenticator generates a token which is a unique code, based on the shared secret key and the current time.
Lets assume you are currently in Beijing (China).
The local Beijing date and time is 4 December 2018, 20:24:20 (UTC+8).
The date and time at that moment at 0 degree longitude meridian is 4 December 2018, 12:24:20.
UTC stands for Coordinated Universal Time and is the time at the 0 degree longitude meridian (Prime Meridian).
Convert this date and time (4 December 2018, 12:24:20) to Unix Epoch Time.
Instead of Unix Epoch Time we can also say Unix Time (Tunix).
Unix Epoch Time is the number of seconds that have elapsed since, 1 January 1970 00:00:00 UTC, not counting leap seconds.
If the date and time at 0 degree longitude meridian is 4 December 2018, 12:24:20 than Tunix = 1543926260 sec
Equation: N = floor(Tunix / ts)
N = number of time steps which have been elapsed since Unix Epoch Time.
floor = function which rounds a number downward to its nearest integer.
Tunix = number of seconds that have elapsed since, 1 January 1970 00:00:00 UTC, not counting leap seconds.
ts = time step. By default the time step is 30 sec.
Convert the number of time steps (N) into a hexadecimal value.
The hexadecimal value must have 16 hexadecimal characters (=8 bytes).
If not, prepend with 0’s.
Convert the hexadecimal value into a 8 bytes array and assign this value to variable m (=message).
Convert the shared secret key into a 20 bytes array and assign this value to variable K.
The shared secret key is a randomly generated 20 bytes number which is base-32 encoded.
For readability this key is divided in groups of 4 characters and all in lower case.
More information about base-32, see Blockchain tutorial 31:
https://youtu.be/Va8FLD-iuTg
Calculate the HMAC hash using the HMAC-SHA1 algorithm.
More information about HMAC, see Blockchain tutorial 30:
https://youtu.be/emBgrRIyyWQ
This HMAC hash size is 160 bits (=20 bytes).
Get the last 4 bits of this hash value and get its integer value.
In this example, the last 4 bits is 0xA which represents integer 10.
This integer is called the offset.
Starting from the offset, get the first 4 bytes from the HMAC hash.
Apply a binary operation for each byte.
Convert this binary value to an integer
Calculate the Token = integer value % 10^n
where n is the token size.
If the token size is less than n, prefix with 0’s.
Every 30 seconds a new token is generated.
But a token remains valid for 60 seconds.
An online Time-based One-time Password generator can be found at:
https://www.mobilefish.com/services/cryptocurrency/totp.html
WARNING: DO NOT USE THIS TOOL TO GENERATE YOUR TOKENS. IT IS ONLY INTENDED FOR EDUCATIONAL, TEST OR DEMONSTRATION PURPOSES.
Check out all my other IOTA tutorial videos:
https://www.youtube.com/playlist?list=PLmL13yqb6OxdIf6CQMHf7hUcDZBbxHyza
Subscribe to my YouTube channel:
https://www.youtube.com/channel/UCG5_CT_KjexxjbgNE4lVGkg?sub_confirmation=1
The presentation used in this video tutorial can be found at:
https://www.mobilefish.com/developer/iota/iota_quickguide_tutorial.html
#mobilefish #howto #iota
Related Post:
- ले गया अपने साथ ही Password | Cryptocurrency CEO Gone with 200 Million Worth Password || ARF 89
- DigiByte (DGB) Releases First Blockchain-Based Password Manager!!!
- IOTA Explained | What is IOTA | Price Prediction IOTA | IOTA Tangle |IOTA 2019 2023
- WSense – IOTA Demo – Underwater IoT solution based on IOTA at AquaNor2019
- CSC VLE जल्दी से देखिये !Pmgdisha student को BCC में Login कैसे करें! और ID & password कैसे मिलेगा!
- i lost my bitshares password on bitshares.openledger.info with 3,5 BTC
- ? CRYPTO CONNIE discusses the recent PASSWORD TRAGEDY!
- Steemit Password Recovery Application!
- Reset your bitsolive password # Buxcoin # Cashfinex # Cryptocurrency
- Lost Your Tezos Password? A 2 minute cryptography lesson.
