An Introduction to TOTP
Many sites supports Two Factor Authentication (2FA) nowadays. Via SMS, or via E-mail, or even via Telephone calls. Some sites goes another way: They use a cryptography based technique: Time-based One-Time Password, or TOTP for abbr.
Comrades in China may familiar with one-time password generators given by their banks, and they may use it when online transactions is on the go. Also, many players login the BattleNet’s platform with an authenticator app, is another typical example of time-based passwords.
Algorithms
TOTP uses the HOTP algorithm, based on respersentation of the counter as a time factor. Both the server and the client compute the TOTP Value. The server checks if the value supplied by the client matches the locally generated one. In order to account for some unexpected latency, servers allow values that should have been generated shortly before or after the current time.
We get $T_0$ for seconds as Unix time which to start counting time steps, and $T_X$ for the interval by seconds used to calculate the value of the counter $C_T$. $T_X$ is a system value and is set to 30 seconds by default.
Basically, we define TOTP as below: $$ f_{TOTP}(k) = f_{HOTP}(k, C_T) $$
The time counter $C_T$ is an integer counting the number or durations, is defined below: $$ C_T=\left\lfloor\frac{T - T_0}{T_X}\right\rfloor $$
$T$ is the current unix timestamp.
Embed it into your own site
Here are many algorithm libraries supports TOTP written in Python, and PyOTP seems to be a handy one. PyOTP supports HOTP and TOTP, with base32 secret generating and compatible QR codes for authenticators.
For example:
totp = pyotp.TOTP('base32secret3232')
totp.now() # => '492039'
# OTP verified for current time
totp.verify('492039') # => True
time.sleep(30)
totp.verify('492039') # => False
Once user enables 2FA, the site provides one QR code with generated secret key. User scan the QR code (or input manually) with authenticator app. The authenticator will start generating and refreshing tokens. Then, user input one generated token to site and site verify it, this step is a chance to check if user has set up his authenticator properly. Finally, user saves his configuration and site will ask him for 2FA token the next time he logs in. As is known that user can backup generated secret key, is very dangerous, for anyone who has stolen one user’s secret key can generate token by himself and user will never know. Sites with 2FA enabled usually provide a very long backup code to restore the account when secret key get lost.
Why TOTP? Pros and Cons
As a really widely used method, the most important advantage is CHEAP. Yes, really cheap. For anyone who wanna embed it to his site, just add packages which supports the algorithms, append the secret key to his database, and updates lines of code to generate & validate tokens, and then, TOTP is supported. For users, just download an authenticator app, scan the QR code, and click ‘save’. Really simple, yes? However, one thing should be noticed that TOTP is not so safe as you think. For, it relies on a pre-shared secret key, and cannot be encrypted on generating tokens, it can be stolen by other people, and he can generate it himself. Another thing is that, generating and verifing functions may select a larger $C_T$, 2 times greater in usual, for time is not always synchronized between server and client, so, token may have a longer life than expected. Also, as we can see, TOTP token is so short (6-digit-long as usual), it can easily be guessed with method of exhaustion. Site holders should set a limited retry times. Compared to SMS one-time passwords which is widely used by Chinese service providers, TOTP requires an application (or a hardware token generator such as YubiKey and the RSA Secure Token). However, SMS is not as secure as concerned. Incidents occurred months ago that SMS was hijacked with pseudo base-station. Short messages are transferred in plain text through the SS7 network, anyone who disguises himself as the real client, accesses the local network and kicks the original user offline will receive the messages to the original user, without decryption. What’s more, the carrier can also access the messages transferred through its service network easily. TOTP tokens are generated offline and transferred through encrypted tunnel (such as TLS), looks safer.
Supported Authenticators
Here are several types of authenticator applications. As a cheap but somehow reliable method, it is widely used. Here is a list of some well-known authenticator applications:
- Google Authenticator
- Micro$oft Authenticator
- Authy
- Yubico Authenticator (YubiKey required)
Also, password managers like Enpass may also support TOTP token generating. User can just save the secret key in password manager, and it can generate and fill in tokens automatically. However, in my opinion, keeping TOTP secret keys with password managers is a terrible way, as an old saying goes: “Don’t put all your eggs in one basket.”. I strongly recommend Yubikey. Although it seems a little expensive ($50), I think it worth such price. Yubikey can be used as an HOTP generator, a key holder with challenge-response mode (like TPM modules), a FIDO U2F authenticator, a PGP smart card, and also hold & generate TOTP tokens with Yubico Authenticator. Both desktop (Windows, macOS and Linux) and mobile device (Android only) with NFC or USB are supported.