x99token - X9.9 software token calculator
x99token [-d] [-i] [-k keyfile] [-n count]
The x99token program is a simple X9.9 software token calculator. The token
is initialized by using the -i option. In this mode,
a key. The key consists of 8 bytes encoded in either
hex or octal.
When encoded in hex the key must consist of 16 hex
spaces (e.g., "0123456789abcdef"). When encoded in octal
the key must
consist of 8 3-digit octets, each separated by exactly one
"001 010 100 002 020 200 003 030"). Once the key is entered, a PIN number
is requested. The PIN number is used to perturb the key
before it is
stored in a keyfile. This perturbation is not terribly secure. You
should assume that anyone with access to your keyfile will
also have access
to your key.
When -i is not specified, x99token is in calculator mode.
In this mode
you must enter the same PIN as used in the initialization
step. The PIN
is used to decode the key read from the keyfile. Next you
challenge you have been presented with. The x99token program will provide
you with a response to the challenge. If the -d option
is used, the
response will fold any hex digits to decimal. If a count is
-n, it indicates the number of challenges to predict. The
is always the entered challenge. By default the value
of count is
1, which implies only the entered challenge is resolved.
Future challenges are predicted by the following algorithm:
+o Encrypt the current challenge with the shared secret key
+o AND each byte of the response with 0x0f
+o Modulo each byte by 10 (0x0a)
+o ADD 0x30 (ASCII value of '0') to each byte
The resulting 8 bytes are all ASCII decimal digits and are
challenge. This process may be repeated.
$HOME/.keyfile.des default keyfile
Paul Borman <firstname.lastname@example.org>
This is a very simple-minded program. The keyfile should be
placed on a
floppy disk which is kept physically secure.
Having not read the X9.9 standard, this may not be a complete or accurate
implementation of the standard. This software is provided
AS IS with no
express or implied warranty.
OpenBSD 3.6 August 1, 2001
[ Back ]