{"id":6669,"date":"2020-06-17T11:02:27","date_gmt":"2020-06-17T08:02:27","guid":{"rendered":"https:\/\/www.protectimus.com\/blog\/?p=6669"},"modified":"2020-06-17T11:47:29","modified_gmt":"2020-06-17T08:47:29","slug":"ocra-algorithm-explained","status":"publish","type":"post","link":"https:\/\/www.protectimus.com\/blog\/ocra-algorithm-explained\/","title":{"rendered":"OCRA Algorithm Explained"},"content":{"rendered":"\n<p>OCRA, or OATH challenge-response algorithm is the most reliable multi-factor authentication algorithm yet. OCRA algorithm is proved to be the safest one created by the <a href=\"https:\/\/openauthentication.org\/\" target=\"_blank\" rel=\"noreferrer noopener\">OATH<\/a> (OpenAuTHentication initiative) as it allows a challenge input to be used for one-time passcode generation alongside the secret key (seed) and a counter or time.&nbsp;<\/p>\n\n\n\n<p>The key difference of the challenge-response authentication algorithm from the older OATH algorithms HOTP and TOTP is the capability to identify the server. The end-user can be assured in the server authenticity, which significantly adds to the security.<\/p>\n\n\n\n<p>OCRA token is usually a keypad-style device or an app. As OCRA meaning might suggest, the algorithm utilizes a certain challenge and a response to it. So a notional challenge-response example would look something like this:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>the website or app, a client tries to log into, provides a code (this will be the challenge)<\/li><li>the client needs to enter this code into the token<\/li><li>which in its turn returns another code (this will be the response)<\/li><li>the client then enters this response code to login.<\/li><\/ul>\n\n\n\n<p>In this article, we will take a closer look at OCRA and its background, see in detail how it works and find out how Protectimus implements it.<\/p>\n\n\n\n<h2 class=\"has-text-align-left wp-block-heading\"><strong>OCRA Background \u2014 HOTP &amp; TOTP<\/strong><\/h2>\n\n\n\n<p>The challenge-response algorithm can be identified as an advanced HOTP, the logical next stage of its evolution. Here, instead of employing a counter like it&#8217;s done in HOTP, we can employ any data (including the time like in TOTP) as an authentication challenge.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">HOTP<\/h3>\n\n\n\n<p>OATH has been working on OTP algorithms since 2004. The initial outcome of those efforts was the Hash-based Message Authentication Code OTP algorithm \u2014 HOTP, published as an IETF (Internet Engineering Task Force) project in 2005.<\/p>\n\n\n\n<p>HOTP algorithm allows generating one-time passwords by utilizing a secret key and a counter. The token\u2019s counter scales up each time the button on the device is clicked, the server counter scales up with each validated OTP.&nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large shadow-img\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-6685\" src=\"https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2020\/06\/HOTP-algorythm-explained.jpg\" alt=\"HOTP algorithm\" width=\"590\" height=\"254\" srcset=\"https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2020\/06\/HOTP-algorythm-explained.jpg 650w, https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2020\/06\/HOTP-algorythm-explained-300x129.jpg 300w, https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2020\/06\/HOTP-algorythm-explained-610x263.jpg 610w\" sizes=\"auto, (max-width: 590px) 100vw, 590px\" \/><\/figure>\n<\/div>\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>We\u2019ve already published an <a href=\"https:\/\/www.protectimus.com\/blog\/hotp-algorithm\/\">article on HOTP<\/a>, so we won\u2019t delve into details here. Suffice to say \u2014 the algorithm had a few drawbacks, plus the technology evolves very fast so new security challenges arise fast as well. So OATH continued its work in pursuit of the most trustworthy verification method.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">TOTP<\/h3>\n\n\n\n<p>The next expansion was put out in 2008. Unlike HOTP, the new method, named Time-based One Time Password or <a href=\"https:\/\/en.wikipedia.org\/wiki\/Time-based_One-time_Password_algorithm\" target=\"_blank\" rel=\"noreferrer noopener\">TOTP<\/a> for short, does not utilize a counter for the server-user synchronization but generates a password based on the current time. The advantage of the TOTP password is a limited lifetime, usually 30-60 seconds.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large shadow-img\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-6670\" src=\"https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2020\/06\/TOTP-algorythm-explained.jpg\" alt=\"\" width=\"590\" height=\"254\" srcset=\"https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2020\/06\/TOTP-algorythm-explained.jpg 650w, https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2020\/06\/TOTP-algorythm-explained-300x129.jpg 300w, https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2020\/06\/TOTP-algorythm-explained-610x263.jpg 610w\" sizes=\"auto, (max-width: 590px) 100vw, 590px\" \/><\/figure>\n<\/div>\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>The end-user\u2019s TOTP token has a secret key and the current time value, these two are hashed with any hash function and the result hash value is truncated, that\u2019s how we get a one-time password that should be sent to the server. The server in its turn has the same secret key as the user\u2019s token and, naturally, the same time value. So the server makes the same calculations and compares the end values.<\/p>\n\n\n\n<p><span style=\"color: #ff0000;\">| Read also:<\/span> <a href=\"https:\/\/www.protectimus.com\/blog\/time-drift-in-totp-hardware-tokens\/\">Time Drift in TOTP Hardware Tokens Explained and Solved<\/a><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">OCRA<\/h3>\n\n\n\n<p>Finally, in 2010 the OCRA authentication was presented in IETF RFC 6287. OCRA algorithm expanded TOTP further by introducing the challenge-response mode to calculate OTP values. The key difference of the challenge-response authentication from the older methods of authentication is the capability to identify the server. With the challenge security the end-user can be assured in the server authenticity, which adds to the security significantly.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large shadow-img\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-6672\" src=\"https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2020\/06\/OCRA-algorythm-explained.jpg\" alt=\"OCRA algorithm\" width=\"590\" height=\"254\" srcset=\"https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2020\/06\/OCRA-algorythm-explained.jpg 650w, https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2020\/06\/OCRA-algorythm-explained-300x129.jpg 300w, https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2020\/06\/OCRA-algorythm-explained-610x263.jpg 610w\" sizes=\"auto, (max-width: 590px) 100vw, 590px\" \/><\/figure>\n<\/div>\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<h2 class=\"has-text-align-left wp-block-heading\"><strong>How OCRA algorithm works<\/strong><\/h2>\n\n\n\n<p>As you\u2019ve seen in the OCRA algorithm example at the beginning of the article, the OCRA login requires a client\u2019s input before producing an OTP. According to IETF, this input can be any variable data agreed upon by both parties (token and server): a counter as in HOTP, a timestamp like in TOTP, a PIN, a word, a session identifier, even a question-answer pair. This input parameter also has to announce which data and which hash functions are being in use, so there\u2019s a header incorporated with the data. If you are interested, you can see a more specific challenge-response authentication example at the <a href=\"https:\/\/tools.ietf.org\/html\/rfc6287\" target=\"_blank\" rel=\"noreferrer noopener\">OCRA RFC 6287<\/a>.<\/p>\n\n\n\n<p>We\u2019ve already mentioned the most important difference of OCRA &#8211; while in both HOTP and TOTP only the server has the ability to prove true the user&#8217;s identity, the other way around is not possible. The OCRA OATH challenge-response algorithm allows the verification to go both ways. OCRA simply permits the end-user to issue a challenge for the server. So, with the mutual mode two separate calculations happen, one client-&gt;server, and one server-&gt;client.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large shadow-img\"><img loading=\"lazy\" decoding=\"async\" width=\"590\" height=\"200\" class=\"wp-image-6673\" src=\"https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2020\/06\/OCRA-algorithm.jpg\" alt=\"OCRA algorithm explained\" srcset=\"https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2020\/06\/OCRA-algorithm.jpg 590w, https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2020\/06\/OCRA-algorithm-300x102.jpg 300w\" sizes=\"auto, (max-width: 590px) 100vw, 590px\" \/><\/figure>\n<\/div>\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>Finally, there\u2019s a \u201cplain signature mode\u201d, this one does not require a shared seed, so any user can sign it. The server provides a challenge, a user needs only to sign and send the response back. This mode is handy for tracking, but can be coupled with the common challenge-response thus creating a so-called \u201csignature with server authentication mode\u201d.<\/p>\n\n\n\n<p><span style=\"color: #ff0000;\">| Read also:<\/span> <a href=\"https:\/\/www.protectimus.com\/blog\/2fa-security-flaws\/\">2FA Security Flaws You Should Know About<\/a><\/p>\n\n\n\n<h2 class=\"has-text-align-left wp-block-heading\"><strong>Transaction data signing<\/strong><\/h2>\n\n\n\n<p>More advanced use of OCRA is the transaction data signing method. Here the client can verify and confirm a transaction by confirming certain details of it. Things like the recipient&#8217;s account number, currency, and amount, can be used to verify a financial operation with this method.<\/p>\n\n\n\n<p>Using this approach we created the Protectimus Confirm What You See (CWYS) data signing function. With CWYS the OTPs are created using the data of the user\u2019s current transaction or operation. For example, a user needs to transfer a significant sum of money. When the transaction is created the user\u2019s protected system (bank website or app) sends a data signing request and Protectimus CWYS provides a QR code, which the user scans and checks if the displayed data is matching (this can be the sum, the currency, the account data, etc.). If everything looks ok the user enters the OTP provided by their token to confirm the transaction. Here\u2019s a more<a href=\"https:\/\/www.protectimus.com\/blog\/detailed-information-on-data-signing\/\"> detailed description<\/a> and you can try how a challenge-response protocol example works at this <a href=\"https:\/\/www.protectimus.com\/demo\/\">demo page<\/a>.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large shadow-img\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"458\" class=\"wp-image-6674\" src=\"https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2020\/06\/Transaction-data-signing-demo.gif\" alt=\"Transaction data signing\"><\/figure>\n<\/div>\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>This method is second to none in preventing phishing attacks, banking Trojans, injection and<a href=\"https:\/\/www.protectimus.com\/blog\/mitm-prevention-and-detection\/\"> man-in-the-middle assaults<\/a>, and<a href=\"https:\/\/www.protectimus.com\/blog\/keylogger\/\"> password interception<\/a>.<\/p>\n\n\n\n<p><span style=\"color: #ff0000;\">| Read also:<\/span> <a href=\"https:\/\/www.protectimus.com\/blog\/protectimus-mfa-financial-services\/\">Best Protectimus MFA Features for Financial Services Cybersecurity<\/a><\/p>\n\n\n\n<h2 class=\"has-text-align-left wp-block-heading\"><strong>Protectimus OCRA tokens<\/strong><\/h2>\n\n\n<table class=\"has-fixed-layout\">\n<tbody>\n<tr>\n<td width=\"50%\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-389 size-full\" src=\"https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2015\/07\/protectimus-smart-token-en.jpg\" alt=\"Software OTP token Protectimus SMART\" width=\"497\" height=\"400\" srcset=\"https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2015\/07\/protectimus-smart-token-en.jpg 497w, https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2015\/07\/protectimus-smart-token-en-300x241.jpg 300w\" sizes=\"auto, (max-width: 497px) 100vw, 497px\" \/><\/td>\n<td><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-391 size-full\" src=\"https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2015\/07\/protectimus-ultra-token-en.jpg\" alt=\"OCRA token Protectimus ULTRA\" width=\"487\" height=\"400\" srcset=\"https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2015\/07\/protectimus-ultra-token-en.jpg 487w, https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2015\/07\/protectimus-ultra-token-en-300x246.jpg 300w\" sizes=\"auto, (max-width: 487px) 100vw, 487px\" \/><\/td>\n<\/tr>\n<tr>\n<td>\n<p style=\"text-align: center;\"><strong>Protectimus Smart OTP<br><\/strong><\/p>\n<\/td>\n<td>\n<p style=\"text-align: center;\"><strong>Protectimus Ultra<br><\/strong><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td valign=\"top\">\n<p>An OATH OCRA token has to be able to run the OCRA functionality, obviously. And the ability to visualize the data is another requirement if you are looking for the full capacity of CWYS. Currently, the best choice among Protectimus OCRA tokens is the app&nbsp;<a href=\"https:\/\/www.protectimus.com\/protectimus-smart\/\" target=\"_blank\" rel=\"noopener noreferrer\">Protectimus Smart<\/a>. Here the OCRA token activation takes mere seconds, all the tokens created with the app support the CWYS function, and the app is absolutely free of charge.<\/p>\n<\/td>\n<td valign=\"top\">\n<p>A hardware token that supports the OCRA algorithm is&nbsp;<a href=\"https:\/\/www.protectimus.com\/protectimus-ultra\/\" target=\"_blank\" rel=\"noopener noreferrer\">Protectimus Ultra<\/a>. Being a hardware token this one is considered to be more secure, since it does not have any network connections. But this token can not visualize the data as the app does. And it\u2019s available for order from 500 pieces only.<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n\n\n<h2 class=\"has-text-align-left wp-block-heading\"><strong>Read more<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li><a href=\"https:\/\/www.protectimus.com\/blog\/active-directory-two-factor-authentication\/\">Active Directory Two-Factor Authentication<\/a><\/li><li><a href=\"https:\/\/www.protectimus.com\/blog\/two-factor-authentication-solutions-comparison-google-authenticator-vs-protectimus\/\">Two-Factor Authentication Solutions Comparison: Google Authenticator vs. Protectimus<\/a><\/li><li><a href=\"https:\/\/www.protectimus.com\/blog\/duo-vs-protectimus\/\">Duo Security vs Protectimus<\/a><\/li><li><a href=\"https:\/\/www.protectimus.com\/blog\/two-factor-authentication-for-windows\/\">Two-factor authentication for Windows 7, 8, 10<\/a><\/li><li><a href=\"https:\/\/www.protectimus.com\/blog\/remote-work\/\">Remote Work: How to Transition Team to Working From Home During the COVID-19 Pandemic<\/a><\/li><li><a href=\"https:\/\/www.protectimus.com\/blog\/sophos-2fa-with-hardware-tokens\/\">Sophos 2FA with Hardware OTP Tokens<\/a><\/li><li><a href=\"https:\/\/www.protectimus.com\/blog\/2fa-chatbots-vs-sms-authentication\/\">2FA Chatbots vs. SMS Authentication<\/a><\/li><li><a href=\"https:\/\/www.protectimus.com\/blog\/sms-authentication\/\">SMS Authentication: All Pros and Cons Explained<\/a><\/li><\/ul>\n<span class=\"et_bloom_bottom_trigger\"><\/span>","protected":false},"excerpt":{"rendered":"<p>OCRA, or OATH challenge-response algorithm is the most reliable multi-factor authentication algorithm yet. OCRA algorithm is proved to be the safest one created by the OATH (OpenAuTHentication initiative) as it allows a challenge input to be used for one-time passcode generation alongside the secret key (seed) and a counter or time.&nbsp; The key difference of [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":6679,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[3,9,15],"tags":[120,1217,1216,139,99],"class_list":["post-6669","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-engineering","category-protectimus-products","category-rd","tag-multifactor-authentication","tag-oath-algorithms","tag-ocra","tag-tokens","tag-two-factor-authentication"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/posts\/6669","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/comments?post=6669"}],"version-history":[{"count":18,"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/posts\/6669\/revisions"}],"predecessor-version":[{"id":6697,"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/posts\/6669\/revisions\/6697"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/media\/6679"}],"wp:attachment":[{"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/media?parent=6669"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/categories?post=6669"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.protectimus.com\/blog\/wp-json\/wp\/v2\/tags?post=6669"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}