Check out the new USENIX Web site.

One Time Passwords In Everything (OPIE):
Experiences with Building and Using Stronger Authentication

Daniel L. McDonald
Randall J. Atkinson

U.S. Naval Research Laboratory

Craig Metz

Kaman Sciences Corporation
Alexandria, Virginia


The U. S. Naval Research Laboratory's OPIE (One-time Passwords In Everything) Software Distribution is an enhancement of Bellcore's S/Key(TM) 1.0 package. OPIE improves on S/Key in several areas, including FTP service with one-time passwords, and a stronger algorithm for generating one-time passwords. OPIE diverges from S/Key in select design decisions and in the behavior of certain programs. While not a total security solution, OPIE can be an important part of one. OPIE and its evolutionary predecessors have been used for over a year in parts of NRL. Its use has taught the authors lessons on implementation, usability, deployment, and future directions for improvement.

Download the full text of this paper in ASCII (36,791 bytes),
POSTSCRIPT (863,570 bytes),
and PDF (189,687 bytes) form.

To Become a USENIX Member, please see our Membership Information.