Hello Matthew - The current implementation conforms to draft-mraihi-totp-timebased-06.txt, which has nothing to say about replay attacks (though perhaps it should).
regards Hugh On 18 Sep 2010, at 23:12, Matthew Reeves-Hairs wrote: > Hi, > I have notice that with TOTP even with the TimeStep set to 0 it is still > possible to use the same otp more once, is this correct? > > Most time based OTP systems I've used reject the otp if it has already been > used and you have to wait for the next time window. > > Hugh, can you comment on this. > > Regards > > Matthew Reeves-Hairs MBCS > (CCNA, CCNP, CCDA) > Director > > Willow ICT Limited > 13 Willow Close > Great Hormead > Hertfordshire, SG9 0NW > Mobile: +44 (0)7912 202627 > Fax: +44 (0)7092 361501 > [email protected] > http://www.willowict.com > <image.png> > Please consider the environment before printing this email. > > The content of this email and any attachment is private and may be > privileged. If you are not the intended recipient, any use, disclosure, > copying or forwarding of this email and/or its attachments is unauthorised. > If you have received this email in error please notify the sender by email > and delete this message and any attachments immediately. Nothing in this > email shall bind the Company in any contract or obligation, unless we have > specifically agreed to be bound. > > _______________________________________________ > radiator mailing list > [email protected] > http://www.open.com.au/mailman/listinfo/radiator NB: Have you read the reference manual ("doc/ref.html")? Have you searched the mailing list archive (www.open.com.au/archives/radiator)? Have you had a quick look on Google (www.google.com)? Have you included a copy of your configuration file (no secrets), together with a trace 4 debug showing what is happening? -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows, MacOS X. Includes support for reliable RADIUS transport (RadSec), and DIAMETER translation agent. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. - CATool: Private Certificate Authority for Unix and Unix-like systems. _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
