Bitcoin Forum
December 09, 2016, 08:10:59 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: Generate Google Authenticator OTPs with a TI89?  (Read 5350 times)
bb113
Hero Member
*****
Offline Offline

Activity: 728


View Profile
June 24, 2012, 09:34:23 PM
 #1

Psuedocode from wikipedia:
Code:
function GoogleAuthenticatorCode(string secret)
     key := base32decode(secret)
     message := current Unix time ÷ 30
     hash := HMAC-SHA1(key, message)
     offset := last nibble of hash
     truncatedHash := hash[offset..offset+4]  //4 bytes starting at the offset
     Set the first bit of truncatedHash to zero  //remove the most significat bit
     code := truncatedHash mod 1000000
     pad code with 0 until length of code is 6
     return code

Would it be possible to write a program that generates google authenticator OTPs on a TI89? Would it be too difficult to sync the time? Would it take too long to generate the OTP?
1481271059
Hero Member
*
Offline Offline

Posts: 1481271059

View Profile Personal Message (Offline)

Ignore
1481271059
Reply with quote  #2

1481271059
Report to moderator
1481271059
Hero Member
*
Offline Offline

Posts: 1481271059

View Profile Personal Message (Offline)

Ignore
1481271059
Reply with quote  #2

1481271059
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
bb113
Hero Member
*****
Offline Offline

Activity: 728


View Profile
June 25, 2012, 01:42:49 AM
 #2

Is this a dumb or uninteresting question? I just want a device that never goes online to generate my OTPs.
gweedo
Legendary
*
Offline Offline

Activity: 1246


Java, PHP, HTML/CSS Programmer for Hire!


View Profile WWW
June 25, 2012, 02:15:03 AM
 #3

The programs are written in http://en.wikipedia.org/wiki/TI-BASIC so you need to find a programmer for that language. BUT you do want a device that has a good track of time, and I don't even know if a TI-89 can keep track of time let alone if it is the wrong time it would be completely wrong and the you will never get the correct number to enter.

Want to earn 2500 SATOSHIS per hour? Come Chat and Chill in https://goseemybits.com/lobby
bb113
Hero Member
*****
Offline Offline

Activity: 728


View Profile
June 25, 2012, 02:23:23 AM
 #4

How accurate does the time need to be? My understanding is that there is a "grace period" so there are a number of different OTPs that would be accepted on the website end. Maybe I am wrong.
gweedo
Legendary
*
Offline Offline

Activity: 1246


Java, PHP, HTML/CSS Programmer for Hire!


View Profile WWW
June 25, 2012, 03:38:16 AM
 #5

it is should be fairly accurate and the grace period isn't that long, I have implement google authenticator on some sites and it wants it too be pretty accurate. But honestly I don't think a TI-89 has any time and that is more important the grace period can always be tweaked in code.

Want to earn 2500 SATOSHIS per hour? Come Chat and Chill in https://goseemybits.com/lobby
Garr255
Legendary
*
Offline Offline

Activity: 952


What's a GPU?


View Profile
June 25, 2012, 03:40:46 AM
 #6

I want one for my c64 Cheesy

10btc bounty!

“First they ignore you, then they laugh at you, then they fight you, then you win.”  -- Mahatma Gandhi

Average time between signing on to bitcointalk: Two weeks. Please don't expect responses any faster than that!
bb113
Hero Member
*****
Offline Offline

Activity: 728


View Profile
June 25, 2012, 03:46:24 AM
 #7

it is should be fairly accurate and the grace period isn't that long, I have implement google authenticator on some sites and it wants it too be pretty accurate. But honestly I don't think a TI-89 has any time and that is more important the grace period can always be tweaked in code.

I would just read the unix time off some website and manually enter it in when I want to log on.

Also, there are a bunch of programs that claim to keep track of time (I haven't tried any):
http://www.ticalc.org/pub/89/basic/programs/time/
gweedo
Legendary
*
Offline Offline

Activity: 1246


Java, PHP, HTML/CSS Programmer for Hire!


View Profile WWW
June 25, 2012, 03:50:57 AM
 #8

one of those did say it had an internal time system, that should be good enough if it keeps time well. now just get someone who knows of TI-Basic and your ready!

Also it may take too long to enter in the unix time into the program

Want to earn 2500 SATOSHIS per hour? Come Chat and Chill in https://goseemybits.com/lobby
Garr255
Legendary
*
Offline Offline

Activity: 952


What's a GPU?


View Profile
June 25, 2012, 03:52:39 AM
 #9

one of those did say it had an internal time system, that should be good enough if it keeps time well. now just get someone who knows of TI-Basic and your ready!

Also it may take too long to enter in the unix time into the program

You would just enter it in advance then wait for the actual time to catch up to you Tongue Is that not obvious?

“First they ignore you, then they laugh at you, then they fight you, then you win.”  -- Mahatma Gandhi

Average time between signing on to bitcointalk: Two weeks. Please don't expect responses any faster than that!
bb113
Hero Member
*****
Offline Offline

Activity: 728


View Profile
June 25, 2012, 03:59:56 AM
 #10

one of those did say it had an internal time system, that should be good enough if it keeps time well. now just get someone who knows of TI-Basic and your ready!

Also it may take too long to enter in the unix time into the program

How well are we talking. 1 second? 10 seconds?
gweedo
Legendary
*
Offline Offline

Activity: 1246


Java, PHP, HTML/CSS Programmer for Hire!


View Profile WWW
June 25, 2012, 04:01:56 AM
 #11

one of those did say it had an internal time system, that should be good enough if it keeps time well. now just get someone who knows of TI-Basic and your ready!

Also it may take too long to enter in the unix time into the program

You would just enter it in advance then wait for the actual time to catch up to you Tongue Is that not obvious?

you could also time how long it takes the person to enter in the unix time, add that and get the time, but that is insecure and really the device has a internal clock use that.

Want to earn 2500 SATOSHIS per hour? Come Chat and Chill in https://goseemybits.com/lobby
bb113
Hero Member
*****
Offline Offline

Activity: 728


View Profile
June 25, 2012, 04:23:05 AM
 #12

I think manual entry would work as long as it only needs to be accurate to a few seconds. Really it is only the last few digits that would change.

edit: then again I have never worked with this so I don't know.
runlinux
Hero Member
*****
Offline Offline

Activity: 567



View Profile WWW
June 25, 2012, 10:56:11 AM
 #13

The big thing is you need hashing functions and I am fairly sure the TI-89 doesn't have that. I did do my share of programming on that bad boy 10 years ago...

I only havae my TI-86, so I can't help you out. Yes, I know I could emulate it...

bb113
Hero Member
*****
Offline Offline

Activity: 728


View Profile
June 25, 2012, 07:15:22 PM
 #14

gotta implement hmac-sha1 in TI-BASIC89
REF
Hero Member
*****
Offline Offline

Activity: 526


View Profile
June 26, 2012, 12:17:18 AM
 #15

TI-89 does keep track of time. I use that calculator everyday. It has a built in clock, you can set the time format 12/24hrs, hour, minute, am/pm, choice the date format MM/DD/YY, year, and month.
bb113
Hero Member
*****
Offline Offline

Activity: 728


View Profile
June 26, 2012, 02:32:52 AM
 #16

I actually got mine lost/stolen, but would buy a new one anyway. Does it do unix time or just that format. Does it count seconds?
deusstultus
Newbie
*
Offline Offline

Activity: 14


View Profile
July 04, 2012, 06:28:16 PM
 #17

As stated, the only real issue you'd have with the hardware of the calculator is keeping track of time.  TI89 has a real-time clock, and the backup battery (beneath the AAAs) will keep this running.  The main concern is that you likely do not have efficient means of keeping the clock synchronized to a network time.  Google's newest release of the app now even contains its own NTP task to fetch a time rather than using the phones. I haven't looked into it, but given the app, and the pseudo-code you posted, your grace period is exactly 30 seconds.  How long you have remaining (the countdown in the app) is controled by the modulo 30 of the time seed used.  I would expect that there are open implementations of SHA1 and the necessary hash functions you need in TI-BASIC89.  Really should be quite simple to implement, just need to make sure you check that your clock is accurate fairly regularly.

Because the rest of you are doing it:  1deuszvF3XvgLrWJwZK7vR5KTiwPzU2Yp
bb113
Hero Member
*****
Offline Offline

Activity: 728


View Profile
July 06, 2012, 04:02:12 AM
 #18

As stated, the only real issue you'd have with the hardware of the calculator is keeping track of time.  TI89 has a real-time clock, and the backup battery (beneath the AAAs) will keep this running.  The main concern is that you likely do not have efficient means of keeping the clock synchronized to a network time.  Google's newest release of the app now even contains its own NTP task to fetch a time rather than using the phones. I haven't looked into it, but given the app, and the pseudo-code you posted, your grace period is exactly 30 seconds.  How long you have remaining (the countdown in the app) is controled by the modulo 30 of the time seed used.  I would expect that there are open implementations of SHA1 and the necessary hash functions you need in TI-BASIC89.  Really should be quite simple to implement, just need to make sure you check that your clock is accurate fairly regularly.

Do you think its something a novice could do? Also, I couldn't find any sha1 implementations after looking around.
unclemantis
Member
**
Offline Offline

Activity: 98


(:firstbits => "1mantis")


View Profile
July 10, 2012, 10:39:29 PM
 #19

My bank gives me a Token generate that I use when I sign into my bank account online. It displays a 6 digit number and they change every 30 seconds I think.

I belive Yubikey is based on the same thing. Just instead of displaying it on a screen it pastes it into the keyword buffer through the USB port or RFID.

It would be cool to have a token generator that doesn't cost $20.

PHP, Ruby, Rails, ASP, JavaScript, SQL
20+ years experience w/ Internet Technologies
Bitcoin OTC | GPG Public Key                                                                               thoughts?
unclemantis
Member
**
Offline Offline

Activity: 98


(:firstbits => "1mantis")


View Profile
July 10, 2012, 10:43:38 PM
 #20

It would be really cool if i could use my bank token generator or any token generator out there "WoW, etc..." for sites that support Yubikey, Google, etc..

Now THAT would be one hell of a bounty Smiley

PHP, Ruby, Rails, ASP, JavaScript, SQL
20+ years experience w/ Internet Technologies
Bitcoin OTC | GPG Public Key                                                                               thoughts?
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!