Skip to content

Latest commit

 

History

History
62 lines (50 loc) · 3.37 KB

README.md

File metadata and controls

62 lines (50 loc) · 3.37 KB

TI-Authenticator: One Time Passwords (OTP) on the TI-84+ CE

TOTP for your graphing calculator.

Demo GIF

Description

One-Time Passwords are a popular way to use 2FA (2-factor authentication). Since, the codes change and can't be intercepted as easily as text-based MMS codes, OTP offers a pretty decent 2FA solution when used in conjunction with passwords. Apps like Google Authenticator offer OTP for phone platforms; similarly, this implementation allows you to get OTP codes from your TI-84+ CE graphing calculator.

I implemented OTP based on the following documents:

They're actually pretty short compared to other standards; only like 16 pages long.

Unforunately, my implemenation doesn't fully meet the following specification because it it uses uint32_t to keep track of the epoch time.

The implementation of this algorithm MUST support a time value T
   larger than a 32-bit integer when it is beyond the year 2038.

I wasn't able to use a 64 bit integer since the LLVM toolchain currently doesn't support certain operations on 64 bit integers (e.g. lladd, llshl).

The unsigned int allows for dates past 2038, but it doesn't allow for negative values (i.e. dates before 1970) which shouldn't be too much of a problem for this use case.

This program was made primarily as an interesting little programming exercise to learn more about the implementation of HMAC and OTP. You probably shouldn't actually use it for real security stuff.

Build and Run

Regular Computer

$ make -f Makefile.pc
$ ./otp
208 918

TI-84+ CE

  • Currently the code uses JBSWY3DPEHPK3PXP as the secret key. Change this if you want in src/otp.c
  • Download and build the LLVM version of the CE toolchain from here or use the online version on TI-Planet.
  • Transfer the src folder to where you installed the CE toolchain and use make if you downloaded the toolchain or press Build if using the online version
  • Make sure to set the calculator's current time to the correct UTC time by using [MODE][Set CLOCK]
  • Transfer the 8xp produced to your calculator and run it using [PGRM][OTP] (you might have to use [2nd][Asm] before running the program depending on the OS version you're running on.

Demo

You can scan the QR code below or type the secret key in manually.

QR Code

JBSWY3DPEHPK3PXP

Credits

See the LICENSE folder

TODO

  • Allow users to input the secret key
  • Make a UI
  • Allow for multiple codes like Google Authenticator
  • Use USB maybe somehow
  • Allow users to use the counter based OTP
  • Make the circle thing that shows you how much time is left before a code expires like Google Authenticator does
  • Make circle thing smoother somehow