NAME

Crypt::PerfectPaperPasswords - Steve Gibson's Perfect Paper Passwords

VERSION

This document describes Crypt::PerfectPaperPasswords version 0.06

SYNOPSIS

use Crypt::PerfectPaperPasswords;

my $pass_phrase  = 'Fromage';
my $ppp          = Crypt::PerfectPaperPasswords->new;
my $sequence_key = $ppp->sequence_from_key( $pass_phrase );
my $first        = 1;
my $count        = 100;
my @passcodes    = $ppp->passcodes( $first, $count, $sequence_key );

DESCRIPTION

From https://www.grc.com/ppp.htm

GRC's "Perfect Paper Passwords" (PPP) system is a straightforward,
simple and secure implementation of a paper-based One Time Password
(OTP) system. When used in conjunction with an account name &
password, the individual "passcodes" contained on PPP's "passcards"
serve as the second factor ("something you have") of a secure multi-
factor authentication system.

This is a Perl implementation of the PPP passcode generator.

INTERFACE

new

Create a new Create::PerfectPaperPasswords instance. Options may be passed:

my $ppp = Crypt::PerfectPaperPasswords->new(
    alphabet => '0123456789abcdef',
    codelen  => 2
);

The following options are supported:

alphabet

The alphabet to use for encoding. Defaults to Steve Gibson's:

23456789!@#%+=:?abcdefghijkmnopq
rstuvwxyzABCDEFGHJKLMNPRSTUVWXYZ

The size of the alphabet need not be a power of two.

codelen

The number of raw bytes in each passcode. You must have Math::BigInt installed to handle values greater than 4.

alphabet

Get the alphabet used by this object.

my $alphabet = $ppp->alphabet;

codelen

Get the code length for this object.

my $codelen = $ppp->codelen;

sequence_from_key

Generate a sequence key from a passphrase.

my $seq_key = $ppp->sequence_from_key( 'Fromage' );

random_sequence

Generate a random sequence key.

my $seq_key = $ppp->random_sequence;

Relies on the output of random_data for its entropy.

random_data

Returns some random data. This is the entropy source for random_sequence. This implementation returns a string that is the concatenation of

  • The real time (using the microsecond clock)

  • The next seed value

  • Address of $self

  • Address of a newly allocated scalar

  • Process ID

The seed value is the microsecond time when this object was created and is incremented by one each time it's used.

For a lot of uses this is probably an adequate entropy source - but I'm not a cryptographer. If you'd like better entropy consider subclassing and provding a random_data that reads from /dev/urandom.

passcodes

Get an array of passcodes.

my @passcodes = $ppp->passcodes(1, 70, $seq_key);

The first two arguments are the starting position (1 .. n) and the number of passcodes to generate.

Returns an array of strings containing the generated passcodes.

CONFIGURATION AND ENVIRONMENT

Crypt::PerfectPaperPasswords requires no configuration files or environment variables.

DEPENDENCIES

Crypt::Rijndael

Digest::SHA256

Scalar::Util

Time::HiRes

Math::BigInt (optional)

INCOMPATIBILITIES

None reported.

BUGS AND LIMITATIONS

No bugs have been reported.

Please report any bugs or feature requests to bug-crypt-perfectpaperpasswords@rt.cpan.org, or through the web interface at http://rt.cpan.org.

AUTHOR

Andy Armstrong <andy@hexten.net>

Original Perfect Paper Passwords implementation by Steve Gibson. More details here:

http://www.grc.com/ppp.htm

LICENCE AND COPYRIGHT

Copyright (c) 2007, Andy Armstrong <andy@hexten.net>.

This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself. See perlartistic.