PhoneChallenge - Module that does simple challenge/response using only numbers, for use in phone systems.
This module is a simple challenge/response system for use over the phone. The scheme is that a user is issued a list of indexes and values. When they need to authenticate the system prompts them with an index and they respond with the associated value.
use Authen::PhoneChallenge; my $auth = new Authen::PhoneChallenge($authFile); $auth->set_user($userId); $auth->get_challenge(); ... $auth->check_response($resp);
The authentication file is a simple XML document in the following format:
<users> <user id="1234"> <token challenge="1" response="1234" used="0"/> <token challenge="2" response="3456" used="0"/> </user> </users>
Create a new challenge object. Must pass a authentication file name (See FILE FORMAT above)
Set the user ID for all future operations.
Get a challenge for the user. Calling get_challenge will invalidate any outstanding challenges.
Check a response for validity.
XML::Simple
No know bugs at this time. If you find one let me know.
BIG SCARY NOTE: This module IS NOT, and WILL NOT be as secure as a real challenge/response/OTP system (like OPIE). It was written only to be slightly more secure than a shared PIN number among users.
Scott Peshak <speshak@randomscrews.net>
Copyright (c) 2007 Scott Peshak All rights reserved.
This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself. See perlartistic. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
To install Authen::PhoneChallenge, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Authen::PhoneChallenge
CPAN shell
perl -MCPAN -e shell install Authen::PhoneChallenge
For more information on module installation, please visit the detailed CPAN module installation guide.