備忘錄狀況
這份文檔為Internet社區(qū)指定為Internet標(biāo)準(zhǔn)（軌跡）協(xié)議，并且為進一步改進需要討論和建議。這份協(xié)議的標(biāo)準(zhǔn)化狀態(tài)和狀況請參閱"Internet官方協(xié)議標(biāo)準(zhǔn)（InternetOfficial
版權(quán)聲明
Copyright(C)TheInternetSociety(1998).版權(quán)所有.

目錄
目錄 2
0.譯者的話 2
1.0摘要 3
2.0概述 3
3.0介紹 3
4.0需求術(shù)語 4
5.0安全哈希函數(shù)（SECUREHASHFUNCTION） 4
6.0一次口令的產(chǎn)生 5
7.0一次口令的驗證 7
8.0一次口令更改 7
9.0避免競爭攻擊 8
10.0安全考慮 9
11.0確認(rèn) 9
12.0參考文獻 9
13.0作者的地址 10
附錄A-安全哈希算法界面 11
附錄B-可替換字典算法 13
附錄C-OTP認(rèn)證例子 14
附錄D-六詞和二進制格式之間轉(zhuǎn)換的字典 17
完整版權(quán)聲明 23

0.譯者的話
譯者在翻譯這份文檔的時候，采取直譯的方式，盡量保證原文的原意。同時也盡量考慮了中文的語義順暢，便于中文讀者閱讀，譯者在譯文中加入了一些修飾語和譯注，修飾語一般在括號中寫明，而譯注均有“譯者注”字樣。由于譯者翻譯本篇文擋時間有限，譯文中一定會存在許多理解有誤、用詞不當(dāng)之處，歡迎讀者來信指正，共同學(xué)習(xí)。


1.0摘要
這篇文檔描述一次口令認(rèn)證系統(tǒng)（one-timepassWordauthenticationsystem）(OTP)。系統(tǒng)提供對系統(tǒng)訪問（login）的認(rèn)證以及針對基于重放獲取可再用口令（replayingcapturedreusablepasswords）之上的被動攻擊的安全認(rèn)證需求的其他應(yīng)用。OPT從S/KEY演化而來（S/KEY是Bellcore的商標(biāo)）。一次口令系統(tǒng)被Bellcore（貝爾通訊研究所）釋放，在參考[3]和[5]中描述。
譯者注：one-timepassword稱為一次性口令，在本文中稱為一次口令。

2.0概述
一種互聯(lián)網(wǎng)計算系統(tǒng)的攻擊形式是監(jiān)聽網(wǎng)絡(luò)連接以獲得認(rèn)證信息，例如合法用戶的登錄IDs和口令。一旦這個信息被捕捉，它就能獲得用于以后對系統(tǒng)的訪問（權(quán)）。一次口令系統(tǒng)被設(shè)計為還擊這種攻擊類型，稱作“重播攻擊”[4]（"replayattack"）。

在本文檔中描述的認(rèn)證系統(tǒng)使用一秘密通行短語（pass-phrase）去衍生一系列一次口令（單獨使用的）。使用這個系統(tǒng)，用戶的秘密通行短語任何時候（例如認(rèn)證過程中或者通行短語更改過程中）都不在網(wǎng)絡(luò)中傳輸。因此，對重放攻擊是非脆弱的。附加的安全通過無秘密信息需要被存儲在任何系統(tǒng)中的特征被提供，包括被保護的服務(wù)。

OTP系統(tǒng)避免針對認(rèn)證子系統(tǒng)受到外部被動攻擊的危害。它不能阻止網(wǎng)絡(luò)監(jiān)聽去獲得私有信息的存取以及不能提供避免或者“社會工程”（"socialengineering"）或者主動攻擊（activeattacks）[9]的危害的保護。

3.0介紹
在OPT一次口令系統(tǒng)的操作中存在兩個實體。發(fā)起者（generator）必須從用戶的秘密通行短語和從服務(wù)的質(zhì)疑（challenge）中提供的信息產(chǎn)生適當(dāng)?shù)囊淮慰诹睢７?wù)必須發(fā)送包括給發(fā)起者適當(dāng)?shù)漠a(chǎn)生參數(shù)的質(zhì)疑，必須驗證接收的一次口令，必須存儲接收到的最近有效的一次口令，以及必須存儲相應(yīng)的一次口令序列數(shù)（sequencenumber）。同時服務(wù)必須也便于以安全的方式對用戶的秘密通行短語的改變。

OTP系統(tǒng)發(fā)起者傳送用戶的秘密通行短語，隨后接收到從服務(wù)質(zhì)疑的一部分的（隨機）種子（seed），通過安全哈希函數(shù)（hashfunction）多次疊代運算產(chǎn)生一個一次口令。每一次成功的驗證之后，安全哈希函數(shù)疊代的次數(shù)減少1。這樣，唯一序列的口令產(chǎn)生了。服務(wù)通過計算安全哈希函數(shù)一次和比較先前從發(fā)起者接收到的一次口令來驗證發(fā)起者的一次口令。這個技術(shù)由LeslieLamport[1]第一次提出。

4.0需求術(shù)語
在這篇文檔中，用于定義每一個非凡需求的重要意義的詞通常大寫。這些詞是：

-MUST

這個詞或者形容詞"REQUIRED"表示這項是具體指定的絕對需求。

-SHOULD

這個詞或者形容詞"RECOMMENDED"表示在特定的環(huán)境中存在有效的理由去忽略這項，但是完整的含義應(yīng)該被理解以及在做出不同的進程之前要仔細(xì)衡量。

-MAY

這個詞或者形容詞"OPTIONAL"表示這項是真正可選的。例如，一個銷售商可以選擇包括這項，因為市場的需求或者增強產(chǎn)品（的功能）；而另一個銷售商可以忽略同一個選項。

5.0安全哈希函數(shù)（SECUREHASHFUNCTION）
OTP系統(tǒng)的安全依靠于安全哈希函數(shù)的不可逆性。這樣的函數(shù)必須是正向易于計算的，但是反過來計算不可行。

這里有三個這樣的哈希算法接口被定義，RonaldRivest的MD4[2]和md5[6]，以及NIST的SHA[7]。所有服務(wù)和發(fā)起者之間一致的工具必須（MUST）支持MD5。他們應(yīng)該（SHOULD）支持SHA和可以（MAY）也支持MD4。明顯的，發(fā)起者和服務(wù)之間為了互操作必須使用同樣的算法。其他哈希算法可以通過公開適當(dāng)?shù)慕涌跒檫@個系統(tǒng)的使用具體指定。

上面列出的安全哈希算法有其可以接收任意長度的輸入和產(chǎn)生固定大小輸出的特性。OPT系統(tǒng)使用附錄A中定義的算法將輸出折疊為64bit。64bit也是一次口令的長度。當(dāng)必要時這個程度可以確認(rèn)對安全是足夠長的以及對于手工輸入是足夠短的（參見下面，輸出的格式）。

6.0一次口令的產(chǎn)生
這部分描述一次口令的產(chǎn)生。這個處理過程由所有輸入被組合在一起的初始化步驟、安全哈希函數(shù)被應(yīng)用指定次數(shù)的運算步驟，和64bit一次口令被轉(zhuǎn)化為人類可讀格式的輸出函數(shù)組成。

附錄C包含給定輸入的集合的輸出例子。它提供了證實這些算法應(yīng)用的表達實現(xiàn)。

初始化步驟

原則上，用戶的安全通行短語可以是任何長度。為了減少來自例如窮舉搜索或者字典攻擊的危險，通訊短語字符串必須（MUST）至少包含10個字符（參見下面的輸入格式）。所有工具必須（MUST）支持至少63個字符的通行短語。安全通行短語通常，但不被要求，是由用戶提供的原文信息。

在這個步驟中，通行短語與從服務(wù)方以明文方式傳遞過來的種子（seed）連接在一起。這個非安全（non-secret）種子答應(yīng)客戶在多個機器上（使用不同的種子）使用同樣的安全通行短語以及通過改變種子安全地再循環(huán)使用他們的安全通行短語。

這個連接的結(jié)果通過使用附錄A中列舉的安全哈希函數(shù)算法之一，然后產(chǎn)生64bit輸出。

計算步驟

一系列一次口令通過應(yīng)用對初始化步驟（稱為S）的輸出多次安全哈希函數(shù)運算產(chǎn)生。也就說，第一個一次口令通過將S傳遞到由用戶指定次數(shù)（N次）的安全哈希函數(shù)運算產(chǎn)生。下一個一次口令通過傳遞S到安全哈希函數(shù)N-1次運算產(chǎn)生。監(jiān)視一次口令傳輸?shù)谋O(jiān)聽者不能產(chǎn)生下一個需要的口令，因為要做到這些就意味著哈希函數(shù)的逆運算。

輸入的格式

安全通行短語僅被OTP發(fā)起者看到。為了答應(yīng)發(fā)起者之間的可交互性，所有的發(fā)起者必須（MUST）支持10到63字符長度的安全通行短語。執(zhí)行工具可以（MAY）支持更長的通行短語，但是這樣的工具存在與僅支持短通行短語的工具之間失去交互性。

種子必須（MUST）由純正的字母數(shù)字字符（alphanumericcharacters）組成以及在長度上為16字符長。種子是一串必須（MUST）不能包含空格（blanks）和應(yīng)該由嚴(yán)格的從來自ISO-646內(nèi)部編碼集合（ISO-646InvariantCodeSet）的字母數(shù)字字符組成的字符串。種子必須（MUST）是大小寫無關(guān)的以及必須（MUST）是在處理之前內(nèi)部轉(zhuǎn)換為小寫。

序列號和種子一起組成一個大的數(shù)據(jù)單元稱為挑戰(zhàn)（challenge）。挑戰(zhàn)作為從安全通行短語計算正確的一次口令需要的參數(shù)提供給發(fā)起者。挑戰(zhàn)必須（MUST）是標(biāo)準(zhǔn)語法以便自動產(chǎn)生在上下文中能識別的挑戰(zhàn)以及提取這些參數(shù)。挑戰(zhàn)的語法如下：
otp-<algorithmidentifier><sequenceinteger><seed>

三個標(biāo)志段（tokens）必須（MUST）以空格分開(可以定義為任何數(shù)量的空格和/或制表符tabs)和整個挑戰(zhàn)字符串必須（MUST）以或者是空格或者一新行結(jié)束。字符串"otp-"必須（MUST）為小寫。算法標(biāo)識符是大小寫敏感的(已知存在的標(biāo)識符都是小寫)，以及種子是大小寫不敏感的并且在使用之前轉(zhuǎn)換為小寫。假如額外的算法被定義，適當(dāng)?shù)臉?biāo)識符(短的，但是沒有限制為三或者四個字符)必須被定義。當(dāng)前定義的算法標(biāo)識符是：

md4MD4MessageDigest
md5MD5MessageDigest
sha1NISTSecureHashAlgorithmRevision1

一個OTP挑戰(zhàn)例子是：otp-md5487dog2

輸出的格式

上面處理過程產(chǎn)生的一次口令在長度上為64bit。輸入一個64bit數(shù)字是困難的并且輕易出錯的過程。一些產(chǎn)生器插入口令到輸入流中和另外一些對于“剪切和粘貼”的系統(tǒng)使其有效。仍然有一些其他的布置（arrangements）需要一次口令手工輸入。OTP系統(tǒng)設(shè)計為易于手工輸入而沒有妨礙自動的方法。因此一次口令可以（MAY）轉(zhuǎn)換為，和所有服務(wù)必須（MUST）有能力接受的，僅使用從ISO-646IVCS字符集中的六個（1到4個字母letter）簡單類型詞（word）的序列。每個詞從2048個詞的字典中選取；每個詞為11bit，所有一次口令可以被編碼。

在這個編碼中兩個附加位（bits）用于存儲校驗和（checksum）。密鑰的64bits被分裂為一對bits,然后這些對（pairs）被加和在一起。這個和（sum）的兩個最低有效位在隨著和（sum）的最低有效位作為最低位編碼的六詞（word）序列的最后兩位（bits）被編碼。所有OTP產(chǎn)生器必須（MUST）計算這個校驗和以及所有OTP服務(wù)必須（MUST）作為解碼（decoding）這個一次口令的代表操作的一個部分顯式的驗證這個校驗和。

產(chǎn)生六詞格式（six-wordformat）的產(chǎn)生器必須（MUST）以單空格作為分隔的大寫形式展示。所有服務(wù)必須（MUST）接受六詞格式而忽略大小寫和用作分隔的空格。下面兩行表示同一個一次口令。第一行作為從產(chǎn)生器輸出和服務(wù)的輸入是有效的，第二行僅作為手工輸入到服務(wù)是有效的。

OUSTCOATFOALMUGBEAKTOTE
oustcoatfoalmugbeaktote

互操作要求所有的OTP服務(wù)和產(chǎn)生器使用相同的字典。標(biāo)準(zhǔn)字典起初在其描述在RFC1760[5]中的"S/KEYOneTimePasswordSystem"明確指定。

為了便于小的產(chǎn)生器的實現(xiàn)（implementation），對于一次口令的表示十六進制輸出是一個可選擇的表示。所有服務(wù)軟件的實現(xiàn)必須（MUST）接受同六詞格式一樣的大小寫不敏感的十六進制（數(shù)字）。十六進制數(shù)字可以由空格分隔,所以服務(wù)要求（REQUIRED）忽略所有的空格。假如表示是通過空格分開的，首位的零必須保留。十六進制格式的例子如下：

Representation（表示）Value（值）

3503785b369cda8b0x3503785b369cda8b
e5cca1b87c13096b0xe5cca1b87c13096b
C74890F4277BA1CF0xc74890f4277ba1cf
479A68284C9D01BC0x479a68284c9d01bc

除了接受六詞和十六進制的64bit一次口令編碼之外，服務(wù)應(yīng)該（SHOULD）接受在附錄B中描述的可替換的字典編碼。在這個編碼中的六個詞一定（MUST）不能與在標(biāo)準(zhǔn)字典詞的集合中重疊（overlap）。為了避免十六進制表示的含糊不清（ambiguity），在可替換字典中的詞必須（MUST）不能僅由字母A-F構(gòu)成。這樣編碼的解碼詞不需要任何可替換字典使用的知識，所以任何可選字典的可接受暗含著所有字典的可接受。在可替換字典中的詞是大小寫敏感的。產(chǎn)生器和服務(wù)必須（MUST）在處理這些詞的過程中保護大小寫。

總的來說，所有兼容的服務(wù)必須（MUST）接受使用標(biāo)準(zhǔn)字典（RFC1760和附錄D）的六詞輸入，必須（MUST）接受十六進制編碼，和應(yīng)該（SHOULD）接受使用可替代字典技術(shù)（AlternativeDictionarytechnique）（附錄B）的六詞輸入。一次口令的十六進制編碼看上去像一個有效的六詞標(biāo)準(zhǔn)字典編碼是有很小的可能性的，所有工具（implementations）必須（MUST）使用下列模式（scheme），假如一個六詞編碼的一次口令是有效的，它被接受。否則假如一次口令可以作為十六進制被解釋，和編碼是有效的，那么它被接受。

7.0一次口令的驗證
正如上文描述的一個期望OTP驗證需求的服務(wù)系統(tǒng)的應(yīng)用發(fā)送一個OTP挑戰(zhàn)。從這個挑戰(zhàn)和安全通行短語給定參數(shù)，發(fā)起者能計算（或者查找）通過服務(wù)被驗證的一次口令。

服務(wù)系統(tǒng)有一個數(shù)據(jù)庫，包含每一個用戶，從最后成功驗證的一次口令或者新近初始化的第一個OTP序列。為了驗證用戶，服務(wù)解碼從發(fā)起者接受到的一次口令為64-bit密鑰并且然后這個密鑰通過安全哈希函數(shù)一次。假如這個操作的結(jié)果匹配存儲的先前OTP，驗證是成功的和接受的一次口令被存儲為將來使用。

8.0一次口令更改
由于哈希函數(shù)應(yīng)用的數(shù)目通過產(chǎn)生器每次減少1執(zhí)行，在一些點上用戶必須重新初始化系統(tǒng)，否則不能夠進行驗證。

盡管一些計算站（installations）可能不答應(yīng)用戶初始化遠(yuǎn)端，應(yīng)用工具必須（MUST）提供一種方法去做，而不泄露用戶的安全通行短語。一種方法是通過明確指定第一個一次口令的方式提供一個重新初始化的序列。

當(dāng)一次口令序列被重新初始化的時候，工具必須（MUST）驗證種子或者通行短語被更換。計算站應(yīng)該（SHOULD）不鼓勵任何以明文的方式在網(wǎng)絡(luò)上發(fā)送安全通行短語的操作，因為這樣的行為失去了一次口令的概念。

工具可以（MAY）為[重新]初始化使用下列的技術(shù)：

o用戶選擇一個新的種子和哈希計數(shù)（count）(默認(rèn)的值可以被提供)。用戶提供這些，然后相應(yīng)產(chǎn)生一次口令，對于主機系統(tǒng)。

o用戶也可以（MAY）作為錯誤檢查對count-1次產(chǎn)生相應(yīng)的一次口令。

o用戶應(yīng)該（SHOULD）針對原有的種子和原有的哈希計數(shù)產(chǎn)生一次口令為了保護空閑終端（idleterminal）或者工作站（這個暗含著當(dāng)計數(shù)是1的時候，用戶能夠登陸但是不能修改種子或者計數(shù)）。

將來明確指定的協(xié)議可以被定義，對于所有的主機和產(chǎn)生器將能夠答應(yīng)平滑的和也許自動的互操作的重新初始化。

9.0避免競爭攻擊
所有一致服務(wù)工具必須（MUST）在避免本部分中描述的競爭狀況的危害。抵御這個攻擊的防護是概括的；工具可以（MAY）使用這個方法（approach）或者可以（MAY）選擇一個可選擇的防御。

對于一個攻擊者去監(jiān)聽大多數(shù)的一次口令，猜測剩余的，然后迅速傳遞合法用戶完成授權(quán)是可能的。多數(shù)針對六詞格式的最后一個詞進行猜測更可能成功。

一個可能的防御是防止用戶同時開始多個認(rèn)證會話。這個意味著一次合法用戶已經(jīng)初始化的認(rèn)證，攻擊者將被阻塞直到第一次認(rèn)證處理完成。在這個方法（approach）中，為防止拒絕服務(wù)攻擊（denialofserviceattack）超時時間是必須的。

10.0安全考慮
這篇文檔討論針對簡單口令系統(tǒng)[4]的通過限定已經(jīng)使用的監(jiān)聽/重放攻擊的危險改善安全的認(rèn)證系統(tǒng)。

OTP系統(tǒng)的使用僅提供避免被動監(jiān)聽/重放攻擊危害的保護。它沒有提供對于傳輸數(shù)據(jù)的保密，以及它沒有提供避免例如在當(dāng)前Internet[9]上已知存在的會話攔劫（sessionhijacking）的主動攻擊的危害保護。ipSecurity(IPsec)的使用，參見[10],[11],和[12]針對TCP會話攔劫的保護被推薦。

OTP系統(tǒng)對主機系統(tǒng)的成功保護依靠于使用的安全哈希函數(shù)不可逆性（non-invertability）。據(jù)我們所知，沒有哈希算法已經(jīng)被攻破，但是通常認(rèn)為MD4沒有MD5安全強度高。假如服務(wù)支持多種哈希算法，它（系統(tǒng)的安全）僅同最弱算法的安全強度。

11.0確認(rèn)
在OTP的認(rèn)證觀念（idea）由LeslieLamport[1]第一次提出建議。Bellcore（貝爾通訊研究所）的S/KEY系統(tǒng)，其是OTP的起源，由PhilKarn提出建議，其也發(fā)表了大部分的Bellcore參考實現(xiàn)（implementation）。

12.0參考文獻
[1]LeslieLamport,"PasswordAuthenticationwithInsecure
Communication",CommunicationsoftheACM24.11(November
1981),770-772

[2]Rivest,R.,"TheMD4Message-DigestAlgorithm",RFC1320,
April1992.

[3]NeilHaller,"TheS/KEYOne-TimePasswordSystem",Proceedings
oftheISOCSymposiumonNetworkandDistributedSystem
Security,February1994,SanDiego,CA

[4]Haller,N.,andR.Atkinson,"OnInternetAuthentication",
RFC1704,October1994.

[5]Haller,N.,"TheS/KEYOne-TimePasswordSystem",
RFC1760,February1995.

[6]Rivest,R.,"TheMD5Message-DigestAlgorithm",RFC1321,
April1992.

[7]NationalInstituteofStandardsandTechnology(NIST),
"AnnouncingtheSecureHashStandard",FIPS180-1,U.S.
DepartmentofCommerce,April1995.

[8]InternationalStandard-InformationProcessing--ISO7-bit
codedcharactersetforinformationinterchange(InvariantCode
Set),ISO-646,InternationalStandardsOrganization,Geneva,
Switzerland,1983

[9]ComputerEmergencyResponseTeam(CERT),"IPSpoofingand
HijackedTerminalConnections",CA-95:01,January1995.
AvailableviaanonymousFTPfrominfo.cert.orgin
/pub/cert_advisories.

[10]Atkinson,R.,"SecurityArchitecturefortheInternetProtocol",
RFC1825,August1995.

[11]Atkinson,R.,"IPAuthenticationHeader",RFC1826,August
1995.

[12]Atkinson,R.,"IPEncapsulatingSecurityPayload(ESP)",RFC
1827,August1995.

13.0作者的地址
NeilHaller
Bellcore
MCC1C-265B
445SouthStreet
Morristown,NJ,07960-6438,USA

Phone:+1201829-4478
Fax:+1201829-2504
EMail:nmh@bellcore.com


CraigMetz
KamanSciencesCorporation
ForNRLCode5544
4555OverlookAvenue,S.W.
Washington,DC,20375-5337,USA

Phone:+1202404-7122
Fax:+1202404-7942
EMail:cmetz@cs.nrl.navy.mil


PhilipJ.NesserII
Nesser&NesserConsulting
13501100thAveNE
Suite5202
Kirkland,WA98034,USA

Phone:+12064814303
EMail:pjnesser@martigny.ai.mit.edu


MikeStraw
Bellcore
RRC1A-225
445HoesLane
Piscataway,NJ08854-4182

Phone:+1908699-5212
EMail:mess@bellcore.com

附錄A-安全哈希算法界面
原始互操作測試提供了有效的察看當(dāng)轉(zhuǎn)換協(xié)議規(guī)范到運行編碼時的細(xì)微的問題。非凡是，數(shù)據(jù)比特順序的操作依靠于硬件結(jié)構(gòu)，計算機存儲多字節(jié)數(shù)據(jù)的具體方式。這種方法典型的稱為大或者小頭（"endian"）。大頭機器存儲數(shù)據(jù)最高有效位在前，而小頭機器存儲數(shù)據(jù)最低有效位在前。這樣，在大頭機器上數(shù)據(jù)存儲從左到右，而小頭機器存儲數(shù)據(jù)從右到左。

例如，四字節(jié)值0x11AABBCC存儲在大頭機器是按照下列四字節(jié)序列"0x11","0xAA","0xBB",和"0xCC"，而在小頭機器上存儲序列將是"0xCC","0xBB","0xAA",和"0x11"。

由于歷史的原因，和為了促進已存在設(shè)備的互操作性，決定所有哈希合并到OTP協(xié)議必須（MUST）存儲哈希函數(shù)的輸出以小頭格式，這在輸出比特流折疊為64比特（bits）之前發(fā)生。這個在MD4和MD5執(zhí)行中被做（參見參考[2]和[6]），然而對于SHA1（參見參考[7]）的執(zhí)行必須明確被做。

任何未來應(yīng)用到OTP協(xié)議的哈希函數(shù)應(yīng)該（SHOULD）提供答應(yīng)獨立應(yīng)用操作成功的相似的代碼參考片斷。

MD4消息文摘(參見參考[2])

MD4_CTXmd;
unsignedcharresult[16];

strcpy(buf,seed);/*seedmustbeinlowercase*/
strcat(buf,passwd);
MD4Init(&md);
MD4Update(&md,(unsignedchar*)buf,strlen(buf));
MD4Final(result,&md);

/*Foldthe128bitresultto64bits*/
for(i=0;i<8;i++)
result[i]^=result[i+8];

MD5消息文摘(參見參考[6])

MD5_CTXmd;
unsignedcharresult[16];
strcpy(buf,seed);/*seedmustbeinlowercase*/
strcat(buf,passwd);
MD5Init(&md);
MD5Update(&md,(unsignedchar*)buf,strlen(buf));
MD5Final(result,&md);

/*Foldthe128bitresultto64bits*/
for(i=0;i<8;i++)
result[i]^=result[i+8];


SHA安全哈希算法(參見參考[7])

SHA_INFOsha;
unsignedcharresult[16];
strcpy(buf,seed);/*seedmustbeinlowercase*/
strcat(buf,passwd);
sha_init(&sha);
sha_update(&sha,(unsignedchar*)buf,strlen(buf));
sha_final(&sha);/*NOTE:noresultbuffer*/

/*Foldthe160bitresultto64bits*/
sha.digest[0]^=sha.digest[2];
sha.digest[1]^=sha.digest[3];
sha.digest[0]^=sha.digest[4];

/*
*copytheresulting64bitstotheresultbufferinlittleendian
*fashion(analogoustothewayMD4Final()andMD5Final()do).
*/
for(i=0,j=0;j<8;i++,j+=4)
{
result[j]=(unsignedchar)(sha.digest[i]&0xff);
result[j+1]=(unsignedchar)((sha.digest[i]>>8)&0xff);
result[j+2]=(unsignedchar)((sha.digest[i]>>16)&0xff);
result[j+3]=(unsignedchar)((sha.digest[i]>>24)&0xff);
}

附錄B-可替換字典算法
OTP一次口令可替換字典編碼的目的是答應(yīng)特指語言或者友好詞句的使用。大小寫轉(zhuǎn)換總沒有很好的定義，所以可替換字典編碼是大小寫敏感的。服務(wù)應(yīng)該（SHOULD）接受除了標(biāo)準(zhǔn)六詞和十六進制編碼以外的這種編碼。

使用可替換字典的編碼生成程序

標(biāo)準(zhǔn)六詞編碼使用在字典中詞的布局表示11-bit數(shù)字的編碼。那么64-bit一次口令能夠通過六個詞表示。

一個2048詞的可替換字典可以這樣創(chuàng)造，每個詞W和詞在字典中的位置順序N的關(guān)系如下：
alg(W)%2048==N
其中
alg是使用的哈希算法(例如MD4,MD5,SHA1)。

此外，在標(biāo)準(zhǔn)字典中沒有詞可以被選擇。

產(chǎn)生器通過計算標(biāo)準(zhǔn)六詞編碼的奇偶校驗擴展64-bit一次口令到66bits。六個11-bit數(shù)字然后通過使用例如上面關(guān)系創(chuàng)造的字典轉(zhuǎn)換為詞。

可替換字典一次口令的服務(wù)解碼

使用上面的編碼服務(wù)接受可替換字典編碼轉(zhuǎn)換每一個詞到11-bit數(shù)字。這些數(shù)字然后使用同樣的方式解碼標(biāo)準(zhǔn)字典詞來形成66-bit一次口令。

服務(wù)不需要已經(jīng)存取了其要被驗證的一次口令創(chuàng)建使用的可替換字典。這是因為從詞到11-bit數(shù)字的解碼不必使用任何字典。作為字典獨立的結(jié)果，服務(wù)可以接受一個可替換字典，就可以接受所有的可替換字典。

附錄C-OTP認(rèn)證例子
這個附錄提供了三個定義的OTP密碼哈希算法一系列的輸入和正確的輸出——MD4、MD5和SHA1。這篇文檔目的是當(dāng)創(chuàng)建產(chǎn)生器和服務(wù)時為了開發(fā)者互操作檢查使用。輸出在文檔附錄D中以十六進制計數(shù)法和六詞編碼提供。

普通檢查

注重給定這些檢查的輸出不是為了逐字地去做，但是動作類型的描述應(yīng)該給出。

PassPhraseLength（通行短語長度）

Input:（輸入）
PassPhrase:Too_short（通行短語）
Seed:iamvalid（種子）
Count:99（計數(shù)）
Hash:ANY（哈希算法）
Output:（輸出）
ERROR:PassPhrasetooshort（通行短語太短）

Input:
PassPhrase:
1234567890123456789012345678901234567890123456789012345678901234
Seed:iamvalid
Count:99
Hash:ANY
Output:
WARNING:PassPhraselongerthantherecommendedmaximumlengthof63（通行短語的長度大于推薦的最長長度63）

SeedValues（種子值）

Input:
PassPhrase:A_Valid_Pass_Phrase
Seed:Length_Okay
Count:99
Hash:ANY
Output:
ERROR:Seedmustbepurelyalphanumeric（種子必須完全是字母數(shù)字）

Input:
PassPhrase:A_Valid_Pass_Phrase
Seed:LengthOfSeventeen

Count:99
Hash:ANY

Output:
ERROR:Seedmustbebetween1and16charactersinlength（種子必須在1到16個字母長度之間）

Input:
PassPhrase:A_Valid_Pass_Phrase
Seed:ASeed
Count:99
Hash:ANY
Output:
ERROR:Seedmustnotcontainanyspaces（種子必須不能包括任何空格）

ParityCalculations（奇偶校驗計算）

Input:
PassPhrase:A_Valid_Pass_Phrase
Seed:AValidSeed
Count:99
Hash:MD5
Output:
Hex:85c43ee03857765b
SixWord(CORRECT):FOWLKIDMASHDEADDUALOAF
SixWord(INCORRECTPARITY):FOWLKIDMASHDEADDUALNUT
SixWord(INCORRECTPARITY):FOWLKIDMASHDEADDUALO
SixWord(INCORRECTPARITY):FOWLKIDMASHDEADDUALOAK

MD4ENCODINGS（MD4編碼）

PassPhraseSeedCntHexSixWordFormat
========================================================================
Thisisatest.TeSt0D1854218EBBB0B51
ROMEMUGFREDSCANLIVELACE
Thisisatest.TeSt163473EF01CD0B444
CARDSADMINIRYECOLKIN
Thisisatest.TeSt99C5E612776E6C237A
NOTEOUTIBISSINKNAVEMODE
AbCdEfGhIjKalpha1050076F47EB1ADE4E
AWAYSENROOKSALTLICEMAP
AbCdEfGhIjKalpha1165D20D1949B5F7AB
CHEWGRIMWUHANGBUCKSAID
AbCdEfGhIjKalpha199D150C82CCE6F62D1
ROILFREECOGHUNKWAITCOCA
OTP'saregoodcorrect0849C79D4F6F55388
FOOLSTEMDONETOOLBECKNILE
OTP'saregoodcorrect18C0992FB250847B1
GISTAMOSMOOTAIDSFOODSEEM
OTP'saregoodcorrect993F3BF4B4145FD74B
TAGSLOWNOVMINWOOLKENO
MD5ENCODINGS（MD5編碼）

PassPhraseSeedCntHexSixWordFormat
========================================================================
Thisisatest.TeSt09E876134D90499DD
INCHSEAANNELONGAHEMTOUR
Thisisatest.TeSt17965E05436F5029F
EASEOILFUMCUREAWRYAVIS
Thisisatest.TeSt9950FE1962C4965880
BAILTUFTBITSGANGCHEFTHY
AbCdEfGhIjKalpha1087066DD9644BF206
FULLPEWDOWNONCEMORTARC
AbCdEfGhIjKalpha117CD34C1040ADD14B
FACTHOOFATFISTSITEKENT
AbCdEfGhIjKalpha1995AA37A81F212146C
BODEHOPJAKESTOWJUTRAP
OTP'saregoodcorrect0F205753943DE4CF9
ULANNEWARMYFUSESUITEYED
OTP'saregoodcorrect1DDCDAC956F234937
SKIMCULTLOBSLAMPOEHOWL
OTP'saregoodcorrect99B203E28FA525BE47
LONGIVYJULYAJARBONDLEE

SHA1ENCODINGS（SHA1編碼）

PassPhraseSeedCntHexSixWordFormat
========================================================================
Thisisatest.TeSt0BB9E6AE1979D8FF4
MILTVARYMASTOKSEESWENT
Thisisatest.TeSt163D936639734385B
CARTOTTOHIVEODEVATNUT
Thisisatest.TeSt9987FEC7768B73CCF9
GAFFWAITSKIDGIGSKYEYED
AbCdEfGhIjKalpha10AD85F658EBE383C9
LESTORHEELSCOTROBSUIT
AbCdEfGhIjKalpha11D07CE229B5CF119B
RITETAKEGELDCOSTTUNERECK
AbCdEfGhIjKalpha19927BC71035AAF3DC6
MAYSTARTINLYONVEDASTAN
OTP'saregoodcorrect0D51F3E99BF8E6F0B
RUSTWELTKICKFELLTAILFRAU
OTP'saregoodcorrect182AEB52D943774E4
FLITDOSEALSOMEWDRUMDEFY
OTP'saregoodcorrect994F296A74FE1567EC
AURAALOEHURLWINGBERGWAIT

附錄D-六詞和二進制格式之間轉(zhuǎn)換的字典

這個字典來自于原始Bellcore（貝爾通訊研究所）參考發(fā)行的模塊put.c（文件）。

{"A","ABE","ACE","ACT","AD","ADA","ADD",
"AGO","AID","AIM","AIR","ALL","ALP","AM","AMY",
"AN","ANA","AND","ANN","ANT","ANY","APE","APS",
"APT","ARC","ARE","ARK","ARM","ART","AS","ASH",
"ASK","AT","ATE","AUG","AUK","AVE","AWE","AWK",
"AWL","AWN","AX","AYE","BAD","BAG","BAH","BAM",
"BAN","BAR","BAT","BAY","BE","BED","BEE","BEG",
"BEN","BET","BEY","BIB","BID","BIG","BIN","BIT",
"BOB","BOG","BON","BOO","BOP","BOW","BOY","BUB",
"BUD","BUG","BUM","BUN","BUS","BUT","BUY","BY",
"BYE","CAB","CAL","CAM","CAN","CAP","CAR","CAT",
"CAW","COD","COG","COL","CON","COO","COP","COT",
"COW","COY","CRY","CUB","CUE","CUP","CUR","CUT",
"DAB","DAD","DAM","DAN","DAR","DAY","DEE","DEL",
"DEN","DES","DEW","DID","DIE","DIG","DIN","DIP",
"DO","DOE","DOG","DON","DOT","DOW","DRY","DUB",
"DUD","DUE","DUG","DUN","EAR","EAT","ED","EEL",
"EGG","EGO","ELI","ELK","ELM","ELY","EM","END",
"EST","ETC","EVA","EVE","EWE","EYE","FAD","FAN",
"FAR","FAT","FAY","FED","FEE","FEW","FIB","FIG",
"FIN","FIR","FIT","FLO","FLY","FOE","FOG","FOR",
"FRY","FUM","FUN","FUR","GAB","GAD","GAG","GAL",
"GAM","GAP","GAS","GAY","GEE","GEL","GEM","GET",
"GIG","GIL","GIN","GO","GOT","GUM","GUN","GUS",
"GUT","GUY","GYM","GYP","HA","HAD","HAL","HAM",
"HAN","HAP","HAS","HAT","HAW","HAY","HE","HEM",
"HEN","HER","HEW","HEY","HI","HID","HIM","HIP",
"HIS","HIT","HO","HOB","HOC","HOE","HOG","HOP",
"HOT","HOW","HUB","HUE","HUG","HUH","HUM","HUT",
"I","ICY","IDA","IF","IKE","ILL","INK","INN",
"IO","ION","IQ","IRA","IRE","IRK","IS","IT",
"ITS","IVY","JAB","JAG","JAM","JAN","JAR","JAW",
"JAY","JET","JIG","JIM","JO","JOB","JOE","JOG",
"JOT","JOY","JUG","JUT","KAY","KEG","KEN","KEY",
"KID","KIM","KIN","KIT","LA","LAB","LAC","LAD",
"LAG","LAM","LAP","LAW","LAY","LEA","LED","LEE",
"LEG","LEN","LEO","LET","LEW","LID","LIE","LIN",
"LIP","LIT","LO","LOB","LOG","LOP","LOS","LOT",
"LOU","LOW","LOY","LUG","LYE","MA","MAC","MAD",
"MAE","MAN","MAO","MAP","MAT","MAW","MAY","ME",
"MEG","MEL","MEN","MET","MEW","MID","MIN","MIT",
"MOB","MOD","MOE","MOO","MOP","MOS","MOT","MOW",
"MUD","MUG","MUM","MY","NAB","NAG","NAN","NAP",

"NAT","NAY","NE","NED","NEE","NET","NEW","NIB",
"NIL","NIP","NIT","NO","NOB","NOD","NON","NOR",
"NOT","NOV","NOW","NU","NUN","NUT","O","OAF",
"OAK","OAR","OAT","ODD","ODE","OF","OFF","OFT",
"OH","OIL","OK","OLD","ON","ONE","OR","ORB",
"ORE","ORR","OS","OTT","OUR","OUT","OVA","OW",
"OWE","OWL","OWN","OX","PA","PAD","PAL","PAM",
"PAN","PAP","PAR","PAT","PAW","PAY","PEA","PEG",
"PEN","PEP","PER","PET","PEW","PHI","PI","PIE",
"PIN","PIT","PLY","PO","POD","POE","POP","POT",
"POW","PRO","PRY","PUB","PUG","PUN","PUP","PUT",
"QUO","RAG","RAM","RAN","RAP","RAT","RAW","RAY",
"REB","RED","REP","RET","RIB","RID","RIG","RIM",
"RIO","RIP","ROB","ROD","ROE","RON","ROT","ROW",
"ROY","RUB","RUE","RUG","RUM","RUN","RYE","SAC",
"SAD","SAG","SAL","SAM","SAN","SAP","SAT","SAW",
"SAY","SEA","SEC","SEE","SEN","SET","SEW","SHE",
"SHY","SIN","SIP","SIR","SIS","SIT","SKI","SKY",
"SLY","SO","SOB","SOD","SON","SOP","SOW","SOY",
"SPA","SPY","SUB","SUD","SUE","SUM","SUN","SUP",
"TAB","TAD","TAG","TAN","TAP","TAR","TEA","TED",
"TEE","TEN","THE","THY","TIC","TIE","TIM","TIN",
"TIP","TO","TOE","TOG","TOM","TON","TOO","TOP",
"TOW","TOY","TRY","TUB","TUG","TUM","TUN","TWO",
"UN","UP","US","USE","VAN","VAT","VET","VIE",
"WAD","WAG","WAR","WAS","WAY","WE","WEB","WED",
"WEE","WET","WHO","WHY","WIN","WIT","WOK","WON",
"WOO","WOW","WRY","WU","YAM","YAP","YAW","YE",
"YEA","YES","YET","YOU","ABED","ABEL","ABET","ABLE",
"ABUT","ACHE","ACID","ACME","ACRE","ACTA","ACTS","ADAM",
"ADDS","ADEN","AFAR","AFRO","AGEE","AHEM","AHOY","AIDA",
"AIDE","AIDS","AIRY","AJAR","AKIN","ALAN","ALEC","ALGA",
"ALIA","ALLY","ALMA","ALOE","ALSO","ALTO","ALUM","ALVA",
"AMEN","AMES","AMID","AMMO","AMOK","AMOS","AMRA","ANDY",
"ANEW","ANNA","ANNE","ANTE","ANTI","AQUA","ARAB","ARCH",
"AREA","ARGO","ARID","ARMY","ARTS","ARTY","ASIA","ASKS",
"ATOM","AUNT","AURA","AUTO","AVER","AVID","AVIS","AVON",
"AVOW","AWAY","AWRY","BABE","BABY","BACH","BACK","BADE",
"BAIL","BAIT","BAKE","BALD","BALE","BALI","BALK","BALL",
"BALM","BAND","BANE","BANG","BANK","BARB","BARD","BARE",
"BARK","BARN","BARR","BASE","BASH","BASK","BASS","BATE",
"BATH","BAWD","BAWL","BEAD","BEAK","BEAM","BEAN","BEAR",
"BEAT","BEAU","BECK","BEEF","BEEN","BEER","BEET","BELA",
"BELL","BELT","BEND","BENT","BERG","BERN","BERT","BESS",
"BEST","BETA","BETH","BHOY","BIAS","BIDE","BIEN","BILE",
"BILK","BILL","BIND","BING","BIRD","BITE","BITS","BLAB",
"BLAT","BLED","BLEW","BLOB","BLOC","BLOT","BLOW","BLUE",
"BLUM","BLUR","BOAR","BOAT","BOCA","BOCK","BODE","BODY",

"BOGY","BOHR","BOIL","BOLD","BOLO","BOLT","BOMB","BONA",
"BOND","BONE","BONG","BONN","BONY","BOOK","BOOM","BOON",
"BOOT","BORE","BORG","BORN","BOSE","BOSS","BOTH","BOUT",
"BOWL","BOYD","BRAD","BRAE","BRAG","BRAN","BRAY","BRED",
"BREW","BRIG","BRIM","BROW","BUCK","BUDD","BUFF","BULB",
"BULK","BULL","BUNK","BUNT","BUOY","BURG","BURL","BURN",
"BURR","BURT","BURY","BUSH","BUSS","BUST","BUSY","BYTE",
"CADY","CAFE","CAGE","CAIN","CAKE","CALF","CALL","CALM",
"CAME","CANE","CANT","CARD","CARE","CARL","CARR","CART",
"CASE","CASH","CASK","CAST","CAVE","CEIL","CELL","CENT",
"CERN","CHAD","CHAR","CHAT","CHAW","CHEF","CHEN","CHEW",
"CHIC","CHIN","CHOU","CHOW","CHUB","CHUG","CHUM","CITE",
"CITY","CLAD","CLAM","CLAN","CLAW","CLAY","CLOD","CLOG",
"CLOT","CLUB","CLUE","COAL","COAT","COCA","COCK","COCO",
"CODA","CODE","CODY","COED","COIL","COIN","COKE","COLA",
"COLD","COLT","COMA","COMB","COME","COOK","COOL","COON",
"COOT","CORD","CORE","CORK","CORN","COST","COVE","COWL",
"CRAB","CRAG","CRAM","CRAY","CREW","CRIB","CROW","CRUD",
"CUBA","CUBE","CUFF","CULL","CULT","CUNY","CURB","CURD",
"CURE","CURL","CURT","CUTS","DADE","DALE","DAME","DANA",
"DANE","DANG","DANK","DARE","DARK","DARN","DART","DASH",
"DATA","DATE","DAVE","DAVY","DAWN","DAYS","DEAD","DEAF",
"DEAL","DEAN","DEAR","DEBT","DECK","DEED","DEEM","DEER",
"DEFT","DEFY","DELL","DENT","DENY","DESK","DIAL","DICE",
"DIED","DIET","DIME","DINE","DING","DINT","DIRE","DIRT",
"DISC","DISH","DISK","DIVE","DOCK","DOES","DOLE","DOLL",
"DOLT","DOME","DONE","DOOM","DOOR","DORA","DOSE","DOTE",
"DOUG","DOUR","DOVE","DOWN","DRAB","DRAG","DRAM","DRAW",
"DREW","DRUB","DRUG","DRUM","DUAL","DUCK","DUCT","DUEL",
"DUET","DUKE","DULL","DUMB","DUNE","DUNK","DUSK","DUST",
"DUTY","EACH","EARL","EARN","EASE","EAST","EASY","EBEN",
"ECHO","EDDY","EDEN","EDGE","EDGY","EDIT","EDNA","EGAN",
"ELAN","ELBA","ELLA","ELSE","EMIL","EMIT","EMMA","ENDS",
"ERIC","EROS","EVEN","EVER","EVIL","EYED","FACE","FACT",
"FADE","FAIL","FAIN","FAIR","FAKE","FALL","FAME","FANG",
"FARM","FAST","FATE","FAWN","FEAR","FEAT","FEED","FEEL",
"FEET","FELL","FELT","FEND","FERN","FEST","FEUD","FIEF",
"FIGS","FILE","FILL","FILM","FIND","FINE","FINK","FIRE",
"FIRM","FISH","FISK","FIST","FITS","FIVE","FLAG","FLAK",
"FLAM","FLAT","FLAW","FLEA","FLED","FLEW","FLIT","FLOC",
"FLOG","FLOW","FLUB","FLUE","FOAL","FOAM","FOGY","FOIL",
"FOLD","FOLK","FOND","FONT","FOOD","FOOL","FOOT","FORD",
"FORE","FORK","FORM","FORT","FOSS","FOUL","FOUR","FOWL",
"FRAU","FRAY","FRED","FREE","FRET","FREY","FROG","FROM",
"FUEL","FULL","FUME","FUND","FUNK","FURY","FUSE","FUSS",
"GAFF","GAGE","GAIL","GAIN","GAIT","GALA","GALE","GALL",
"GALT","GAME","GANG","GARB","GARY","GASH","GATE","GAUL",
"GAUR","GAVE","GAWK","GEAR","GELD","GENE","GENT","GERM",

"GETS","GIBE","GIFT","GILD","GILL","GILT","GINA","GIRD",
"GIRL","GIST","GIVE","GLAD","GLEE","GLEN","GLIB","GLOB",
"GLOM","GLOW","GLUE","GLUM","GLUT","GOAD","GOAL","GOAT",
"GOER","GOES","GOLD","GOLF","GONE","GONG","GOOD","GOOF",
"GORE","GORY","GOSH","GOUT","GOWN","GRAB","GRAD","GRAY",
"GREG","GREW","GREY","GRID","GRIM","GRIN","GRIT","GROW",
"GRUB","GULF","GULL","GUNK","GURU","GUSH","GUST","GWEN",
"GWYN","HAAG","HAAS","HACK","HAIL","HAIR","HALE","HALF",
"HALL","HALO","HALT","HAND","HANG","HANK","HANS","HARD",
"HARK","HARM","HART","HASH","HAST","HATE","HATH","HAUL",
"HAVE","HAWK","HAYS","HEAD","HEAL","HEAR","HEAT","HEBE",
"HECK","HEED","HEEL","HEFT","HELD","HELL","HELM","HERB",
"HERD","HERE","HERO","HERS","HESS","HEWN","HICK","HIDE",
"HIGH","HIKE","HILL","HILT","HIND","HINT","HIRE","HISS",
"HIVE","HOBO","HOCK","HOFF","HOLD","HOLE","HOLM","HOLT",
"HOME","HONE","HONK","HOOD","HOOF","HOOK","HOOT","HORN",
"HOSE","HOST","HOUR","HOVE","HOWE","HOWL","HOYT","HUCK",
"HUED","HUFF","HUGE","HUGH","HUGO","HULK","HULL","HUNK",
"HUNT","HURD","HURL","HURT","HUSH","HYDE","HYMN","IBIS",
"ICON","IDEA","IDLE","IFFY","INCA","INCH","INTO","IONS",
"IOTA","IOWA","IRIS","IRMA","IRON","ISLE","ITCH","ITEM",
"IVAN","JACK","JADE","JAIL","JAKE","JANE","java","JEAN",
"JEFF","JERK","JESS","JEST","JIBE","JILL","JILT","JIVE",
"JOAN","JOBS","JOCK","JOEL","JOEY","JOHN","JOIN","JOKE",
"JOLT","JOVE","JUDD","JUDE","JUDO","JUDY","JUJU","JUKE",
"JULY","JUNE","JUNK","JUNO","JURY","JUST","JUTE","KAHN",
"KALE","KANE","KANT","KARL","KATE","KEEL","KEEN","KENO",
"KENT","KERN","KERR","KEYS","KICK","KILL","KIND","KING",
"KIRK","KISS","KITE","KLAN","KNEE","KNEW","KNIT","KNOB",
"KNOT","KNOW","KOCH","KONG","KUDO","KURD","KURT","KYLE",
"LACE","LACK","LACY","LADY","LAID","LAIN","LAIR","LAKE",
"LAMB","LAME","LAND","LANE","LANG","LARD","LARK","LASS",
"LAST","LATE","LAUD","LAVA","LAWN","LAWS","LAYS","LEAD",
"LEAF","LEAK","LEAN","LEAR","LEEK","LEER","LEFT","LEND",
"LENS","LENT","LEON","LESK","LESS","LEST","LETS","LIAR",
"LICE","LICK","LIED","LIEN","LIES","LIEU","LIFE","LIFT",
"LIKE","LILA","LILT","LILY","LIMA","LIMB","LIME","LIND",
"LINE","LINK","LINT","LION","LISA","LIST","LIVE","LOAD",
"LOAF","LOAM","LOAN","LOCK","LOFT","LOGE","LOIS","LOLA",
"LONE","LONG","LOOK","LOON","LOOT","LORD","LORE","LOSE",
"LOSS","LOST","LOUD","LOVE","LOWE","LUCK","LUCY","LUGE",
"LUKE","LULU","LUND","LUNG","LURA","LURE","LURK","LUSH",
"LUST","LYLE","LYNN","LYON","LYRA","MACE","MADE","MAGI",
"MAID","MAIL","MAIN","MAKE","MALE","MALI","MALL","MALT",
"MANA","MANN","MANY","MARC","MARE","MARK","MARS","MART",
"MARY","MASH","MASK","MASS","MAST","MATE","MATH","MAUL",
"MAYO","MEAD","MEAL","MEAN","MEAT","MEEK","MEET","MELD",
"MELT","MEMO","MEND","MENU","MERT","MESH","MESS","MICE",

"MIKE","MILD","MILE","MILK","MILL","MILT","MIMI","MIND",
"MINE","MINI","MINK","MINT","MIRE","MISS","MIST","MITE",
"MITT","MOAN","MOAT","MOCK","MODE","MOLD","MOLE","MOLL",
"MOLT","MONA","MONK","MONT","MOOD","MOON","MOOR","MOOT",
"MORE","MORN","MORT","MOSS","MOST","MOTH","MOVE","MUCH",
"MUCK","MUDD","MUFF","MULE","MULL","MURK","MUSH","MUST",
"MUTE","MUTT","MYRA","MYTH","NAGY","NAIL","NAIR","NAME",
"NARY","NASH","NAVE","NAVY","NEAL","NEAR","NEAT","NECK",
"NEED","NEIL","NELL","NEON","Nero","NESS","NEST","NEWS",
"NEWT","NIBS","NICE","NICK","NILE","NINA","NINE","NOAH",
"NODE","NOEL","NOLL","NONE","NOOK","NOON","NORM","NOSE",
"NOTE","NOUN","NOVA","NUDE","NULL","NUMB","OATH","OBEY",
"OBOE","ODIN","OHIO","OILY","OINT","OKAY","OLAF","OLDY",
"OLGA","OLIN","OMAN","OMEN","OMIT","ONCE","ONES","ONLY",
"ONTO","ONUS","ORAL","ORGY","OSLO","OTIS","OTTO","OUCH",
"OUST","OUTS","OVAL","OVEN","OVER","OWLY","OWNS","QUAD",
"QUIT","QUOD","RACE","RACK","RACY","RAFT","RAGE","RAID",
"RAIL","RAIN","RAKE","RANK","RANT","RARE","RASH","RATE",
"RAVE","RAYS","READ","REAL","REAM","REAR","RECK","REED",
"REEF","REEK","REEL","REID","REIN","RENA","REND","RENT",
"REST","RICE","RICH","RICK","RIDE","RIFT","RILL","RIME",
"RING","RINK","RISE","RISK","RITE","ROAD","ROAM","ROAR",
"ROBE","ROCK","RODE","ROIL","ROLL","ROME","ROOD","ROOF",
"ROOK","ROOM","ROOT","ROSA","ROSE","ROSS","ROSY","ROTH",
"ROUT","ROVE","ROWE","ROWS","RUBE","RUBY","RUDE","RUDY",
"RUIN","RULE","RUNG","RUNS","RUNT","RUSE","RUSH","RUSK",
"RUSS","RUST","RUTH","SACK","SAFE","SAGE","SAID","SAIL",
"SALE","SALK","SALT","SAME","SAND","SANE","SANG","SANK",
"SARA","SAUL","SAVE","SAYS","SCAN","SCAR","SCAT","SCOT",
"SEAL","SEAM","SEAR","SEAT","SEED","SEEK","SEEM","SEEN",
"SEES","SELF","SELL","SEND","SENT","SETS","SEWN","SHAG",
"SHAM","SHAW","SHAY","SHED","SHIM","SHIN","SHOD","SHOE",
"SHOT","SHOW","SHUN","SHUT","SICK","SIDE","SIFT","SIGH",
"SIGN","SILK","SILL","SILO","SILT","SINE","SING","SINK",
"SIRE","SITE","SITS","SITU","SKAT","SKEW","SKID","SKIM",
"SKIN","SKIT","SLAB","SLAM","SLAT","SLAY","SLED","SLEW",
"SLID","SLIM","SLIT","SLOB","SLOG","SLOT","SLOW","SLUG",
"SLUM","SLUR","SMOG","SMUG","SNAG","SNOB","SNOW","SNUB",
"SNUG","SOAK","SOAR","SOCK","SODA","SOFA","SOFT","SOIL",
"SOLD","SOME","SONG","SOON","SOOT","SORE","SORT","SOUL",
"SOUR","SOWN","STAB","STAG","STAN","STAR","STAY","STEM",
"STEW","STIR","STOW","STUB","STUN","SUCH","SUDS","SUIT",
"SULK","SUMS","SUNG","SUNK","SURE","SURF","SWAB","SWAG",
"SWAM","SWAN","SWAT","SWAY","SWIM","SWUM","TACK","TACT",
"TAIL","TAKE","TALE","TALK","TALL","TANK","TASK","TATE",
"TAUT","TEAL","TEAM","TEAR","TECH","TEEM","TEEN","TEET",
"TELL","TEND","TENT","TERM","TERN","TESS","TEST","THAN",
"THAT","THEE","THEM","THEN","THEY","THIN","THIS","THUD",

"THUG","TICK","TIDE","TIDY","TIED","TIER","TILE","TILL",
"TILT","TIME","TINA","TINE","TINT","TINY","TIRE","TOAD",
"TOGO","TOIL","TOLD","TOLL","TONE","TONG","TONY","TOOK",
"TOOL","TOOT","TORE","TORN","TOTE","TOUR","TOUT","TOWN",
"TRAG","TRAM","TRAY","TREE","TREK","TRIG","TRIM","TRIO",
"TROD","TROT","TROY","TRUE","TUBA","TUBE","TUCK","TUFT",
"TUNA","TUNE","TUNG","TURF","TURN","TUSK","TWIG","TWIN",
"TWIT","ULAN","UNIT","URGE","USED","USER","USES","UTAH",
"VAIL","VAIN","VALE","VARY","VASE","VAST","VEAL","VEDA",
"VEIL","VEIN","VEND","VENT","VERB","VERY","VETO","VICE",
"VIEW","VINE","VISE","VOID","VOLT","VOTE","WACK","WADE",
"WAGE","WAIL","WAIT","WAKE","WALE","WALK","WALL","WALT",
"WAND","WANE","WANG","WANT","WARD","WARM","WARN","WART",
"WASH","WAST","WATS","WATT","WAVE","WAVY","WAYS","WEAK",
"WEAL","WEAN","WEAR","WEED","WEEK","WEIR","WELD","WELL",
"WELT","WENT","WERE","WERT","WEST","WHAM","WHAT","WHEE",
"WHEN","WHET","WHOA","WHOM","WICK","WIFE","WILD","WILL",
"WIND","WINE","WING","WINK","WINO","WIRE","WISE","WISH",
"WITH","WOLF","WONT","WOOD","WOOL","WORD","WORE","WORK",
"WORM","WORN","WOVE","WRIT","WYNN","YALE","YANG","YANK",
"YARD","YARN","YAWL","YAWN","YEAH","YEAR","YELL","YOGA",
"YOKE"};

完整版權(quán)聲明
版權(quán)（C）因特網(wǎng)協(xié)會（1998）。版權(quán)所有。

這個文檔和它的翻譯可以拷貝和分配給其他人，以及有關(guān)評論或者別樣的解釋或者其應(yīng)用的幫助等派生工作可以被預(yù)備、拷貝、發(fā)表和發(fā)布，其整體或者部分沒有受到任何限制，提供上述版權(quán)通知以及本段落應(yīng)被包含在所有這樣的拷貝和派生工作中。然而，這個文檔本身不可以以任何方式修改，例如移走版權(quán)通知或者Internet協(xié)會或其他Internet組織的參考，除非為了發(fā)展Internet標(biāo)準(zhǔn)（其版權(quán)程序定義在InternetStandards進程如下），或者需要翻譯成除英語以外的其他語言。

上述限制答應(yīng)授權(quán)是持久的并且將不被Internet協(xié)會或者它的繼續(xù)人隱藏或者轉(zhuǎn)讓。

譯者注：對于本文檔的完整版權(quán)聲明原文如下：

FullCopyrightStatement

Copyright(C)TheInternetSociety(1998).AllRightsReserved.

Thisdocumentandtranslationsofitmaybecopiedandfurnishedto
others,andderivativeworksthatcommentonorotherwiseeXPlainit
orassistinitsimplementationmaybeprepared,copied,published
anddistributed,inwholeorinpart,withoutrestrictionofany
kind,providedthattheabovecopyrightnoticeandthisparagraphare
includedonallsuchcopiesandderivativeworks.However,this
documentitselfmaynotbemodifiedinanyway,suchasbyremoving
thecopyrightnoticeorreferencestotheInternetSocietyorother
Internetorganizations,exceptasneededforthepurposeof
developingInternetstandardsinwhichcasetheproceduresfor
copyrightsdefinedintheInternetStandardsprocessmustbe
followed,orasrequiredtotranslateitintolanguagesotherthan
English.

Thelimitedpermissionsgrantedaboveareperpetualandwillnotbe
revokedbytheInternetSocietyoritssuccessorsorassigns.

Thisdocumentandtheinformationcontainedhereinisprovidedonan
"ASIS"basisandTHEINTERNETSOCIETYANDTHEINTERNETENGINEERING
TASKFORCEDISCLAIMSALLWARRANTIES,EXPRESSORIMPLIED,INCLUDING
BUTNOTLIMITEDTOANYWARRANTYTHATTHEUSEOFTHEINFORMATION
HEREINWILLNOTINFRINGEANYRIGHTSORANYIMPLIEDWARRANTIESOF
MERCHANTABILITYORFITNESSFORAPARTICULARPURPOSE.