Token authentication for Gmail using a eZ430 Chronos watch

Two-factor authentication allows you to use your chosen password, as well as a one-time password to help keep your services secure. The one-time passwords traditionally come from a dedicated piece of hardware, but there are also solutions for smart phones. [Patrick Schaumont] shows how a TI eZ430 Chronos Watch can be used to generate authentication tokens. After walking through the process he uses it to beef up his gmail login.

This method of token authentication is often called Time-based One Time Passwords (TOTP). It’s part of the Open Authentication (OATH) initiative, which seeks to sort out the password-hell that is modern computing. A portable device generates a password by applying an algorithm and a private encryption key to an accuarte time-stamp. On the server side of things a public key is used to verify the one-time password entered based on the server’s own time-stamp. In this case the portable device is the Chronos watch and the server is Google’s own TOTP service.

You can do this with other simple microcontrollers, we’ve even seen an Arduino implementation. But the wrist-watch form factor seen here is by far the most convenient — as long as you always remember to wear the watch.

[Thanks Oxide]

11 thoughts on “Token authentication for Gmail using a eZ430 Chronos watch

  1. This is pretty sweet. Using a pre-paid phone means setting up token auth on gmail has the potential to be expensive or a pain. This is a nice solution although from experience with blizard games and their digipass being cracked (google diablo III account hacking) it is just another speed bump on the way to being owned. Still might dust off the old chronos and give it a spin.

    1. It’s pretty trivial to implement a TCXO on the MSP430 to compensate for drift. We develop a lot of stuff using the MSP+CC combinations at work and we get accuracy down to a couple of PPM pretty easily. Don’t know if you can do it on the CC430 but we calibrate the offset of the 32khz against the RF Xtal. The RF Xtal you can get to within about 1PPM using the freq offset register and use a TCXO algorithm for it as well if you have the curves.

  2. I did something like this for Windows in C#.Net that can do multiple accounts using the barcodes from Google. I just did it so that I didn’t always need to have my phone, or if I LOST my phone I could still get into my account. It even displays barcodes that can be used to add an account back into a phone without having to re-create the account settings in Google. The accounts stored in the program are encrypted.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.