TripAdvisor codes (Japaneseトリップ, Torippu ) is an authentication method that does not require registration. They are usually used in Internet forums on the 2channel - style or in Imageboards in Futaba Channel style.

A trip code is generated from the server a password (Trip Key ) by means of a cryptographic hash function. The password is entered usually along with the user name in a common box. From a command in the usual 2channel format username # trip code then appears in 3GqYIJ3Obs contribution username! . The # is the delimiter between the username and password! between user and trip code. Some boards a ◆ is shown instead of the latter. In order to complicate a fake username and Trip code shown often formatted differently, such as the user name in bold and the code does not trip.

People who read in a board, can the contributions that come from the same user, recognize by comparing the trip codes. Since it is unlikely that two people use the same user the same password, they can be kept apart by means of the trip codes.

One advantage of trip codes is that neither the user name nor the password must be stored in some sort on the server. Since most boards use the same trip code algorithm, users can authenticate across sites.

Example implementation

The code for the generation of trip codes in the classical 2channel style in Perl is the following:

$ salt = substr ($ tripkey 'H. ', 1.2. ); # Tripkey is Shift-JIS encoding $ salt = ~ s / [ ^ \ -z. ] / \ / go. ; # Replace all characters less than ". " and greater than "z" by "." $ salt = ~ tr /:;? < => @ [\ \] ^ _ `/ ABCDEFGabcdef /; # Replace all characters from "; < => @ [\ ] ^ _`? " By their equivalent of " ABCDEFGabcdef " $ trip = crypt ( $ tripkey, $ salt ); # Unix crypt ( 3 ) function $ trip = substr ($ trip, -10 ); $ trip = ' ◆ ' $ trip.; print "$ trip"; Secure Trip codes

TripAdvisor codes are not very secure authentication method because the key space in TripAdvisor codes in 2channel style on account of the use of DES only 254 bits is large. Thus relatively fast pre-image attacks can be driven through rainbow tables, for example, to find a TripAdvisor key, which creates a certain desired trip code. Therefore, some imageboards Secure Trip codes (secure trip codes) together with the normal trip codes. Secure Trip codes are Salted hashes that require a second trip Key as input - often in the form of username # Travel # code secure trip code - and one stored on the server Salt ( random value ) to use. Since this Salt is secret and unique to each site, called attacks more difficult.

A disadvantage of Secure Trip codes is that they are board specically. If two boards not the same Salt, use Trip code algorithm and representation, a person can not prove that she is the same person on two different boards. Since most users assume that only a few make the effort to trip codes from other out, they prefer the conventional trip codes.

  • Authentication technique
  • Internet