I’ve been tasked with creating a One Time Password (OTP) system which will eventually be used to create OTP generators on mobile devices.

We’re looking at using HOTP (rfc 4226) using a counter, but maybe with some variations. We are not required to be OATH compliant.

This is my first experience in the security/cryptographic realm, so I’m trying to avoid (and learn about) security pitfalls that ensnare security rookies, as well as gain a better understanding of what I’ll need to do and know to complete this task.

In addition to this general advice, I’ve got a few specific questions about implementing this project:

Is HOTP still considered secure, even if it’s just using SHA-1? One of my coworkers suggested we should be using HMAC-SHA-512. It looks easy enough to switch which underlying algorithm we’re using. Are there any side effects here I should know? Such as increased processing time?

I’ve got concerns about the counter synchronization. What should I be using as a sane look-ahead for possible counter values? What are the best ways to get back in sync if the user has clicked ahead past our look-ahead limit? Would it be easier to display and send the counter along with the corresponding OTP, or does that significantly weaken security?

I also don’t have a good understanding of best practices for securely storing related information, such as the shared secret and counter values.

When you answer, please keep in mind I’m new to this domain, and am still trying to catch up on the jargon and acronyms. Thanks in advance.