S/Key [11,10] is a one-time password system used for authentication. It provides protection against replay attacks where a third party captured a password, e.g., by means of network sniffing, and tries to reuse it in a new authentication session.
S/Key uses a user supplied secret pass-phrase which is processed by a one-way function to generate a sequence of one-time passwords. In OpenBSD the one-way function can be chosen from a variety of computationally non-invertible hash functions like MD5 [34] or SHA1 [28], available in libc. S/Key is still useful when other cryptographic protocols are not available, or their implementations are not fully trusted, e.g., when using a conference terminal room to login to a home machine.