I've been reading through RFC4226 as part of some research and I was wondering why the function to truncate the HMAC was so complicated. As far as I understand it, the last 4 bits of the HMAC define an offset from which 4 bytes are taken to be converted into a one time password.
Why can't the truncate function just always take the first 4 bytes of the HMAC? Is there some security implication of always taking the same 4 bytes that I have missed or is it just easier to implement using a dynamic offset?
Any information anyone could provide is greatly appreciated.
Aucun commentaire:
Enregistrer un commentaire