Talk:HMAC-based one-time password

Untitled
Still missing citations/references for HOTP's world leading position. However, after compromise of RSA_SecurID, there's no much competition left. The recent Gartner's study on OTP (currently the firs reference) actually mentions just OATH and RSA SecurID, while the latter might be gone soon. Unfortunately I don't feel to be an experienced enough wikipedist to properly reference this from these two sources, so some help on this would definitely be appreciated. 84.244.120.131 (talk) 20:40, 30 March 2011 (UTC)

I don't see words that indicate this line in particular hinted at HOTP's popularity, so I'm going to danger removing this tag here with regards to Duo Security's claims. I'll look into citations when I can. 199.248.199.110 (talk) 16:20, 20 January 2016 (UTC)

Weaknesses and vulnerabilities
Am a right in thinking that HOTP's use of shared secrets should be viewed as a vulnerability, as is the case with TOTP? Whether true or not, a section on Weaknesses and vulnerabilities would be a useful addition I think. Batternut (talk) 11:57, 1 March 2016 (UTC)

External links modified
Hello fellow Wikipedians,

I have just modified 4 external links on HMAC-based One-time Password Algorithm. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:
 * Added archive https://web.archive.org/web/20131229080741/http://ds3global.com/index.php/en/news-a-events/news/97-securing-data-delivery-hassle-free- to http://ds3global.com/index.php/en/news-a-events/news/97-securing-data-delivery-hassle-free-/
 * Added archive https://web.archive.org/web/20100518213222/http://www.androidzoom.com/android_applications/tools/strongauth_bmeq.html to http://www.androidzoom.com/android_applications/tools/strongauth_bmeq.html
 * Added archive https://web.archive.org/web/20100917040954/http://actividentity.com/products/authenticationdevices/SoftTokens/ to http://www.actividentity.com/products/authenticationdevices/SoftTokens/
 * Added archive https://web.archive.org/web/20120425125135/http://www.feelgoodsoftware.com/ to http://www.feelgoodsoftware.com/

When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.

Cheers.— InternetArchiveBot  (Report bug) 08:09, 27 October 2017 (UTC)

Use variable 'm' in HMAC description
In the Definition section, the variable 'C' is used to represent both the HOTP counter parameter, and also the HMAC message parameter. For clarity, I propose that HMAC use the variable 'm' instead. The  HMAC article itself uses 'm.' If there are no objections, I will change it in a day or two.

Christopher Ursich (talk) 18:49, 5 January 2018 (UTC)


 * Yes, that sounds good. Thank you BananaCarrot152 (talk) 20:53, 5 January 2018 (UTC)


 * Done. Christopher Ursich (talk) 15:00, 8 January 2018 (UTC)

Possible lack of info in the article, "counter" entity used but not described, nor listed among HMAC parameters
Hi Wikipedians,

for interests I am regressing among various pages about internet security, authentication, TOTP devices, and come to the HMAC algorhytm (this page).

Seems that, in current article version,   entity is mentioned, but not listed among the HMAC parameters listed above, nor introduced anywhere, just referenced as if taken for granted.

As a pretty novice of this technology, it is not clear to me: from where this counter come off, and what's its definition, usage or characteristics? I suppose it should be roughly similar to the time value in TOTP devices parameters, but I expect his usage to be more clearly introduced and explained in the article, with regards on how this has to be implemented logically on both sides, the "authenticatee" and the "authenticator".

I've got not time at the moment to look at the revision history of the page myself, to see if something has been inadvertently removed in a previous edit, or to resort to the sources, and frankly a such effort would be probably worthless, as I'm not deeply knowingly in the matter of the argument of the article :), so I leave it to the more competent people following the page.

Thanks in advance to any expert user able to explain, or, for any correction or integration to the article, to solve the apparent lack of info.

Sqrt32 (talk) 20:36, 27 April 2020 (UTC) (italian user page: https://it.wikipedia.org/wiki/Utente:Sqrt32)
 * I have updated the article a little. Does it make sense? Thank you for your question, which will make this article better!BananaCarrot152 (talk) 21:43, 27 April 2020 (UTC)

Propose more readable truncation description
I think the following is not very clear (and specific to SHA-1, which works for HOTP but not its TOTP backreference):

> Truncation first takes the 4 least significant bits of the MAC and uses them as an offset, i. > >    truncate(MAC) = extract31(MAC, MAC[(19 × 8) + 4:(19 × 8) + 7] × 8) >    extract31(MAC, i) = MAC[i + 1:i + (4 × 8) − 1]

I would propose rephrasing this to

> Truncation first takes the 4 last positions in the MAC bit vector and uses them as an offset, i. > >    truncate(MAC) = extract31(MAC, MAC[-4:-1]) >    extract31(MAC, i) = MAC[8xi + 1 : 8xi + 31]

or even to

> Truncation first takes the 4 last positions in the MAC bit vector and uses them as an offset, i. > >    truncate(MAC) = extract31(MAC[0:-5], MAC[-4:-1]) >    extract31(MAC, i) = MAC[8xi + 1 : 8xi + 31]

Note on TOTP: It allows other hash algorithms and retrieves the offset with

>         // put selected bytes into result int >         int offset = hash[hash.length - 1] & 0xf; > >         int binary = >             ((hash[offset] & 0x7f) << 24) | >             ((hash[offset + 1] & 0xff) << 16) | >             ((hash[offset + 2] & 0xff) << 8) | >             (hash[offset + 3] & 0xff);

Sorry for incomplete understanding of the layout tools of WikiPedia. Found no code insertion.