OTP研究记录

基于事件的 
HOTP (Event Tokens)

和基于时间的 
TOTP (Time Tokens)

以下是 HOTP 加密的一些知识

Let:
K be a secret key
C be a counter
HMAC(K,C)
= SHA1(K ⊕ 0x5c5c… ∥ SHA1(K ⊕ 0x3636… ∥ C)) be an HMAC calculated
with the SHA-1 cryptographic hash algorithm
Truncate be a function that selects 4 bytes from the result of h in
a defined manner

Then HOTP(K,C) is mathematically defined by
HOTP(K,C) = Truncate(HMAC(K,C))
& 0x7FFFFFFF
The mask is to disregard the most
significant bit to provide better interoperability between processors.

For HOTP to be useful for an individual to input to a system, the result must be converted into a HOTP value, a 6–8 digits number that is implementation dependent.
HOTP-Value = HOTP(K,C)
mod 10d, where d is the desired number of digits

HMAC算法
http://biz.chinabyte.com/106/2011106.shtml 

 异或算法：
http://www.cnblogs.com/jiangguanghe/archive/2012/02/20/2360553.html

TOTP的类似，但很不一样。