RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 4226, "HOTP: An HMAC-Based One-Time Password Algorithm", December 2005

Source of RFC: IETF - NON WORKING GROUP
Area Assignment: sec

Errata ID: 6756
Status: Reported
Type: Technical
Publication Format(s) : TEXT

Reported By: Nicholas Gaya
Date Reported: 2021-11-28

Section 5.3 says:

Let OffsetBits be the low-order 4 bits of String[19]

It should say:

Let OffsetBits be the low-order 4 bits of the last byte of String

Notes:

This change does not affect the computation for 20-byte HMAC-SHA-1 digests. However when using the HMAC-SHA-256 or HMAC-SHA-512 functions as suggested in RFC-6238, the 19th byte and the last byte may differ.

The proposed change matches the reference implementations of both RFC-4226 and RFC-6238 and removes potential ambiguity as to whether implementations should use the 19th byte or the last byte of the digest to determine the offset for dynamic truncation.

Report New Errata



Advanced Search