15 - What is Time-based One Time Passwords?
TOTP
- Randomness
- RNGs
- PRNGs
- Seeded PRNGs
- Hash Functions
- What are they / Where are they used?
- Important to keep in mind that there are crytpographic and non-cryptographic hash functions
- TOTP combines Seeded PRNGs and Cryptographic Hash Functions to generate predictable, “random” codes using a seed and the current time.
- As long as your device has the correct time, you can generate the correct code
- This seed is present on your device (usually loaded through a QR code) and on the server.
- When you log in, the server knows what the code should be (based on current time), so it can confirm that you have the right code
email the show: hosts (at) shortexplanations (dot) com