Exercise $3$ A toy one$-$time$-$password $($OTP$)$ generator

Using any of your password hashing program implemented so far, implement a toy OTP scheme as follows: $$ Immediately after user registration

$1$

o TheserverstoresthehashedandsaltedpasswordasHSP$=$Hn$($password$||$salt$)$asusual$,$ where H$(.)$ is a hash function and $||$ indicates byte$/$string concatenation.

$$ For each login

o TheserverupdatestheHSPasfollows:HSP$=$H$($HSP$||$t$),$wheretisthecurrentdateand

time in any format you decide.

o TheservercalculateanOTPasthelast$6$bytesofHSPandsenditshexadecimal

representation to the user via SMS$.$

o TheuserentersthereceivedOTPtologin.

o Theservercheckstheuser$$sinputtodecideacceptorrejecttheuser$.$

In the above scheme, you don$$t need to implement the real SMS feature, but just assume the user get the OTP and write a script to demonstrate that if the right OTP is given the user will be accepted; otherwise $($s$)$he will be rejected.