FIDO2's HMAC Secret extension generates a symmetric secret that can be used to encrypt and decrypt data. HMAC secret's output is based on
output1: HMAC-SHA-256(CredRandom, salt1)
Where salt1 is from the platform and CredRandom is generated and kept secret by the authenticator. After platform encrypts some data using output1, the next time platform needs the same key to decrypt data, it needs to send the same salt1, and then presumably the authenticator will send the same response back.
Q: how does the platform avoid a middleman recording the response from the authenticator, and replay it to the platform to decrypt data bypassing the authenticator?
