Why would the WPS PIN be separated into two halves?
While preparing for the CompTIA Security+ certification, I learned that a problem with the 8-digit WPS PIN is that checking is split into two sets of 4-digits, and also that the last digit is a check digit so it's really one 4-digit number and one 3-digit number that have to be guessed separately by an adversary as described here:
https://www.neowin.net/amp/the-wps-wifi-protected-setup-flaw-explained/
All that has to happen now is the first 4 have to be found first. 4 digits only have a 10,000 possible number combination. Once the first 4 numbers are found, the router proclaims "You"ve found the first four" giving, in essence, a checkpoint at which to save the progress before finding the last 4. So instead of having to guess an 8 digit combination, all that has to be guessed now is two 4 digit combinations and that takes considerably less time.
What I'm struggling to understand is why someone would design such a thing in the first place.
Obvious oversights and visible vulnerabilities aside, are there any possible advantages in the way the WPS PIN was designed that would be worth considering in the future, and if so, what are the advantages and what would be proper safeguards in order to limit the risk?
(In the case of the WPS PIN, we were told more recent devices now limit to a certain number of guesses before accepting any more attempts.)
