Challenge-Response protocols Goal: one entity authenticates to other entity proving the knowledge of a secret, 'challenge How to design this using the crypto tool we have earned? Approach: Use time-variant parameters to prevent replay, interleaving attackS, provide uniqueness and timeliness 16 Example: nonce(used only once), timestampsChallenge-Response Protocols • Goal: one entity authenticates to other entity proving the knowledge of a secret, ‘challenge’ • How to design this using the crypto tool we have learned? • Approach: Use time-variant parameters to prevent replay, interleaving attacks, provide uniqueness and timeliness • Example: nonce (used only once), timestamps Topic 3: User Authentication 162/3/2021