HomeworkLib
Question

A challenge response scheme can be used to authenticate a client to a server on a...

A challenge response scheme can be used to authenticate a client to a

server on a network.

a) What is the main feature of a challenge response scheme compared to just sending

the password?

b) Why should a nonce be used in challenge response authentication?

c) The challenge response protocol in WEP shared key authentication was/is insecure.

Explain the weakness.

engineering   Computer-Science   
0 0
Add a comment Improve this question Transcribed image text
Next > < Previous
Sort answers by oldest

Homework Answers

Answer #1

a) Challenge response scheme basically a Authentication Protocol which identify the legitimate user who is requesting to access the services or machines based on the challenge- response scheme.

for example:in password based challenge-response scheme , user generate challenge at client side

CH1 = Hash(challenge)+key1 ,challenge is random number generated by server , key1 = user password

CH1 ----> Server, now server generate the CH2 = Hash(same challenge)+key2, key2 = copied of user password at server side

if CH1 = CH2 ------> client is authenticated else invalid user

this protocol is provide defend against man in the middle attack.

b) To make every challenge- response pair sequence distinguish from other ,nonce is added in challenge - response authentication based system.

c) This protocol uses the shared key to encrypt the challenges ,here password is used as a key that can be alter if it is not strong then it becomes easy to break the keys for attackers.

0 0
Add a comment
Know the answer?
Add Answer to:
A challenge response scheme can be used to authenticate a client to a server on a...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions

  • A server often wants to authenticate a client. The SSL/TLS handshake protocol includes the possibility to...

    A server often wants to authenticate a client. The SSL/TLS handshake protocol includes the possibility to authenticate the client, but this possibility is typically not used on the Internet when requesting SSL/TLS protected webpages. Why?

  • 1) What is the protocol developed for the wireless network communications? Explain. A) Wireless Encryption Protocol...

    1) What is the protocol developed for the wireless network communications? Explain. A) Wireless Encryption Protocol (WEP) B) Wireless Application Protocol (WAP) C) Wired Equivalent Privacy (WEP) D) Wireless Session Protocol (WSP) 2) Consider 802.11 shared key authentication. Which of the following statements is false? Explain. A) If a device with the key is lost then the security for the entire WLAN is compromised. B) 802.1X requires shared key authentication. C) Real users and attackers with a shared WEP key...

  • (7) (2 pts) The simplified version of the handshaking procedure between a client and a bank...

    (7) (2 pts) The simplified version of the handshaking procedure between a client and a bank server for establishing a secure connection is described below (just consider it identical to the SSL/TLS described in class): 1. A client connects to the TLS-enabled bank server requesting a secure connection, and presents a list of supported ciphers (RC4, DES, AES, etc) and hash functions (MD5, SHA-1, etc). 2. The server picks the strongest cipher and hash. It then server sends back its...

  • Networking fundamentals ICLOUU10P 1. A(n) is a set of peer computers that share resources such as...

    Networking fundamentals ICLOUU10P 1. A(n) is a set of peer computers that share resources such as files and hardware. 2. A(n). is a logical grouping of users and equipment as defined by the network administrator. 3. Microsoft server editions have interfaces similar to the current was new for Windows Server 2008 and Windows 7 and is designed to improve network performance by storing information downloaded from the Internet or a web server onto a local area network client. 5. An...

  • 1) What are the purposes of the SNMP and ICMP protocols? 2)Explain the uses of a...

    1) What are the purposes of the SNMP and ICMP protocols? 2)Explain the uses of a nonce in challenge-response protocols? 3)Explain why a message hash is used for a digital signature rather than just using a private key to encrypt the message? 4) Ping (ICMP) is a useful tool for debugging network problem. Given an example of how to ping could be used in network testing. 5) Explain how traceroute build a list another router on the path from the...

  • Project Description In this project, you will be developing a multithreaded Web server and a simple...

    Project Description In this project, you will be developing a multithreaded Web server and a simple web client. The Web server and Web client communicate using a text-based protocol called HTTP (Hypertext Transfer Protocol). Requirements for the Web server The server is able to handle multiple requests concurrently. This means the implementation is multithreaded. In the main thread, the server listens to a specified port, e.g., 8080. Upon receiving an HTTP request, the server sets up a TCP connection to...

  • RSA is a common form of symmetric key encryption. Select one: True False What is the...

    RSA is a common form of symmetric key encryption. Select one: True False What is the purpose of a nonce in an end-point authentication protocol? Select one: a. It protects against replay attacks. b. It serves as a private key. c. It serves as a public key. d. It serves as a signature. e. It serves as a shared symmetric key. What is (19 * 16) mod 7? Answer: A TCP connection setup requires 3 messages to be passed. How...

  • Part - Web Server Setup and Demonstration (AJ Objective The objective of this assignment is to...

    Part - Web Server Setup and Demonstration (AJ Objective The objective of this assignment is to some HTTP as application layer protocol and TCP as reliable transport layer protocol HTTP is carried by TCP. Also, in the assignment you will investigate the working of client-server mechanism from both application and networking perspective There are several different ways to setup an HTTP server, including through Apache Tomcat, Apache Glassfish that integrales in an IDE such as Eclipse/NetBeans or even a browser...

  • 1. Which 802.11 standard has the best performing parameters in terms of data rate, range, channel...

    1. Which 802.11 standard has the best performing parameters in terms of data rate, range, channel separation issues and interoperability? 802.11n 802.11b 802.11g 802.11a 2. WPA2 uses IEEE 802.X with the Extensible Authentication Protocol (EAP) to perform mutual authentication, either via a _________ server or by means of a changing key generated on the basis of a shared secret pass-phrase. AES RADIUS WEP Common 3. At the MAC level, 802.11 LANs involve the use of ______ for medium access control....

  • Question 21 In order to prevent ports that are serving network hosts from being considered as...

    Question 21 In order to prevent ports that are serving network hosts from being considered as best paths, what should be enabled to block BPDUs? a. root guard b. BPDU filter c. BPDU drop d. BPDU guard 1.25 points Question 22 In regards to the use of local authentication, what statement is accurate? a. Local authentication is scalable for large networks. b. Local authentication is network and server failure tolerant. c. Local authentication does not allow for strong enough passwords....

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT