Question 6131 – Computer-Networks
November 28, 2023Question 15883 – STQC-NIELIT SC-B 2021
November 28, 2023Artificial-Intelligence
| Question 47 |
In Challenge-Response authentication the claimant
| Proves that she knows the secret without revealing it | |
| Proves that she doesn’t know the secret | |
| Reveals the secret
| |
| Gives a challenge |
Question 47 Explanation:
→ Challenge-Response authentication is a family of protocols in which one party presents a question (“challenge”) and another party must provide a valid answer (“response”) to be authenticated.
→ The simplest example of a challenge–response protocol is password authentication, where the challenge is asking for the password and the valid response is the correct password.
→ A more interesting challenge–response technique works as follows. Say, Bob is controlling access to some resource. Alice comes along seeking entry. Bob issues a challenge, perhaps “52w72y”. Alice must respond with the one string of characters which “fits” the challenge Bob issued. The “fit” is determined by an algorithm “known” to Bob and Alice. (The correct response might be as simple as “63x83z” (each character of response one more than that of challenge), but in the real world, the “rules” would be much more complex.) Bob issues a different challenge each time, and thus knowing a previous correct response (even if it isn’t “hidden” by the means of communication used between Alice and Bob) is of no use.
→ The simplest example of a challenge–response protocol is password authentication, where the challenge is asking for the password and the valid response is the correct password.
→ A more interesting challenge–response technique works as follows. Say, Bob is controlling access to some resource. Alice comes along seeking entry. Bob issues a challenge, perhaps “52w72y”. Alice must respond with the one string of characters which “fits” the challenge Bob issued. The “fit” is determined by an algorithm “known” to Bob and Alice. (The correct response might be as simple as “63x83z” (each character of response one more than that of challenge), but in the real world, the “rules” would be much more complex.) Bob issues a different challenge each time, and thus knowing a previous correct response (even if it isn’t “hidden” by the means of communication used between Alice and Bob) is of no use.
Correct Answer: A
Question 47 Explanation:
→ Challenge-Response authentication is a family of protocols in which one party presents a question (“challenge”) and another party must provide a valid answer (“response”) to be authenticated.
→ The simplest example of a challenge–response protocol is password authentication, where the challenge is asking for the password and the valid response is the correct password.
→ A more interesting challenge–response technique works as follows. Say, Bob is controlling access to some resource. Alice comes along seeking entry. Bob issues a challenge, perhaps “52w72y”. Alice must respond with the one string of characters which “fits” the challenge Bob issued. The “fit” is determined by an algorithm “known” to Bob and Alice. (The correct response might be as simple as “63x83z” (each character of response one more than that of challenge), but in the real world, the “rules” would be much more complex.) Bob issues a different challenge each time, and thus knowing a previous correct response (even if it isn’t “hidden” by the means of communication used between Alice and Bob) is of no use.
→ The simplest example of a challenge–response protocol is password authentication, where the challenge is asking for the password and the valid response is the correct password.
→ A more interesting challenge–response technique works as follows. Say, Bob is controlling access to some resource. Alice comes along seeking entry. Bob issues a challenge, perhaps “52w72y”. Alice must respond with the one string of characters which “fits” the challenge Bob issued. The “fit” is determined by an algorithm “known” to Bob and Alice. (The correct response might be as simple as “63x83z” (each character of response one more than that of challenge), but in the real world, the “rules” would be much more complex.) Bob issues a different challenge each time, and thus knowing a previous correct response (even if it isn’t “hidden” by the means of communication used between Alice and Bob) is of no use.