Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Password-based challenge-response
Special Forums Cybersecurity Password-based challenge-response Post 302101259 by heroine on Friday 29th of December 2006 09:04:00 PM
Old 12-29-2006
Password-based challenge-response
Hello all,

I have this question, hope to get some guidance...

Fora simple password-based challenge-response protocol between a user A
and a server S, where Pa is A's password, n is a random nonce generated
by the server, and h is a known cryptographic hash function.

1. S -> A: E(Pa,n)
2. A -> S: E(Pa,h(n))

How to show that this protocol is vulnerable to an off-line password
guessing attack? and how would the attack take place ?. Under which
circumstances would the vulnerability not be a problem?

thanks for reading...
cheers.
 

9 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Email Authentication Gateway Software? (Challenge/Response)

Happy Holiday Season All, I once found a software package on the web that was pretty cool. The package was used in conjunction with sendmail or procmail (I think) and would compare the senders email address to a database on the server. If the senders address was not in the database, it would... (2 Replies)
Discussion started by: Neo
2 Replies

2. UNIX for Advanced & Expert Users

safeword challenge

Hi, there are some servers here at work which issue a Safeword challenge after I login. Can anyone tell me exactly how the challenge/response system works? In particular, how are the valid keys decided? (2 Replies)
Discussion started by: blowtorch
2 Replies

3. Shell Programming and Scripting

regex challenge

Here's a regex substitution operation that has stumped me with sed: How do you convert lines like this: first.key ?{x.y.z} second.key ?{xa.ys.zz.s} third.key ?{xa.k} to: first.key ?{x_y_z} second.key ?{xa_ys_zz_s} third.key ?{xa_k} So i'm basically converting all the... (11 Replies)
Discussion started by: neked
11 Replies

4. Shell Programming and Scripting

Automating a Challenge/Response Method.

Hi guys, I will need some help with a to automate a challenge/response sequence when I try to SCP files from a server to another. The scenario is like this : After selecting in a script the option to send files via scp (case switch): I get this output from linux term: The... (4 Replies)
Discussion started by: REX:)
4 Replies

5. UNIX for Dummies Questions & Answers

Create password based on...

I have to create a bunch of functional (non-user) accounts that are owned by 1 person. And I create several of these functional accounts each day so there are several owners. Is there a way to make a password based off an algorithm that uses the owners identification number, so all accounts I... (2 Replies)
Discussion started by: MaindotC
2 Replies

6. Emergency UNIX and Linux Support

BAD PASSWORD: it is based on a dictionary word

hi all, i am trying to change the password of a user as the same is used in various deployment scripts but when chnaging the passowrd to desired one by root user i am getting as below Changing password for user tcms. New UNIX password: BAD PASSWORD: it is based on a dictionary word... (6 Replies)
Discussion started by: Jcpratap
6 Replies

7. Shell Programming and Scripting

Anyone like a challenge?

I have searched through google, and this forum to try and find the answer, but alas, nothing quite hits the whole answer. I am trying to read the last line (or lines) of some log files. I do this often. The files are named sequentially, using the date as part of the file name, and appending... (18 Replies)
Discussion started by: BatterBits
18 Replies

8. Shell Programming and Scripting

Choosing VPN server based on server response times

Hello all, I am using the VPN provider Private Internet Access. I am using the Raspberry Pi 4 with 4GB of RAM, performance on this upgraded board is great. Anyways I am connecting to its service using systemd's openvpn-client @ US_New_York_City.service I wonder if I can create a... (5 Replies)
Discussion started by: haloslayer255
5 Replies

9. Forum Support Area for Unregistered Users & Account Problems

Password sent via reset password email is 'weak' and won't allow me to change my password

I was unable to login and so used the "Forgotten Password' process. I was sent a NEWLY-PROVIDED password and a link through which my password could be changed. The NEWLY-PROVIDED password allowed me to login. Following the provided link I attempted to update my password to one of my own... (1 Reply)
Discussion started by: Rich Marton
1 Replies

LEARN ABOUT MOJAVE

sasl_checkapop

sasl_checkapop(3)						  SASL man pages						 sasl_checkapop(3)

NAME

       sasl_checkapop - Check an APOP challenge/response

SYNOPSIS

       #include <sasl/sasl.h>

       int sasl_checkapop(sasl_conn_t *conn,
			const char *challenge,
			unsigned challen,
			const char *response,
			unsigned resplen);

DESCRIPTION

       sasl_checkapop()  will  check  an  APOP challenge/response.  APOP is an optional POP3 (RFC 1939) authentication command which uses a shared
       secret (password). The password is stored in the SASL secrets database.	For information on the SASL shared secrets database see the System
       Administrators Guide in the doc/ directory of the SASL distribution.

       If called with a NULL challenge, sasl_checkapop() will check to see if the APOP mechanism is enabled.

RETURN VALUE

       sasl_checkapop  returns	an integer which corresponds to one of the following codes. SASL_OK indicates that the authentication is complete.
       All other return codes indicate errors and should either be handled or the authentication session should be quit.  See  sasl_errors(3)  for
       meanings of return codes.

CONFORMING TO

       RFC 4422, RFC 1939

SEE ALSO

       sasl(3), sasl_errors(3)

SASL
								   29 June 2001 						 sasl_checkapop(3)
All times are GMT -4. The time now is 08:22 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy