Glossary of Security Terms: Challenge-Response Authentication

August 15th 2020

@mozillaMozilla Contributors

Mozilla (stylized as moz://a) is a free software community founded in 1998 by members of Netscape.

In security protocols, a challenge is some data sent to the client by the server in order to generate a different response each time. Challenge-response protocols are one way to fight against replay attacks where an attacker listens to the previous messages and resends them at a later time to get the same credentials as the original message.

The HTTP authentication protocol is challenge-response based, though the "Basic" protocol isn't using a real challenge (the realm is always the same).

Learn more

• Challenge-response authentication on Wikipedia.

 View Previous Terms:

• Block cipher mode of operation
• Certificate authority
• Cipher
• Cipher suite
• Ciphertext
• CORS
• CORS-safelisted request header
• CORS-safelisted response header
• Cross-site scripting
• Cryptanalysis
• Cryptographic hash function
• Cryptography
• CSP
• CSRF
• Decryption
• Digital certificate
• DTLS (Datagram Transport Layer Security)
• Encryption
• Forbidden header name
• Forbidden response header name
• Hash
• HMAC
• HPKP
• HSTS
• HTTPS
• Key
• MitM
• OWASP
• Preflight request
• Public-key cryptography
• Reporting directive
• Robots.txt
• Same-origin policy
• Session Hijacking
• SQL Injection
• Symmetric-key cryptography
• TOFU
• Transport Layer Security (TLS)

Credits

• Source: https://developer.mozilla.org/en-US/docs/Glossary/challenge
• Published under Open CC Attribution ShareAlike 3.0 license

Related

Never get a boring domain. Get .Tech!

Visit Radix https://bit.ly/3cg9cv7

promoted

JavaScript Concurrency Models: The Event Loop

1 reaction

#javascript

@mozillaMozilla Contributors

5min

01/14/21

How to Best Optimize Your Videos for the Web - A Quick Guide

1 reaction

#video-editing

@gilad-david-maayanGilad David Maayan

01/21/21