paint-brush
Glossary of Security Terms: Challenge-Response Authenticationby@mozilla
171 reads

Glossary of Security Terms: Challenge-Response Authentication

by Mozilla ContributorsAugust 15th, 2020
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

Mozilla (stylized as moz://a) is a free software community founded in 1998 by members of Netscape. Challenge-response protocols are one way to fight against replay attacks where an attacker listens to the previous messages and resends them at a later time to get the same credentials as the original message. The "Basic" protocol isn't using a real challenge (the realm is always the same).Learn more about challenge-response authentication on Wikipedia page: http://developer.mozilla.org/en-US/docs/Glossary/challenge-response-authentication.

Company Mentioned

Mention Thumbnail
featured image - Glossary of Security Terms: Challenge-Response Authentication
Mozilla Contributors HackerNoon profile picture

In security protocols, a challenge is some data sent to the client by the server in order to generate a different response each time. Challenge-response protocols are one way to fight against replay attacks where an attacker listens to the previous messages and resends them at a later time to get the same credentials as the original message.

The HTTP authentication protocol is challenge-response based, though the "Basic" protocol isn't using a real challenge (the realm is always the same).

Learn more

 View Previous Terms:

Credits