Determine which of the following protocols are insecure
against replay attack , and explain why:
(a) A → B : username, password
(b) A → B : username, h(timestamp, password)
(c) A → B : username, timestamp, h(password)
(d) A → B : username, h(password), h(timestamp)
The Attempt at a Solution
I know a is insecure, b is secure but I am not certain about c and d.
Off the cuff, in C it seems that h(password) can be replicated as its in the open, as can timestamp, but then if timestamp can be replicated so can h(timestamp). No?
I guess my answer is that a,c and d are all insecure, so if possible can someone provide any input on this?