Dismiss Notice
Join Physics Forums Today!
The friendliest, high quality science and math community on the planet! Everyone who loves science is here!

Protocols insecure against Replay Attack

  1. Nov 21, 2011 #1
    1. The problem statement, all variables and given/known data

    Determine which of the following protocols are insecure
    against replay attack , and explain why:

    (a) A → B : username, password

    (b) A → B : username, h(timestamp, password)

    (c) A → B : username, timestamp, h(password)

    (d) A → B : username, h(password), h(timestamp)

    3. The attempt at a solution

    I know a is insecure, b is secure but I am not certain about c and d.

    Off the cuff, in C it seems that h(password) can be replicated as its in the open, as can timestamp, but then if timestamp can be replicated so can h(timestamp). No?

    I guess my answer is that a,c and d are all insecure, so if possible can someone provide any input on this?
  2. jcsd
Share this great discussion with others via Reddit, Google+, Twitter, or Facebook

Can you offer guidance or do you also need help?