security

Public-key-based Authentication

June 1, 2010

Simple PKC-based challenge/response protocol

Server sends challenge

Client signs challenge and returns it

Server verifies clients signature on the challenge

Vulnerable to chosen-protocol attacks

Server can have client sign anything

Algorithm-specific attacks (eg RSA signature/encryption duality)

https://www.bestitdocuments.com/Samples