Hello all,
I have this question, hope to get some guidance...
Fora simple password-based challenge-response protocol between a user A and a server S, where Pa is A's password, n is a random nonce generated by the server, and h is a known cryptographic hash function.
- S -> A: E(Pa,n)
- A -> S: E(Pa,h(n))
How to show that this protocol is vulnerable to an off-line password guessing attack? and how would the attack take place ?. Under which circumstances would the vulnerability not be a problem?
any references and views are appreciated----- thanks again....!merry christmas !!!