Hi All,
When a symmetric key based challenge response is used, an attacker can
perform a reflection attack by starting a second instance of a
protocol and having the server answer its own questions.
To guard against the attack, is it sufficient to ensure all challenges
sent from server to client
The client and the server shouldn't both generate responses exactly the
same way with the same key, no. If you use HMAC, I think including a simple
identifier would be good enough. Something like this: HMAC(key, device ID
+ counter + timestamp), where the server and client has different IDs.
Den
