What Does Challenge-Response Authentication Mean?
Challenge-response authentication is a group or family of protocols characterized by one entity sending a challenge to another entity. The second entity must respond with the appropriate answer to be authenticated.
A simple example of this is password authentication. The challenge is from a server asking the client for a password to authenticate the client’s identity so that the client can be served.
Techopedia Explains Challenge-Response Authentication
Most smart card systems use challenge-response authentication. These systems require at least two things for authentication and entry: the smart card and the user’s password.
Another challenge-response authentication example is the use of CAPTCHA, a form of reverse-Turing test for the system to determine if the client is a human or not. This is used to prevent spam and auto-registration of new accounts for a website or email.
Biometric systems are another form of challenge-response authentication.
In cryptography, zero-knowledge password proof and key agreement systems such as secure remote password, CRAM-MD5 and secure shell’s challenge-response system based on RSA are considered to be very sophisticated challenge-response algorithms.