We have seen that passwords and PINs suffer from interception and replay: an attacker sniffing a password can reuse it arbitrarily to authenticate. This can be improved using OTPs, i.e., passwords that are never reused. But even in this case, if the attacker is in the middle, he can sniff the password in transit and … Continue reading Sym-key authentication