Describe a method that allows a client to authenticate multiple times to a server with the following requirements: 1. The client and server use constant space for authentication. 2. Every time the client authenticates to the server, a different random value for authen tication is used (for example, if you have n authentication rounds, the client and the server have to use n different random

values—this means that sharing a key initially and using it for every round of authentication is not a valid solution). Can you find any vulnerabilities for this protocol?

What will be an ideal response?

One solution is to have the client and server use public-key cryptography for
authentication and then send the random messages as a way of issuing challenge-responses,
say, by having the client send the server a digitally-signed copy of the random string. The
problem with this approach is that it is subject to replay attacks. Someone listening in to
this communication could replay it to the server and then be authenticated as the original
client.