nerdexam
EC-Council

312-50V11 · Question #212

Todd has been asked by the security officer to purchase a counter-based authentication system. Which of the following best describes this type of system?

The correct answer is C. An authentication system that creates one-time passwords that are encrypted with secret keys.. A counter-based authentication system generates one-time passwords by combining a synchronized counter with a shared secret key, which is the mechanism defined by HOTP (HMAC-based One-Time Password).

Cryptography

Question

Todd has been asked by the security officer to purchase a counter-based authentication system. Which of the following best describes this type of system?

Options

  • AA biometric system that bases authentication decisions on behavioral attributes.
  • BA biometric system that bases authentication decisions on physical attributes.
  • CAn authentication system that creates one-time passwords that are encrypted with secret keys.
  • DAn authentication system that uses passphrases that are converted into virtual passwords.

How the community answered

(30 responses)
  • A
    7% (2)
  • B
    3% (1)
  • C
    87% (26)
  • D
    3% (1)

Why each option

A counter-based authentication system generates one-time passwords by combining a synchronized counter with a shared secret key, which is the mechanism defined by HOTP (HMAC-based One-Time Password).

AA biometric system that bases authentication decisions on behavioral attributes.

Behavioral biometrics authenticate users based on how they perform actions (e.g., keystroke dynamics or gait), which has no relation to counter-synchronized cryptographic one-time passwords.

BA biometric system that bases authentication decisions on physical attributes.

Physical biometrics authenticate users based on physiological traits such as fingerprints or iris patterns, which is entirely unrelated to counter-based OTP generation.

CAn authentication system that creates one-time passwords that are encrypted with secret keys.Correct

Counter-based authentication is standardized in RFC 4226 as HOTP. It generates a one-time password by computing an HMAC-SHA1 hash using a shared secret key and an incrementing counter value synchronized between client and server. Each successful authentication increments the counter on both sides, ensuring every OTP is valid only once and cannot be reused.

DAn authentication system that uses passphrases that are converted into virtual passwords.

Passphrase-to-virtual-password conversion describes cognitive or S/KEY-style passphrase schemes, not the counter-driven HMAC cryptographic process used in HOTP.

Concept tested: HOTP counter-based one-time password authentication mechanism

Source: https://www.rfc-editor.org/rfc/rfc4226

Topics

#OTP#counter-based authentication#HOTP#one-time passwords

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice