In security protocols, achallenge is some data sent to the client by the server in order to generate a different response each time. Challenge-response protocols are one way to fight againstreplay attacks where an attacker listens to the previous messages and resends them at a later time to get the same credentials as the original message.

TheHTTP authentication protocol is challenge-response based, though the "Basic" protocol isn't using a real challenge (the realm is always the same).

See also

• Challenge-response authentication on Wikipedia.