olemus
automaatne autentimisvahend:
- üks suhtluspool saadab teisele pretensiooni, st
andmetega autentimisnõude
- teine pool saadab talle vastuse, mis neist andmetest
tuletatakse kokkulepitud krüptograafilise töötlusega

NIST SP 800-63-2:
an authentication protocol where the Verifier sends the Claimant a challenge (usually a random value or a nonce) that the Claimant combines with a secret (such as by hashing the challenge and a shared secret together, or by applying a private key operation to the challenge) to generate a response that is sent to the Verifier
The Verifier can independently verify the response generated by the Claimant (such as by re-computing the hash of the challenge and the shared secret and comparing to the response, or performing a public key operation on the response) and establish that the Claimant possesses and controls the secret.

ülevaateid
https://www.techopedia.com/definition/26138/challenge-response-authentication

https://en.wikipedia.org/wiki/Challenge%E2%80%93response_authentication

https://docs.sophos.com/esg/sgn/8-1/admin/en-us/esg/SafeGuard-Enterprise/tasks/RecoveryGeneralWorkflow.html

https://www.rs-online.com/designspark/industrial-security-part-6-the-challenge-response-concept

https://tools.ietf.org/html/rfc5802

https://tools.ietf.org/html/rfc7804

vt ka
- pretensioon