During an internal penetration test, you capture several client-server challenge-response handshakes and successfully reuse one of them to log in as another employee. Management wants a mitigation that keeps the existing symmetric cipher but eliminates this replay attack vector. Which measure is MOST effective for this goal?
Base64-encode the ciphertext before transmission to the server.
Double the symmetric key length from 128 bits to 256 bits.
Insert a cryptographically secure random nonce in each challenge and reject any response that repeats a previously seen nonce.
Compress the challenge data prior to encryption to obfuscate patterns.
A replay attack succeeds because the protocol accepts previously used ciphertext as valid. Introducing a unique, unpredictable value-such as a cryptographically secure random nonce or timestamp-into each challenge ensures that every authentication exchange is unique and can be accepted only once. Even if an attacker records the traffic, the reused message will be rejected because the server expects a fresh nonce. Simply lengthening the key, base64-encoding, or compressing the data does not prevent an attacker from resending a valid prior ciphertext; the underlying vulnerability is the absence of freshness verification, not insufficient key size or data formatting.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a nonce in cryptography?
Open an interactive chat with Bash
How does a replay attack work?
Open an interactive chat with Bash
Why is symmetric key length not effective against replay attacks?
Open an interactive chat with Bash
What is a nonce?
Open an interactive chat with Bash
How does a replay attack work?
Open an interactive chat with Bash
Why doesn't increasing the key size prevent replay attacks?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Cryptography
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .