https://openwall.info/wiki/ 2026-04-22T12:42:29+02:00 https://openwall.info/wiki/ https://openwall.info/wiki/lib/tpl/local/images/favicon.ico text/html 2018-02-17T15:15:23+02:00 https://openwall.info/wiki/people/solar/algorithms/challenge-response-authentication?rev=1518876923&do=diff Here are a couple of challenge/response authentication algorithms that I came up with while working on popa3d (a POP3 server). The goal was to address the major drawback of existing simple C/R schemes such as APOP and CRAM-MD5 (where they would require storage of plaintext passwords or of plaintext-equivalents on the server, thereby possibly making the setup less secure than it would be with simple password authentication not involving C/R), yet not go all the way for public-key crypto (stay si…