Solution to Scenario One-Time Passwords

A possible solution to this scenario is to tap the current password and disturb the protocol before server 1 receives the password. You proceed as follows:

  1. You create a connection between the attacker’s computer and router 1.

  2. Attack router 1 (it must appear red now).

  3. Separate the connection between router 1 and router 2.

  4. You start the protocol from the client via the button Authenticate client. As soon as the data packet is transferred from router 1, a copy is forwarded to you so you can obtain the password. The disconnection between router 1 and router 2 prevents the proper protocol process which, therefore, has to be stopped. You and the client receive a notice “The protocol was interrupted”.

  5. Now revoke the separation of router 1 and router 2 and then you can proceed with the protocol from the attacker’s computer with the still current password (from the server´s point of view) via the button Authenticate attacker.

cr_sol_onetimepasswords.gif