A challenge-response exchange between parties is used in various authentication protocols. FIG. 1 shows a simple example. Alice sends Bob a challenge 2, such as a message containing a string of characters “MQR” for example. Bob transforms this string using a cryptographic algorithm, T, with a key, k: T(“‘MQR”, k) to produce a response “SAT” for example. Bob sends the response 3 to Alice. Alice executes the same algorithm with her copy of the key, k′: T(“MQR”, k′). If Alice obtains the same result as Bob's response, “SAT”, she knows that Bob has a copy of her key, k′. When a match is found, it can be said that the response fits the challenge. This kind of exchange finds applications in many authentication protocols. For any given challenge there is only one response that fits.
Integrated Circuit Cards (ICC) can use a challenge-response exchange as part of a communication exchange between the card and a server.