The message integrity scheme based on HMAC is susceptible to replay attacks when an unsecure key exchange mechanism is used to distribute secret keys.
• If an intruder acquires the Bob’s and Alice’s secret keys during key exchange, then he can send bogus message H(m’+s) to Bob as if it is sent by Alice.
• To remove this susceptibility, public key encryption can be used between two users, Bob and Alice.
• When a hashed message is received by Bob from Alice, Bob first chooses a nonce, encrypts it with Alice’s public key and sends it to Alice.
• Alice decrypts the message using her private key and sends the original nonce to Bob.
• If both are equal, Bob knows that the message is from Alice and accepts the hashed message.
If you found this answer helpful, please upvote and share with other students in your network.