Hacker News new | ask | show | jobs
by gizzlon 4765 days ago
I'll take that as a "yes" ;)

AFAIK, neither signatures or "something you have, know" alone fixes replay attacks. Since this is a well known problem in cryptography, many solutions exists. All of which are probably overkill for this use.
1 comments
shaydoc 4765 days ago
At least with the use of a digital signature and nonce you can guarantee that the request hasn't been tampered with!
link