A method of authentication used by Microsoft Windows 2000 and other operating systems.
When a user contacts a server, the server responds with a challenge, upon which the user then performs a cryptographic operation and returns the result to the server. The server then performs the same operation, and if the two results are the same, the user is considered authentic.
See also clear text authentication.