Which authentication method uses a nonce sent by the server to generate a one-time password?

The correct choice is the one that refers to the challenge/response authentication method. In this method, a nonce—a unique number used only once—is generated by the server and sent to the client as a challenge. The client uses this nonce along with their secret (like a password or cryptographic key) to compute a response, which typically takes the form of a one-time password (OTP). This response is then sent back to the server for validation.

This ensures that the authentication process is secure, as even if an attacker intercepts the nonce and the response, the secret used to generate the response is never shared and cannot be reused. Each authentication attempt produces a unique response due to the nonce, increasing the security of the authentication process.

The other methods mentioned in the choices, while relevant to certain contexts, do not utilize the nonce in the same way to generate a one-time password. Synchronous and asynchronous methods have different principles and mechanics for authentication that do not involve this nonce-based challenge-response dynamic. Physical typically refers to tangible elements used for authentication (like biometric data or access cards) and does not involve the concept of generating an OTP based on a nonce.