Problem
Bob (B) has a token who got a random challenge from a server and sends following message ( B, a, AES(Nk,). Nk here is Bob's key known to token and server. As server got the message, decrypts it & matches a in the message and authenticate Bob. How the protocol is not preventing replay attacks here what should it do to mitigate such attack in this scenario.