One mechanism for resisting "replay" attacks in password authentication is to use one-time passwords: A list of passwords is prepared, and once password [N] has been accepted, the server decrements N and prompts for password[N - 1] next time. At N = 0 a new list is needed. Outline a mechanism by which the user and server need only remember one master password mp and have available locally a way to compute password[N] = f(mp, N). Hint: Let g be an appropriate one-way function (e.g., MD5) and let password[N] = g N(mp) = g, applied N times to mp. Explain why knowing password[N] doesn't help reveal password[N - 1].