as it seems, you have to attack one end, if you can issue the same challenge more than once, that would quickly rule out a one use challenge, or some kind of time stamping,
Next up figuring out what its doing, in the past i have tried using olydbg to try and do the same for a devices serial number, but i didnt have a solid enough understanding of assembly to work out where it was starting communications via USB in that case.... kinda hoping stirng up in here might lead to a solution for us both,
Also something in my head is clicking at that data, it doesnt seem like an even number distribution, e.g. not all hex values are being used in equal amounts, it could just be due to the small data set, but its something, maybe a 4 byte address and a 4 byte time stamp sent from the computer,