Replay Attacks - Columbus State University

Replay Attacks

Replay Attack • First, attacker intercepts a message – Not difficult to do

Replay Attack • Later, attacker retransmits (replays) the message to the original destination host – Does not have to be able to read a message to replay it

Replay Attack • Why replay attacks? – To gain access to resources by replaying an authentication message – In a denial-of-service attack, to confuse the destination host

Thwarting Replay Attacks • Put a time stamp in each message to ensure that the message is “fresh” – Do not accept a message that is too old

• Place a sequence number in each message – Do not accept a duplicated message Message Time Stamp

Sequence Number

Thwarting Replay Attacks • In request-response applications, – Sender of request generates a nonce (random number) – Places the nonce in the request – Server places the nonce in the response – Neither party accepts duplicate nonces Request Nonce

Response Nonce

Thwarting Replay Attacks • To prevent changes in the message being replayed – Message integrity is needed – Requires a digital signature or equivalent • See HMAC under IPsec Message Digital Signature Or HMAC