Replay Attacks
Replay Attack
• First, attacker intercepts a message
– Not difficult to do
Replay Attack
• Later, attacker retransmits (replays) the
message to the original destination host
– Does not have to be able to read a message to
replay it
Replay Attack
• Why replay attacks?
– To gain access to resources by replaying an
authentication message
– In a denial-of-service attack, to confuse the
destination host
Thwarting Replay Attacks
• Put a time stamp in each message to ensure that
the message is “fresh”
– Do not accept a message that is too old
• Place a sequence number in each message
– Do not accept a duplicated message
Message
Time
Stamp
Sequence
Number
Thwarting Replay Attacks
• In request-response applications,
– Sender of request generates a nonce (random
number)
– Places the nonce in the request
– Server places the nonce in the response
– Neither party accepts duplicate nonces
Request
Nonce
Response
Nonce
Thwarting Replay Attacks
• To prevent changes in the message being
replayed
– Message integrity is needed
– Requires a digital signature or equivalent
• See HMAC under IPsec
Message
Digital Signature
Or HMAC