Replay attack

A replay attack ( attack by reinjection ) is a cryptanalytic attack on the authenticity of the form data in a communication protocol. Here, the attacker sends previously recorded data to simulate about a foreign identity.

Example

Suppose Alice wants to prove their identity against Bob. Both know Alice's secret password. Alice computes the hash code of their password with a cryptographic hash function and sends it to Bob. Bob compares the hash code with its calculation and accepted. Meanwhile, Mallory eavesdrops the communication and records the hash code sent by Alice on. After the communication is finished, Mallory connects with Bob, poses as Alice and sends the recorded hash code. Mallory can thereby successfully pretend Alice's identity, even though they do not know the password.

The Needham - Schroeder protocol is vulnerable to a replay attack in its original form.

Countermeasures

One way to prevent replay attacks, the use of a nonce Bob sends a unique code ( nonce ) to Alice. This uses Alice to transform her password, and sends the result back to Bob. Bob, in turn, performs the same transformation and compares its result with Alice's result: if they match, Bob accepts the identity of Alice. Now, if Mallory tries to reuse a password sniffed, Bob still sends another nonce; spied hash code is now invalid ( because with another nonce generated). Bob refuses, since its result and delivered ( obsolete ) hash code do not match.

To protect an ongoing data transmission over a plurality of data packets of time, a sequence number may be used, the authenticity of which is in turn secured by a message authentication code. This is provided, for example in both the IPsec Authentication Header and Encapsulating Security Payload at. Depending on the operating mode can also be encrypted with a block cipher data transfer provide protection against replay attacks.

• Cryptanalysis
• Vulnerability