If not redirected, please click here https://www.thesecuritybuddy.com/vulnerabilities/what-is-replay-attack/
A Replay Attack is an attack in
which the attacker repeats or delays a valid transmission and
fraudulently re-transmits it. Using this approach, an attacker can
fraudulently authenticate himself to a system though he is not
authorized to do so.
Let's suppose, Alice and Bob are communicating with each
other over the network. Bob wants to authenticate himself to Alice.
So, Bob will provide his password which will then be transmitted over
the network in encrypted fashion, may be as a password hash.
Suppose Charles is an attacker. He
listens to the conversation between Alice and Bob and reads Bob's
password while it was transmitted to Alice. So, after the session is
over between Alice and Bob, Charles opens a connection to Alice. When
the system asks for authentication, Charles provides Bob's password
which he had read and fraudulently copied.
So, Alice's system will not understand
the deception and authenticate Charles. Charles at this point will
gain access to Alice's system and use that connection for malicious
purposes like stealing sensitive data or performing even more
attacks.
Prevention
We can take a couple of steps to
prevent this type of attacks :
- At the time of authentication, Alice can first send a session token like a random number to Bob. Bob can now append the hashed token value with his password and send the resultant encrypted hash to Alice. Alice will now decrypt the token and if there is a match, she will authenticate Bob. If we take this approach, then even if Charles later repeats the encrypted hash to Alice, the token value will not match and authentication will not be possible. This session token value should be a random number rather than a some other calculated number. Because that will reduce the possibility of guessing the session token by Charles.
- One Time Password is also another approach to prevent this attack. This One Time Passwords expire after a short period of time. So, if Charles repeats the communication after that interval, he cannot authenticate himself.
- Sending Time Stamp is another way to prevent this attack. Alice can periodically transmit her time. And when Bob will want to communicate with Alice, he needs to append the time in his clock at the time of authentication. In this approach, Alice does not need to generate random numbers.
So, this was a very short article on
Replay Attack just for your information. Hope you enjoyed it.
okay
ReplyDelete