What is the replay attack?
The replay attack is an attack in which an attacker repeats or delays a valid transmission and fraudulently re-transmits it. Using this approach, an attacker can fraudulently authenticate himself to a system, though he is not authorized to do so.
How does the replay attack work?
Let’s suppose Alice and Bob are communicating with each other over the network. Bob wants to authenticate himself to Alice. So, Bob will provide his password. The password will be transmitted over the network in an encrypted format.
Suppose Charles is an attacker. He listens to the conversation between Alice and Bob and reads Bob’s encrypted password while it is transmitted to Alice. So, after the session is over between Alice and Bob, Charles opens a connection to Alice. When the system asks for authentication, Charles provides Bob’s encrypted password, which he had read and fraudulently copied.
So, Alice’s system will not understand the deception and authenticate Charles. Charles, at this point, will gain access to Alice’s system and use that connection for malicious purposes like stealing sensitive data or performing even more attacks.
How to prevent replay attacks?
We can take a couple of steps to prevent this type of attack:
- At the time of authentication, Alice can first send a session token, like a random number, to Bob. Bob can now append the hashed token value with his password and send the resultant encrypted hash to Alice. Alice will now decrypt the token, and if there is a match, she will authenticate Bob. If we take this approach, then even if Charles later repeats the encrypted password to Alice, the token value will not match. And authentication will not be possible. This session token value should be a random number rather than some other calculated number. Because that will reduce the possibility of guessing the session token by Charles.
- One Time Password is also another approach to prevent this attack. These one-time passwords expire after a short period of time. So, if Charles repeats the communication after that interval, he cannot authenticate himself.
- Sending a Time Stamp is another way to prevent this attack. Alice can periodically transmit her time. And when Bob wants to communicate with Alice, he needs to append the time in his clock at the time of authentication. In this approach, Alice does not need to generate random numbers.
The above article gave a brief overview of the replay attacks. Interested readers who want to know more about different web application vulnerabilities may want to refer to the book “Web Application Vulnerabilities And Prevention.”
0 Comments