Replay Attacks

Document Sample
Replay Attacks Powered By Docstoc
					Replay Attacks
              Replay Attack
• First, attacker intercepts a message
  – Not difficult to do
              Replay Attack
• Later, attacker retransmits (replays) the
  message to the original destination host
  – Does not have to be able to read a message to
    replay it
          Replay Attack
• Why replay attacks?
  – To gain access to resources by replaying an
    authentication message
  – In a denial-of-service attack, to confuse the
    destination host
      Thwarting Replay Attacks
• Put a time stamp in each message to ensure that
  the message is “fresh”
   – Do not accept a message that is too old
• Place a sequence number in each message
   – Do not accept a duplicated message

                             Message

                       Time               Sequence
                       Stamp               Number
     Thwarting Replay Attacks
• In request-response applications,
  – Sender of request generates a nonce (random
    number)
  – Places the nonce in the request
  – Server places the nonce in the response
  – Neither party accepts duplicate nonces
           Request                   Response
               Nonce                     Nonce
    Thwarting Replay Attacks
• To prevent changes in the message being
  replayed
  – Message integrity is needed
  – Requires a digital signature or equivalent
     • See HMAC under IPsec
                           Message

           Digital Signature
              Or HMAC

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:4
posted:8/21/2012
language:Latin
pages:7