ου γαρ εστιν κρυπτον ο ου φανερον γενησεται ουδε αποκρυφον ο ου γνωσθησεται και εις φανερον ελθη
Wersja PL ENG Version

Replay attack

During replay attacks the intruder sends to the victim the same message which had already been used in his communication previously. The message is correctly encrypted, so its receiver may treat is as a correct request and take actions desired by the intruder.

The attacker might either have eavesdropped a message between two sides before or he may know the message format from his previous communication with one of the sides. This message may contain a some kind of secret key and be used for providing authentication.

For example, when one makes an order to the bank to transfer money to the specified account, the attacker may eavesdrop the frames. Then he sends the same (correct) messages to the bank once more time, hoped that it will transfer money again to the same account (probably connected with the intruder).

There are some methods to avoid replay attacks. Before communication sides may negotiate and create a random session key, valid only for a specified time and process. Instead of session keys, it is also reasonable to use timestamps in all messages and accept messages that have not been sent too long ago. The other popular technique is to use one-time passwords for each request. This method of prevention is very often used for banking operations.

Cut-and-paste attack

In this variation of replay attack, an attacker mixes parts of different ciphertexts and sends them to a victim. Most likely the newly created message is incorrect but the receiver may react in such a way that the intruder obtains more information about the attacked system.