A replay attack (also known as playback attack) is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it, possibly as part of a masquerade attack by IP packet substitution.
Suppose Alice wants to prove her identity to Bob. Bob requests her password as proof of identity, which Alice dutifully provides (possibly after some transformation like a hash function); meanwhile, Darth is eavesdropping on the conversation and keeps the password (or the hash). After the interchange is over, Darth (posing as Alice) connects to Bob; when asked for a proof of identity, Darth sends Alice's password (or hash) read from the last session, which Bob accepts thus granting access to Darth.
Very interesting I learned so much about Replay Attack. Also thank you for linking the video.
ReplyDelete