Jump to content

Reflection attack

From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by SpuriousQ (talk | contribs) at 03:31, 4 August 2005 (a/the, replay attack link). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

A reflection attack is a potential way of attacking a challenge-response authentication system which uses the same protocol in both directions.

Attack

The general attack outline is as follows:

  1. The attacker initiates a connection to a target.
  2. The target attempts to authenticate the attacker by sending it a challenge.
  3. The attacker opens another connection to the target, and sends the target this challenge as its own.
  4. The target responds to that challenge.
  5. The attacker sends that response back to the target ("reflects" it) on the first connection.

If the authentication protocol is not carefully designed, the target will accept that response as valid, thereby leaving the attacker with one fully-authenticated channel connection (the other one is simply abandoned).

Solution

There are two general solutions to this problem.

  • Require the initiating party to first respond to challenges before the target party responds to its challenges.
  • Require the key/protocol to be different between the two directions.

See Also

References

For more details, see Computer Networks 4th ed by Andrew S Tanenbaum, ISBN 0-13-038488-7, pages 787-790.

Stub icon

This technology-related article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Reflection_attack&oldid=20237748"