Jump to content

Reflection attack

From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Tgr (talk | contribs) at 00:52, 8 November 2006 (See also: Man-in-the-middle attack). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.
This article is about the attack on authentication systems. For the denial of service attack see Distributed Reflection Denial of Service.

A reflection attack is a potential way of attacking a challenge-response authentication system which uses the same protocol in both directions. The basic idea is to trick the target into providing the answer to its own challenge.

Attack

The general attack outline is as follows:

  1. The attacker initiates a connection to a target.
  2. The target attempts to authenticate the attacker by sending it a challenge.
  3. The attacker opens another connection to the target, and sends the target this challenge as its own.
  4. The target responds to that challenge.
  5. The attacker sends that response back to the target ("reflects" it) on the first connection.

If the authentication protocol is not carefully designed, the target will accept that response as valid, thereby leaving the attacker with one fully-authenticated channel connection (the other one is simply abandoned).

Solution

There are two general solutions to this problem.

  • Require the initiating party to first respond to challenges before the target party responds to its challenges.
  • Require the key/protocol to be different between the two directions.

See also

References

For more details, see Computer Networks 4th ed by Andrew S Tanenbaum, ISBN 0-13-038488-7, pages 787-790.

Stub icon

This computing article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Reflection_attack&oldid=86395053"