HOME

TheInfoList



Click Here for Items Related To - Reflection Attack
OR:
Reflection Attack on:   [Wikipedia]   [Google]   [Amazon]

In
computer security Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, t ...
, a reflection attack is a method of attacking a challenge–response authentication system that uses the same protocol in both directions. That is, the same challenge–response protocol is used by each side to authenticate the other side. The essential idea of the attack is to trick the target into providing the answer to its own challenge.


Attack

The general attack outline is as follows: # The attacker initiates a connection to a target. # The target attempts to authenticate the attacker by sending it a challenge. # The attacker opens another connection to the target, and sends the target this challenge as its own. # The target responds to the challenge. # The attacker sends that response back to the target on the original connection. If the authentication protocol is not carefully designed, the target will accept that response as valid, thereby leaving the attacker with one fully authenticated channel connection (the other one is simply abandoned). In simple terms, in this type of attack, the attacker spoofs the IP address of its target, sends a query to the server exploiting the vulnerability that arises from the open nature of the misconfigured server, and the server has no way of distinguishing the spoofed IP address from the real one, and thus believes it to be an authentic request, and in turn provides a response to the query.


Solution

Some of the most common solutions to this attack are described below: * The responder sends its identifier within the response so, if it receives a response that has its identifier in it, it can reject it.
Ross J. Anderson Ross John Anderson (born 15 September 1956) is a researcher, author, and industry consultant in security engineering. He is Professor of Security Engineering at the Department of Computer Science and Technology, University of Cambridge where ...
: Security Engineering: A Guide to Building Dependable Distributed Systems
/cite>, 1st edition, page 21, # Alice initiates a connection to Bob # Bob challenges Alice by sending a
nonce Nonce may refer to: * Cryptographic nonce, a number or bit string used only once, in security engineering * Nonce word, a word used to meet a need that is not expected to recur * The Nonce, American rap duo * Nonce orders, an architectural term ...
. B -> A: N # Alice responds by sending back the MAC calculated on her identifier and the nonce using the shared key Kab. A -> B: MACKab # Bob checks the message and verifies the MAC, making sure it is from Alice and not a message he had sent in the past by making sure that it verifies with A and not B, and on the nonce which is the same as the one he sent in his challenge, then he accepts the message. * Require the initiating party to first respond to challenges before the target party responds to its challenges. * Require the key or protocol to be different between the two directions.


See also

*
Replay attack A replay attack (also known as a repeat attack or playback attack) is a form of network attack in which valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary w ...
*
Man-in-the-middle attack In cryptography and computer security, a man-in-the-middle, monster-in-the-middle, machine-in-the-middle, monkey-in-the-middle, meddler-in-the-middle, manipulator-in-the-middle (MITM), person-in-the-middle (PITM) or adversary-in-the-middle (AiTM) ...
* Pass the hash


References

{{reflist Computer security exploits Computer access control protocols