Reflection attack
Encyclopedia
A reflection attack is a method of attacking a challenge-response authentication
system that uses the same protocol in both directions. That is, the same challenge-response protocol is used by each side to authenticate the other side. The essential idea of the attack is to trick the target into providing the answer to its own challenge.
If the authentication protocol is not carefully designed, the target will accept that response as valid, thereby leaving the attacker with one fully authenticated channel connection (the other one is simply abandoned).
Challenge-response authentication
In computer security, challenge-response authentication is a family of protocols in which one party presents a question and another party must provide a valid answer to be authenticated....
system that uses the same protocol in both directions. That is, the same challenge-response protocol is used by each side to authenticate the other side. The essential idea of the attack is to trick the target into providing the answer to its own challenge.
Attack
The general attack outline is as follows:- The attacker initiates a connection to a target.
- The target attempts to authenticate the attacker by sending it a challenge.
- The attacker opens another connection to the target, and sends the target this challenge as its own.
- The target responds to the challenge.
- The attacker sends that response back to the target on the original connection.
If the authentication protocol is not carefully designed, the target will accept that response as valid, thereby leaving the attacker with one fully authenticated channel connection (the other one is simply abandoned).
Solution
Some of the most common solutions to this attack are described below:- The responder sends its identifier within the response so, if it receives a response that has its identifier in it, it can reject it.
- Alice initiates a connection to Bob
- Bob challenges Alice by sending a nonceCryptographic nonceIn security engineering, nonce is an arbitrary number used only once to sign a cryptographic communication. It is similar in spirit to a nonce word, hence the name. It is often a random or pseudo-random number issued in an authentication protocol to ensure that old communications cannot be reused...
. B -> A: N - Alice responds by sending back her identifier and the nonce encrypted using the shared key Kab. A -> B: {A, N}Kab
- Bob decrypts the message, makes sure its from Alice and not a message he had sent in the past by finding A in it and not B and if the nonce is the same as the one he sent in his challenge then he accepts the message.
- Require the initiating party to first respond to challenges before the target party responds to its challenges.
- Require the key or protocol to be different between the two directions.