Reflection attack
From Wikipedia, the free encyclopedia
-
This article is about the attack on authentication systems. For the denial of service attack, see Distributed Reflection Denial of Service.
A reflection attack is a method of attacking a challenge-response authentication system that uses the same protocol in both directions. That is, the same challenge-response protocol is used by each side to authenticate the other side. The essential idea of the attack is to trick the target into providing the answer to its own challenge.
Contents |
[edit] Attack
The general attack outline is as follows:
- The attacker initiates a connection to a target.
- The target attempts to authenticate the attacker by sending it a challenge.
- The attacker opens another connection to the target, and sends the target this challenge as its own.
- The target responds to the challenge.
- The attacker sends that response back to the target on the original connection.
If the authentication protocol is not carefully designed, the target will accept that response as valid, thereby leaving the attacker with one fully-authenticated channel connection (the other one is simply abandoned).
[edit] Solution
There are two general solutions to this problem.
- Require the initiating party to first respond to challenges before the target party responds to its challenges.
- Require the key or protocol to be different between the two directions.
[edit] See also
[edit] References
- Computer Networks 4th ed by Andrew S. Tanenbaum, ISBN 0-13-038488-7, pages 787-790.