14. Play It [Again] Sam, or, Let’s Look at the Instant Replay

Chapter Spotlight

• Replay attacks: transactions, passwords, physical objects

• Liveness indicators: beacons, sequence numbers, nonces

• Public key cryptography to thwart replay attacks

• DNS cache poisoning; DNSSEC

• Session hijacking attacks

• Encryption countermeasures: SSH, SSL, and IPsec

Attack: Cloned RFIDs 577

Threat: Replay Attacks 578

Vulnerability: Reuse of Session Data 580

Countermeasure: Unrepeatable Protocol 580

Countermeasure: Cryptography 583

Conclusion: Replay Attacks 584

Similar Attack: Session Hijack 584

Vulnerability: Electronic Impersonation 588

Vulnerability: Nonsecret Token 588

Countermeasure: Encryption 589

Countermeasure: IPsec 593

Countermeasure: Design ...

Get Analyzing Computer Security: A Threat / Vulnerability / Countermeasure Approach now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial