https://wiki.sarg.dev/index.php?action=history&feed=atom&title=Reflection_attackReflection attack - Revision history2026-04-20T04:26:20ZRevision history for this page on the wikiMediaWiki 1.44.2https://wiki.sarg.dev/index.php?title=Reflection_attack&diff=602912&oldid=previmported>CortexFiend: /* growthexperiments-addlink-summary-summary:1|1|0 */2025-08-12T22:26:07Z<p><span class="autocomment">growthexperiments-addlink-summary-summary:1|1|0</span></p>
<p><b>New page</b></p><div>{{about|the attack on authentication systems|the denial of service attack|Distributed Reflection Denial of Service}}<br />
<br />
In [[computer security]], a '''reflection attack''' is a method of attacking a [[challenge–response authentication]] system that uses the same [[Protocol (computing)|protocol]] in both directions. That is, the same challenge–response protocol is used by each side to [[Authentication|authenticate]] the other side. The essential idea of the attack is to trick the target into providing the answer to its own challenge.<ref>''Computer Networks'' by [[Andrew S. Tanenbaum]], 4th edition, {{ISBN|0-13-038488-7}}, pages 787-790.</ref><br />
<br />
== Attack ==<br />
The general attack outline is as follows:<br />
<br />
# The attacker initiates a connection to a target.<br />
# The target attempts to authenticate the attacker by sending it a challenge. <br />
# The attacker opens another connection to the target, and sends the target this challenge as its own.<br />
# The target responds to the challenge.<br />
# The attacker sends that response back to the target on the original connection.<br />
<br />
If the [[authentication protocol]] is not carefully designed, the target will accept that response as valid, thereby leaving the attacker with one fully authenticated channel connection (the other one is simply abandoned).<br />
<br />
== Solution ==<br />
Some of the most common solutions to this attack are described below:<br />
<br />
* The responder sends its identifier within the response so, if it receives a response that has its identifier in it, it can reject it.<ref>[[Ross J. Anderson]]: <cite>[http://www.cl.cam.ac.uk/~rja14/book.html Security Engineering: A Guide to Building Dependable Distributed Systems]</cite>, 1st edition, page 21, {{ISBN|0-471-38922-6}}</ref><br />
# Alice initiates a connection to Bob.<br />
# Bob challenges Alice by sending a [[cryptographic nonce|nonce]] ''N''. {{nowrap|B → A: ''N''}}<br />
# Alice responds by sending back the MAC calculated on her identifier and the nonce using the shared key ''K''<sub>ab</sub>. {{nowrap|A → B: MAC<sub>''K''<sub>ab</sub></sub>{{mset|A, ''N''}}}}<br />
# Bob checks the message and verifies the MAC, making sure it is from Alice and not a message he had sent in the past by making sure that it verifies with A and not B, and on the nonce which is the same as the one he sent in his challenge, then he accepts the message.<br />
* Require the initiating party to first respond to challenges before the target party responds to its challenges.<br />
* Require the key or protocol to be different between the two directions.<br />
<br />
==See also==<br />
* [[Replay attack]]<br />
* [[Man-in-the-middle attack]]<br />
* [[Pass the hash]]<br />
<br />
== References ==<br />
{{reflist}}<br />
<br />
[[Category:Computer security exploits]]<br />
[[Category:Computer access control protocols]]</div>imported>CortexFiend