Replay Attack

What is a replay attack? A replay attack is a network, a ”Man-in-the-middle" attack that involves intercepting data packets and replaying them. This means resending them as is (with no decryption) to the receiving server. Another common name for this kind of attack is playback attack


As a result, depending on the context, the hacker can benefit from the user's rights. Imagine a scenario in which a client sends an encrypted username and password to a server to log in. If a hacker intercepts the communication (using monitoring software) and replays the sequence, they will obtain the same rights as the user. If the system enables password modification, they could even replace it with another one, depriving the user of his access.

Possible Solutions

Session ID

One of the most general solutions is using an ID session (session tokens) for every encrypted component, as well as a component number. Session IDs are generated randomly which makes them unique and thus, they decrease the chances of replaying them. With this solution, there is no interdependency and thus, less vulnerabilities.

Message Authentication Code

Another way to prevent replay attacks is to send an arbitrary number (single use) and add a message authentication code (MAC).


Timestamping is (an encoded) information to when a given event occurs. The receiver can broadcast this information with a MAC and then the sender has to give an accurate estimation of it to send them a message. If the estimation is correct, the receiver can then accept the message.

One-time Password

One-time passwords expire after a certain amount of time. They can be used when authenticating transactions or in order to establish communication between two parties.

Sources: Wikipedia
Photo: Unsplash

Ask a question
CCM is a leading international tech website. Our content is written in collaboration with IT experts, under the direction of Jean-François Pillou, founder of CCM reaches more than 50 million unique visitors per month and is available in 11 languages.
This document, titled « Replay Attack », is available under the Creative Commons license. Any copy, reuse, or modification of the content should be sufficiently credited to CCM (