A replay attack, in cryptography, is a malicious effort to steal sensitive information by ‘replaying’ a legitimate command or transaction. It typically requires the same cryptographic parameters used in the first attempt to be re-entered in order to execute the attack.
Specifically, this type of attack, also denoted as a ‘basic replay attack’ occurs when the same session key, authentication data, or other sensitive information is sent across a potential number of transmission units. In a replay attack, a malicious user attempts to gain access to sensitive information by transmitting the same command or transaction over and over again, as if it were an original request.
The malicious user is typically attempting to access and gain information from a secure system or network. For example, an attacker might intercept an authenticated session cookie sent from an authenticated user and re-play it in order to gain access to the system.
As is typical of attacks, replay attacks tend to become easier as encryption and authentication systems become weaker. Because of this weakness, using encryption measures that provide added layers of protection such as double authentication, two-factor authentication, and digital signatures are becoming increasingly necessary.
Additionally, properly designed procedures for monitoring network activity for signs of replay attacks should be taken on an ongoing basis in order to adequately protect networks from this type of attack.