# Reflection attack

> Mediated Wiki article. Canonical URL: https://mediated.wiki/source/Reflection_attack
> Markdown URL: https://mediated.wiki/source/Reflection_attack.md
> Source: https://en.wikipedia.org/wiki/Reflection_attack
> Source revision: 1328818467
> License: Creative Commons Attribution-ShareAlike 4.0 International (https://creativecommons.org/licenses/by-sa/4.0/)

{{Short description|Attack on challenge–response authentication systems}}
{{about|the attack on authentication systems|the denial of service attack|Distributed Reflection Denial of Service}}

In [computer security](/source/computer_security), a '''reflection attack''' is a method of attacking a [challenge–response authentication](/source/challenge%E2%80%93response_authentication) system that uses the same [protocol](/source/Protocol_(computing)) in both directions.  That is, the same challenge–response protocol is used by each side to [authenticate](/source/Authentication) the other side. The essential idea of the attack is to trick the target into providing the answer to its own challenge.<ref>''Computer Networks'' by [Andrew S. Tanenbaum](/source/Andrew_S._Tanenbaum), 4th edition, {{ISBN|0-13-038488-7}}, pages 787-790.</ref>

== Attack ==
The general attack outline is as follows:

# The attacker initiates a connection to a target.
# The target attempts to authenticate the attacker by sending it a challenge. 
# The attacker opens another connection to the target, and sends the target this challenge as its own.
# The target responds to the challenge.
# The attacker sends that response back to the target on the original connection.

If the [authentication protocol](/source/authentication_protocol) is not carefully designed, the target will accept that response as valid, thereby leaving the attacker with one fully authenticated channel connection (the other one is simply abandoned).

== Solution ==
Some of the most common solutions to this attack are described below:

* The responder sends its identifier within the response so, if it receives a response that has its identifier in it, it can reject it.<ref>[Ross J. Anderson](/source/Ross_J._Anderson): <cite>[http://www.cl.cam.ac.uk/~rja14/book.html Security Engineering: A Guide to Building Dependable Distributed Systems]</cite>, 1st edition, page 21, {{ISBN|0-471-38922-6}}</ref>
# Alice initiates a connection to Bob.
# Bob challenges Alice by sending a [nonce](/source/cryptographic_nonce) ''N''. {{nowrap|B → A: ''N''}}
# Alice responds by sending back the MAC calculated on her identifier and the nonce using the shared key ''K''<sub>ab</sub>. {{nowrap|A → B: MAC<sub>''K''<sub>ab</sub></sub>{{mset|A, ''N''}}}}
# Bob checks the message and verifies the MAC, making sure it is from Alice and not a message he had sent in the past by making sure that it verifies with A and not B, and on the nonce which is the same as the one he sent in his challenge, then he accepts the message.
* Require the initiating party to first respond to challenges before the target party responds to its challenges.
* Require the key or protocol to be different between the two directions.

==See also==
* [Replay attack](/source/Replay_attack)
* [Man-in-the-middle attack](/source/Man-in-the-middle_attack)
* [Pass the hash](/source/Pass_the_hash)

== References ==
{{reflist}}

Category:Computer security exploits
Category:Computer access control protocols

---
Adapted from the Wikipedia article [Reflection attack](https://en.wikipedia.org/wiki/Reflection_attack) by Wikipedia contributors ([contributor history](https://en.wikipedia.org/wiki/Reflection_attack?action=history)). Available under [Creative Commons Attribution-ShareAlike 4.0 International](https://creativecommons.org/licenses/by-sa/4.0/). Changes may have been made.
