replay attack

term

cryptographysecurity

Capturing a valid message and sending it again to produce an unauthorized effect.

In a replay attack the adversary need not decrypt anything, just resend a captured, still-valid request, like replaying an authentication token. Nonces, timestamps, and one-time values defeat it by making each message good only once.

Also known as: replay-attack, replay

All glossary entries