How does Replay attack works on SSL/TLS authentication?

Question

In security+ 401 cert guide there is a line about replay attack as follows,

In a replay attack a hacker might use a packet sniffer to intercept data and retransmit it later. In this way the hacker can impersonate the entity that originally sent the data. For example,if customers were to log in to a banking website with their credentials while an attacker was watching, the attacker could possibly sniff out the packets that include the usernames and passwords and then possibly connect with those credentials later on. Of course, if the bank uses SSL or TLS to secure login sessions, then the hacker would have to decrypt the data as well, which could prove more difficult.

According to this reply attack in case of SSL/TLS authentication is difficult but possible. My question is then how it works?

I don't see this as a statement about replay attacks being possible in SSL/TLS. Maybe you could add more context to this statement to prove your claim. Apart from that: Are SSL encrypted requests vulnerable to Replay Attacks?. — Steffen Ullrich, Jun 15 '17 at 04:35
I don't know why you think that. But as per your suggestion, I added some lines with that statement. And I see that question you mentioned but that was about prevention. But I want to know how it happens in the first place? — arif, Jun 15 '17 at 05:19

score 3 · Accepted Answer · answered Jun 15 '17 at 06:00

According to this reply attack in case of SSL/TLS authentication is difficult but possible. My question is then how it works?

According to the statement you cite replaying is possible if the attacker manages to decrypt the SSL/TLS traffic. In my opinion this should not be read as the attacker replaying the original SSL/TLS traffic but instead the attacker is creating a new SSL/TLS connection and encrypting the original (not encrypted) data inside this connection and sending these to the server. Thus, it is not a replay attack against SSL/TLS since it counts on having the plain (not encrypted) data in the first place.

There are several ways to get to the plain data when SSL/TLS is used but all of these involve somehow compromising client or server or relying on security vulnerabilities in these. This could for example be an active man in the middle attack, a compromise of the server certificate or a compromise of server or client.

Thus in summary: replay attacks against SSL/TLS are not possible and this is also not claimed in the text you cite. The text instead talks about having the original plain (not encrypted) data and sending these inside a new SSL/TLS connection - but this is not a replay at the SSL/TLS level. As for why replaying SSL/TLS is not possible see Are SSL encrypted requests vulnerable to Replay Attacks?.

How does Replay attack works on SSL/TLS authentication?

1 Answers1