Un Replay Attack, or Replay Attack, happens when a malicious actor intercepts and then repeats a valid data transmission that goes through a network. This is possible because the attacker has gained access to valid credentials for the network. Because of this, network security protocols treat the attack as if it were normal data transmission. In this way, the attacker can carry out his attack without major problems.
Replay Attacks especially affect blockchain technology, due to its operation as a distributed system. This is because precisely this operating structure facilitates this type of malicious actions. All you need is to have access to valid credentials and that the attack is carried out at the right time, with it enough to achieve success.
A closer explanation
To more easily illustrate this problem, we can consider the following example:
Juan has a number of cryptocurrencies on the Bitcoin Cash blockchain. However, the blockchain is about to undergo a hard fork that will divide the blockchain into two parts, legacy and the new blockchain. After the split, Juan owns the same number of cryptocurrencies on both blockchains. In this situation, Juan, who had received several important transactions from Cristina before the hard fork, decides to act maliciously together with her. To do this, they return to perform past operations (on the legacy blockchain), within the new blockchain. This "repetition" of transactions is validated by the miners on the new blockchain. This action allows them to obtain new cryptocurrencies for the same value of past transactions. With this, Juan and Cristina have successfully performed a replay attack.
In this way, attackers can unscrupulously seize new funds, revealing the terrible consequences that this type of attack can have on the entire network.
Scope and consequences of a replay attack
A replay attack can have, in the first instance, the following scope:
- It allows to supplant the identity of one more system users. At this point, an attacker can effectively steal network access credentials and impersonate a user's identity. By doing this, the attacker has access to all of the user's action history. This point is a sufficient and necessary condition to carry out a replay attack with disastrous consequences.
- It allows to create attacks of denial of services (DoS). An attacker can make the replay attack massive within the blockchain. This scenario is possible due to the loss of computing power of the legacy blockchain. As the mining power of the legacy blockchain falls, space is opened for a 51% attack. This enables the creation of new transactions that can go to the new blockchain and take it out of service if its power is exceeded. Another way to carry out this type of action is to take advantage of a weakness in the message protocol of the P2P network. By means of this vulnerability, you can not only make the replay attack, but also control the network so that it only listens to messages formatted in a specific way.
In both cases, there are limitations on the malicious actions that can be taken. But perhaps the most important is that the data that is sent cannot be changed without being rejected by the network. This limits the effectiveness of the attack to repeating past actions, unless it is accompanied by a 51% attack.
Importance and implications of replay attacks
These types of attacks are very important to consider in blockchain technology. Especially when the blockchain is going through a hard fork process. This is because hard fork open the possibility to more easily carry out this type of actions.
This is because at those times, there are two blockchains with identical information at the same time. This means that; one transaction processed before the hard fork will also be valid on the other. As a result, a person who received a certain amount of cryptocurrency from another person on the old blockchain, could switch to the other, replicate the transaction, and fraudulently transfer an identical number of units to their account a second time.
However, this situation is only possible for users who have taken part in the hard fork. In other words, new users who have created a purse after the hard fork they are not vulnerable nor can they carry out this type of attack.
But these types of attacks can be carried out in spaces beyond blockchain technology. For example, contactless payment systems or NFC they are also susceptible. To deal with them, they must have countermeasures that prevent a user from executing them and stealing funds in that way.