On 10/7/10 12:16 PM, Andrei Pelinescu-Onciul wrote:
On Oct 07, 2010 at 10:57, Jiri Kuthanjiri@iptel.org wrote:
There's a bit of a misunderstanding here.
...
Now consider an authenticated message that is retransmitted: the first message will pass authentication, but it's retransmission will fail =>
I admit I haven't thought it through but would it really fail? in both cases (retransmission and replay attack) it will resend initial answer (100 if forwarded, challenge if failed to authenticate) and do nothing downstream --> attacker won't gain an unfair advantage, won't it?
the retransmission will be challenged.
why if the original request passed authentication?
I see the point TM can't differentiate between retransmissions and replay attacks easily (unless we do more of nonce-based protection). But does it really matter?
-jiri