How to protect against message replay attacks

J.D. Meier, Jason Taylor, Prashant Bansode, Carlos Farre, Madhu Sundararajan, Steve Gregersen.

A replay attack occurs when an attacker copies a stream of messages between two parties and replays the stream to one or more of the parties. To protect against message replay attacks, enable replay detection in the service. The following steps show you how to enable replay detection:
  1. Create a customBinding Element.
  2. Create a <security> element.
  3. Create a localClientSettings element or localServiceSettings element.
  4. Set the following attribute values, as appropriate: detectReplays, maxClockSkew, replayWindow, and replayCacheSize.

The following example sets the attributes of both a <localServiceSettings> and a <localClientSettings> element:
<customBinding>
  <binding name="NewBinding0">
   <textMessageEncoding />
    <security>
     <localClientSettings 
      replayCacheSize="800000" 
      maxClockSkew="00:03:00"
      replayWindow="00:03:00" />
     <localServiceSettings 
      replayCacheSize="800000" 
      maxClockSkew="00:03:00"
      replayWindow="00:03:00" />
    <secureConversationBootstrap />
   </security>
  <httpTransport />
 </binding>
</customBinding>

Additional Resources

Last edited May 8, 2008 at 3:21 AM by prashantbansode, version 1

Comments

No comments yet.