This project is read-only.

Use Replay detection to protect against message replay attacks

J.D. Meier, Jason Taylor, Prashant Bansode, Carlos Farre, Madhu Sundararajan, Steve Gregersen.

A replay attack occurs when an attacker copies a stream of messages between two parties and replays the stream to one or more of the parties. Unless mitigated, the computers subject to the attack will process the stream as legitimate messages, resulting in a range of harmful consequences, such as redundant orders of an item.

To enable replay detection in the service:
  1. Create a customBinding Element.
  2. Create a <security> element.
  3. Create a localClientSettings element or localServiceSettings element.
  4. Set the following attribute values, as appropriate: detectReplays, maxClockSkew, replayWindow, and replayCacheSize. The following example sets the attributes of both a <localServiceSettings> and a <localClientSettings> element:
<customBinding>
  <binding name="NewBinding0">
   <textMessageEncoding />
    <security>
     <localClientSettings 
      replayCacheSize="800000" 
      maxClockSkew="00:03:00"
      replayWindow="00:03:00" />
     <localServiceSettings 
      replayCacheSize="800000" 
      maxClockSkew="00:03:00"
      replayWindow="00:03:00" />
    <secureConversationBootstrap />
   </security>
  <httpTransport />
 </binding>
</customBinding>

Last edited Apr 24, 2008 at 12:42 AM by prashantbansode, version 2

Comments

No comments yet.