Replay Attack

Security+ 🏆 • Network Attacks 🎯 • Threats ⚠️ • Authentication & Authorization 🔐 • Difficulty: free

Definition

A replay attack is when an attacker captures valid authentication data or messages and later reuses them to impersonate a user or repeat an authorized action. Instead of breaking encryption, the attacker relies on re-sending a previously valid exchange, which succeeds when systems do not properly prevent reuse.

Examples

An attacker captures a network login exchange and replays it to gain access because the protocol does not use nonces or timestamps correctly.
A contactless access badge signal is recorded and replayed to unlock a door when the system does not detect duplicates.

Discover 🔎

A replay attack is like recording a valid pass at the door and playing it back later. The attacker does not need to know the password, understand the message, or break encryption. They only need a copy of something that was accepted once, and a system that will accept it again.

Replay attacks matter because many security systems focus on secrecy. Replay attacks focus on freshness. Even a secret message becomes dangerous if it can be reused.

Remember: Replay attacks reuse something valid. The defense is proving the message is fresh and cannot be used twice.

Open the interactive lesson Browse more topics

Tip: The interactive version includes progress tracking, decks, and premium deep dives.