How to Protect Against Message Replay Attacks

- J.D. Meier, Carlos Farre, Jason Taylor, Prashant Bansode, Steve Gregersen, Madhu Sundararajan, Rob Boucher

A replay attack occurs when an attacker copies a stream of messages between two parties and replays the stream to one or more of the parties. To protect against message replay attacks, enable replay detection in the service.

The following steps show you how to enable replay detection:
  1. Create a customBinding Element.
  2. Create a <security> element.
  3. Create a localClientSettings element or localServiceSettings element.
  4. Set the following attribute values, as appropriate: detectReplays, maxClockSkew, replayWindow, and replayCacheSize.

The following example sets the attributes of both a <localServiceSettings> and a <localClientSettings> element:
<customBinding>
  <binding name="NewBinding0">
   <textMessageEncoding />
    <security>
*     <localClientSettings* 
*      replayCacheSize="800000"* 
*      maxClockSkew="00:03:00"*
*      replayWindow="00:03:00" />*
*     <localServiceSettings* 
*      replayCacheSize="800000"* 
*      maxClockSkew="00:03:00"*
*      replayWindow="00:03:00" />*
    <secureConversationBootstrap />
   </security>
  <httpTransport />
 </binding>
</customBinding>

Additional Resources

Last edited Jun 13, 2008 at 6:34 PM by prashantbansode, version 1

Comments

No comments yet.