Replay attacks
BR/EDR
BLE
In a replay attack (or relay attack) an attacker intercepts and retransmits a valid message. This attack exploits the possibility that a legitimate message can be intercepted and forwarded by an attacker without being detected because there is no mechanism to validate and prevent sending the same message multiple times.
If an application requires custom security methods and decides to use cryptography for a particular service, application layer security methods must be adecuate to prevent replay attacks.
Not complying with this control may mean that, despite of the efforts of using application level security measures, theese can be bypassed.
Description
The procedure consists on capturing a valid packet or transaction of a service with custom security measures in place and sending it back to check wether it performs the desired actions or if the packet is ignored.
This control is considered satisfactory when it is verified that the device does not remotely accept the same update packet twice.
Related resources
To check this control, the following resources may be useful:
| ID | Description |
|---|---|
| BSAM-RES-04 | Bluetooth connections sniffing |
| BSAM-RES-05 | Capture of a Bluetooth connection |
