From Figures 6 and 8, we can see that the covert agent is able to imitate the behaviors of the three output variables over a finite time window, just like the replay attack
 Insider attack x [check] [check] Replay attack
[check] [check] [check] Known-key attack [check] [check] [check] Mutual authentication [check] [check] x Session key agreement [check] [check] x Perfect forward secrecy x [check] [check] Two-factor authentication x x x User impersonation attack x x x Server impersonation attack x x [check] Offline password guessing attack x x x Security Properties Truong et Ours al.
However, it is vulnerable to replay attack
. The adversary can simply eavesdrop and reuse metaID to be authenticated successfully.
Simple replay attacks
are prevented as the ECUs verify that the received counter value is higher than the locally stored counter value.
Moreover, the proposed scheme is also satisfactory with regard to the anonymity, mutual authentication, session key agreement, replay attack
resistance, modification attack resistance, stolen-verifier attack resistance, off-line guessing attack resistance, forgery attack resistance, and insider attack resistance.
Random numbers are added in many protocol to defense replay attack
. even if attacker intercept some message in an open channel, he can not access database server or tag because random numbers have changed.
MR checks the message digest (H([E.sub.G]([M.sub.2]) [parallel] [MAC.sub.LAAA1])) to detect the message modification attack, uses G key to decrypt the encrypted message to obtain [R.sub.1], [R.sub.2], K and [Z.sub.service] and checks the random number R1 for avoiding the replay attack
. Based on [Z.sub.service], MR decides which MAGs it will be associated with.
user name and password, compromised or stolen by eliminating the feasibility of any replay attack
. Once Ceelox ID Online[R] grants access, the OpenID protocol is used to create a "relying party" relationship that can be locked-down with any cloud application providing the highest level of secure authentication available.
Since the output from the card emulator is identical to that of the real card from which it was skimmed, a simple replay attack
using this device would succeed.
Using this multiple challenge/response protocol, CASQUE allows the solution to prevent replay attack
, phishing and cloning of the token.
([dagger]) This process is similar to a replay attack
where the attacking reader does not "understand" the information on the tag but simply creates identical copies (or clones) of the source.
Furthermore, the timestamp is embedded in each data report, which enables BECAN to defend against the replay attack
. However, the timestamp technology requires high-precision clock synchronization, and it is difficult to choose the size of time window.