Replay attacks
BR/EDR
BLE
In a replay (or relay) attack, an attacker intercepts and retransmits a valid message. This is possible when no mechanism exists to detect repeated transmissions or to ensure message freshness.
If an application implements custom security mechanisms and uses cryptography at the application layer for a specific service, these measures must adequately protect against replay attacks. Otherwise, even application level security can be bypassed.
Description
The procedure consists on capturing a valid packet or transaction of a service with custom security measures in place and sending it back to check wether it performs the desired actions or if the packet is ignored.
This control is considered satisfactory when it is verified that the device does not remotely accept the same update packet twice.
Related resources
To check this control, the following resources may be useful:
| ID | Description |
|---|---|
| BSAM-RES-04 | Bluetooth connections sniffing |
| BSAM-RES-05 | Capture of a Bluetooth connection |