Replay attacks and how they can affect blockchains

A replay attack usually occurs when blockchains change or upgrade their protocols, a process known as a hard fork. It is a type of cybercrime in which bad actors obtain an original encrypted message during data transmission and use it to trick the system into performing the same transaction multiple times.

Due to the distributed nature of a blockchain, it is easy for attackers to eavesdrop on a communication. They can then repeat a valid data transfer and withdraw money from the victims’ accounts. Since the data is original, network security protocols do not see the attack as a malicious event. Instead, it is seen as a standard data transfer and goes through without any difficulty.

More likely under a hard fork

A re-attack is more likely during a hard fork. In such an event, the blockchain is split in two. Now members have access to two blockchains with identical information. In this case, bad actors can perform a replay attack on the new blockchain using the transactions processed on the legacy network.

For example, after a hard fork, Sam sends a certain amount of crypto to Alice on the new version of the blockchain. Alice can use the same transaction data on the old blockchain, and receive twice as much crypto.

However, this option may only apply to existing users who have been part of the hard fork. New users who have joined the network after the hard fork can neither perform replay attacks nor will be vulnerable to them

How to stop replay attacks

Fortunately, replay attacks are easy to mitigate. There are several methods that blockchains can use to prevent such attacks; Here are some of them:

Random session key

In a random session key, a unique encryption and decryption code is generated between two users or two computers for each transaction. This is often called a symmetric key because it uses the same key for encryption and decryption. Since the security key is generated randomly, the same key will not be valid a second time.

Uses timestamps

This type of message has an extra layer of security: a time stamp on the message. Usually, this type of message will also have a time window when the entire transaction should be completed. If a message is received after the window is closed, it will be automatically rejected.

One-time password

In this case, each message is protected by a password that can only be used once! So even if such a message is intercepted and re-sent, it will not be processed as the password expired after the first use.

New blockchain token

After the hard fork, the new blockchain can implement a token to protect against repeated attacks. It ensures that transactions made on the new blockchain will not be valid on the older blockchain. The protection takes effect immediately after the hard fork is implemented. Bitcoin Cash implemented this type of protection when it was separated from Bitcoin.

Conclusion

When successful, replay attacks pose a significant threat to a blockchain and its users. It is one of the only attacks that does not require decryption of network transmissions. Also, since attackers use real encrypted messages, replay attacks are harder to spot. They can cause a user’s wallet to be wiped clean.

In the worst case, the attacker can clog the system with repeated transmissions. This can be particularly disruptive to a hard-forked network that has lost a significant portion of its computing power as users and nodes move to the newer version of the blockchain. In this case, a concerted replay attack could overwhelm the legacy blockchain’s already reduced mining capacity.

Fortunately, the attacker does not have full control over the network and they cannot overwrite the blockchain. The scope of the damage or vulnerability is limited to past actions by someone that are illegitimately repeated. Also, with the right safeguards, replay attacks can be permanently blocked from happening.