Govur University Logo
--> --> --> -->
Govur University Logo
Sign In
...
Home All Courses Engineering and Technology Courses Documenting OTP Token Integration for Digital Banking Flashcard

How is a replay attack specifically mitigated at the server-side validation service for an HMAC-Based One-Time Password (HOTP) token?



A replay attack, in the context of an HMAC-Based One-Time Password (HOTP) token, occurs when an attacker intercepts a valid one-time password (OTP) and attempts to resubmit it at a later time to gain unauthorized access. HOTP is a counter-based algorithm, meaning that the one-time password generated by the token is derived from a shared secret key and a unique, incrementing counter value. Both the HOTP token and the server-side validation service maintain their own synchronized counter values for each user.

Server-side mitigation for replay attacks hinges on the server's meticulous management of this counter. When a user submits an OTP, the server performs the following validation: it calculates its own expected OTPs using the stored secret key and a range of possible counter values. This range is known as a “validation window” or “look-ahead window.” Instead of just checking the very next expected counter value, the server typically checks the submitted OTP against values generated from its current stored counter plus one, up to a certain number of increments (e.g., 100 increments). This window accommodates minor desynchronization, such as when a user accidentally presses the token button multiple times without submitting the OTP.

The crucial replay attack mitigation step is that upon successfully validating an OTP within this window, the server immediately advances its stored counter for that specific user. Specifically, the server updates its stored counter to the exact counter value that generated the successfully verified OTP, plus one. For example, if the server's current counter was 50, and the submitted OTP matched a value generated with counter 55 within the validation window, the server's stored counter is updated to 56. This action effectively invalidates all OTPs generated with counter values 50 through 55. Because HOTP relies on a constantly incrementing counter, any previous OTP, including the one just successfully used or any skipped ones within the window, will now correspond to a counter value that is less than the server's newly updated stored counter. Consequently, if an attacker attempts to replay an intercepted OTP, it will fail validation because its corresponding counter value will be equal to or less than the server's current stored counter, which the server is configured to reject, only accepting OTPs generated from counter values strictly greater than its current stored counter.