摘要 |
A secure communication module that accepts a cryptographic message if a nonce value for the received message is greater than the largest nonce value yet seen. If the received nonce value is not the largest nonce value yet seen, the secure communication module compares the received nonce value with a nonce acceptance window. If the nonce value falls outside the nonce acceptance window, the secure communication module rejects the received message and assumes a replay attack. Alternatively, if the nonce value falls within the nonce acceptance window, the secure communication module compares the received nonce value with a replay window mask. If comparison with the replay window mask indicates that the received nonce value has been seen before, the secure communication module rejects the received message and assumes a replay attack. Otherwise, the secure communication module accepts the message and adds the received nonce value to the replay window mask.
|