Citrix Systems, Inc.
Systems and methods for preventing replay attacks

Abstract:

Disclosed herein includes a system, a method, and a device for preventing replay attacks in a cluster. A first node in the cluster having a plurality of nodes can receive an indication of a node event. The first node can access a first sequence number from a storage corresponding to a previous communication between the plurality of nodes. The first node can adjust the first sequence number by a delta indicative of an average number of communications between the plurality of nodes in the cluster in a determined time period to generate a second sequence number. The first node can transmit a packet including the second sequence number to the plurality of nodes in the cluster. The second sequence number can be used by the plurality of nodes to reset a starting sequence number for communications between the plurality of nodes to prevent replay attacks in the cluster.