Attack where valid authentication data is captured and retransmitted to gain unauthorized access. Prevented by nonces, timestamps, and cryptographic binding.