|
In cryptography, a man in the middle attack (MITM) is an attack in which an attacker is able to read, insert and modify at will, messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept messages going between the two victims. The MITM attack is particularly applicable to the original Diffie-Hellman key exchange protocol, when used without authentication. Cryptography has had a long and colourful history. ...
Diffie-Hellman key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. ...
The need for an additional transfer over a secure channel With the exception of the Interlock Protocol, all cryptographic systems secure against MITM attacks require an additional exchange or transmission of some information over some kind of secure channel. Many key agreement methods with different security requirements for the secure channel have been developed. The Interlock Protocol, as described by Ron Rivest and Adi Shamir, was designed to frustrate eavesdropper attack against two parties that use an anonymous key exchange protocol to secure their conversation. ...
In cryptography, a key-agreement protocol is a protocol whereby two or more parties can agree on a key in such a way that both influence the outcome. ...
Possible subattacks The MITM attack may include one or more of: MITM is typically used to refer to active manipulation of the messages, rather than passively eavesdropping. Eavesdropping is the intercepting and reading of messages and conversations by unintended recipients. ...
Traffic analysis is the process of intercepting and examining messages in order to deduce information from patterns in communication. ...
The known-plaintext attack is a cryptanalytic attack in which the attacker has samples of both the plaintext and its encrypted version (ciphertext) and is at liberty to make use of them to reveal further secret information; typically this is the secret key. ...
A chosen ciphertext attack is an attack on a cryptosystem in which the cryptanalyst chooses ciphertext and causes it to be decrypted with an unknown key. ...
Stream ciphers where plaintext bits are combined with a cipher bit stream by an exclusive-or operation (xor) can be very secure if used properly. ...
A replay attack is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. ...
A denial-of-service attack (also, DoS attack) is an attack on a computer system or network that causes a loss of service to users, typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational resources of the victim system. ...
Eavesdropping is the intercepting and reading of messages and conversations by unintended recipients. ...
Suppose Alice wishes to communicate with Bob, and that Mallory wishes to eavesdrop on the conversation, or possibly deliver a false message to Bob. To get started, Alice must ask Bob for his public key. If Bob sends his public key to Alice, but Mallory is able to intercept it, a man in the middle attack can begin. Mallory can simply send Alice a public key for which she has the private, matching, key. Alice, believing this public key to be Bob's, then encrypts her message with Mallory's key and sends the enciphered message back to Bob. Mallory again intercepts, deciphers the message, keeps a copy, and reenciphers it (after alteration if desired) using the public key Bob originally sent to Alice. When Bob receives the newly enciphered message, he will believe it came from Alice. Public key cryptography is a form of cryptography which generally allows users to communicate securely without having prior access to a shared secret key, by using a pair of cryptographic keys, designated as public key and private key, which are related mathematically. ...
Alice and Bob are conventional placeholder terms referring to common archetypal characters used in explanations in fields such as cryptography and physics. ...
This example shows the need for Alice and Bob to have some way to ensure that they are truly using the correct (for example, authenticated) public keys of each other. Otherwise, such attacks are generally possible, in principle, against any message sent using public key technology. Fortunately, there are a variety of techniques that help defend against MITM attack.
Defenses against the attack The possibility of a "man in the middle" attack remains a serious security potential problem, even for many public-key based cryptosystems. Various defenses against MITM attack use authentication techniques that are based on: A cryptosystem (or cryptographic system) is the package of all procedures, protocols, cryptographic algorithms and instructions used for encoding and decoding messages using cryptography. ...
- Public keys
- Stronger mutual authentication
- Secret keys (high-entropy secrets)
- Passwords (low-entropy secrets)
- Other criteria, such as voice recognition or other biometrics
The integrity of public keys must generally be assured in some manner, but need not be secret, whereas passwords and shared secret keys have the additional secrecy requirement. Public keys can be verified by a Certificate Authority, whose public key is distributed through a secure channel (for example, with web browser or OS installation). Mutual authentication refers to two parties authenticating each other suitably. ...
Entropy of a Bernoulli trial as a function of success probability. ...
In cryptography, a certificate authority or certification authority (CA) is an entity which issues digital certificates for use by other parties. ...
See key agreement for a classification of protocols that use various forms of keys and passwords to prevent man in the middle attack. In cryptography, a key-agreement protocol is a protocol whereby two or more parties can agree on a key in such a way that both influence the outcome. ...
Beyond cryptography While this example focuses on the MITM attack in a cryptographic context, MITM should be seen as a general problem resulting from any use of intermediate parties acting as a proxy for the clients on either side. If they are trustworthy and competent, all may be well; if they are not, nothing will be. How can one distinguish the cases? By acting as a proxy and appearing as the trusted client to each side the intermediate attacker can carry out much mischief, including various attacks against the confidentiality or integrity of the data passing through it.
See also Computer security is a field of computer science concerned with the control of risks related to computer use. ...
Cryptanalysis (from the Greek kryptós, hidden, and analýein, to loosen or to untie) is the study of methods for obtaining the meaning of encrypted information without access to the secret information which is normally required to do so. ...
In cryptography, and particularly in analytic or academic discussions of it, a secure channel is a method or technique assumed to provide means by which data can be transferred from one place or user to another without risk of interception or tampering. ...
Digital signature (or public-key digital signature) is a type of method for authenticating digital information analogous to ordinary physical signatures on paper, but implemented using techniques from the field of public-key cryptography. ...
In cryptography, key management includes all of the provisions made in a cryptosystem design, in cryptographic protocols in that design, in user procedures, and so on, which are related to generation, exchange, storage, safeguarding, use, vetting, and replacement of keys. ...
In cryptography, a key-agreement protocol is a protocol whereby two or more parties can agree on a key in such a way that both influence the outcome. ...
In cryptography, a password-authenticated key agreement method is an interactive method for two or more parties to establish cryptographic keys based on one or more partys knowledge of a password. ...
The Interlock Protocol, as described by Ron Rivest and Adi Shamir, was designed to frustrate eavesdropper attack against two parties that use an anonymous key exchange protocol to secure their conversation. ...
Mutual authentication refers to two parties authenticating each other suitably. ...
External link - Non-cryptographic MITM attack involving nanny references
|
Feeds |
Contact