Man in the middle attack
|
In cryptography, a man in the middle attack (MITM) is an attack in which an attacker is able to read, insert and modify at will, messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept messages going between the two victims.
Contents |
Public key cryptography example
Suppose Alice wishes to communicate with Bob, and that Mallory wishes to eavesdrop on the conversation, or possibly deliver a false message to Bob. To get started, Alice must ask Bob for his public key. If Bob sends his public key to Alice, but Mallory is able to intercept it, a man in the middle attack can begin. Mallory can simply send Alice a public key for which he has the private, matching, key. Alice, believing this public key to be Bob's, then encrypts her message with Mallory's key and sends the encyphered message back to Bob. Mallory again intercepts, decyphers the message, keeps a copy, and reencyphers it (after alteration if desired) using the public key Bob originally sent to Alice. When Bob receives the newly encyphered message, he will believe it came from Alice. A similar attack is possible, in principle, against any message sent using public key technology, including data packets carried on computer networks.
Defenses against the attack
The possibility of a "man in the middle" attack remains a serious security problem for public-key based cryptosystems. A widely used mechanism for defeating such attacks is the use of digitally signed keys: if Bob's key is signed by a trusted third party vouching for his identity, Alice can have considerable confidence that a signed key she receives is not an attempt to intercept by Mallory. Such signed keys, sometimes signed by a certificate authority, are one of the primary mechanisms used for secure web traffic (including HTTPS, SSL or Transport Layer Security protocols). However, lack of care in endorsing the match between identity information and public keys by certificate authorities is a problem for these systems.
Another defense, proposed by Ron Rivest and Adi Shamir, is the interlock protocol[1] (http://home.ecn.ab.ca/~jsavard/crypto/mi060709.htm). The protocol works roughly as follows: Alice encrypts her message with Bob's key, then sends half her encrypted message to Bob. Bob encrypts his message with Alice's key and sends half of his encrypted message to Alice. Alice then sends the other half of her message to Bob, who sends the other half of his. The strength of the protocol lies in the fact that half of an encrypted message cannot be decrypted. Thus, if Mallory begins his attack and intercepts Bob and Alice's keys, Mallory will be unable to decrypt Alice's half-message (encrypted using his key) and re-encrypt it using Bob's key. He must wait until both halves of the message have been received to read it, and can only succeed in duping one of the parties if he composes a completely new message.
Beyond cryptography
While this example focuses on the MITM attack in a cryptographic context, MITM should be seen as a general problem resulting from any use of intermediate parties acting as a proxy for the clients on either side. If they are trustworthy and competent, all may be well; if they are not, nothing will be. How can one distinguish the cases? By acting as a proxy and appearing as the trusted client to each side the intermediate attacker can carry out much mischief, including various attacks against the confidentiality or integrity of the data passing through it.
See also
External link
- Non-cryptographic MITM attack involving nanny references (http://www.schneier.com/crypto-gram-0404.html#6)de:Man-In-The-Middle-Angriff