
home \| contact

Man in the Middle Attacks

Man in the middle is a technique that simultaneously fools two parties into thinking they are communicating with each other while, in fact, they are both talking to the man in the middle. This technique usually requires very active involvement by the attacker. Often, it requires the constant involvement of the attacker from beginning to end of the communication in order to avoid detection. Man in the middle is often attempted when the attacker desires communication with a system under the identity of a particular user. Often this user has some sort of secret information that the attacker cannot acquire.

Case Study: Challenge/Response

Challenge/response systems often exhibit this difficulty. A challenge is used as a varying element from which the user, along with her password or other secret must create the response. Reusing responses is useless to the attacker since the challenge will change therefore changing the response. If the secret of the user is well protected, the attacker cannot use this information. The attacker turns to man in the middle. She will ask the server for the challenge. The server will gladly serve up the challenge. The attacker will then coax the user into responding to this challenge as if the server were asking. The user will generate the appropriate response using her secret information. The attacker may now use this response with the server. The attacker may now use the authenticated session with the server under the identity of the user. Oftentimes, the attacker must also maintain the spoofed session with the user as well. Since the user was never actually talking to the server, the attacker must give the appearance of a live session. If not, the user may suspect the attack and alert the server administrator. Attackers will often return an errant message to the user so that they will think it is a "normal problem," e.g. bad password, network problems, etc.

Man in the middle is indeed a difficult attack to execute, however it also foils some our strongest authentication and encryption techniques available. Many argue against the possibility of man in the middle due to its difficulty. If this argument were true, then we have no reason to be using these strong authentication and encryption techniques.

Case Study: Diffie-Helman key exchange

A number of problems are presented to the attacker when targets are using Diffie-Helman key exchange. First, the only information that the attacker may intercept are the public keys. These public keys are useless to the attacker since the private key cannot be derived from the public key. Second, the calculations of combining the keys to get the Diffie-Helman shared secret cannot be done without one of the secret element. When it is stated that these problems cannot be solved, cryptographically speaking, this means the attacker is better off trying to guess the shared secret outright. This is known as brute force and is an inescapable problem in all cryptosystems.

The attacker can however utilize man in the middle to breach this strong cryptosystem. Take the example of two participants, Alice and Bob, attempting to set up a symmetrically encrypted session. An attacker, Mallory, wishes to eavesdrop on this session. First, Mallory must intercept Alice's and Bob's public keys. Mallory must also prevent Alice from receiving Bob's public key and vice versa. Next, Mallory presents her public key to Alice and Bob. Alice and Bob will accept Mallory's key since they have no proof that it is not the partner's key. Next, Alice will combine her private key with Mallory's public key and Mallory will combine Alice's public key with her private key. The resulting shared secret will be the same for both Mallory and Alice. Bob will also combine his private key with Mallory's public key and Mallory will combine Bob's public key with her private key. Again, the shared secret will be the same. Now when Alice and Bob communicate using the shared secret as a symmetric key, Mallory will intercept the communication, decrypt the packets, potentially copy or modify the decrypted information and re-encrypt the information with the other shared secret. The result: Alice's and Bob's communication passing through Mallory in the clear without the suspicion of neither Alice nor Bob. Mallory must maintain the bridge between Alice and Bob or they will notice that the communication is suspicious. Also, any future communication that depends on these Diffie-Helman shared secrets will require Mallory or the breakdown in communication will be suspicious.

Home	Services	Partners	About Us	Contact Us
Š2001-2003 by Itillious, Inc. All Rights Reserved. Privacy Policy