Man-in-the-middle attack: Difference between revisions

From Citizendium
Jump to navigation Jump to search
imported>Sandy Harris
No edit summary
imported>Sandy Harris
No edit summary
Line 1: Line 1:
In a '''man-in-the-middle''' attack on a communications system, the attacker is the man-in-the-middle. He deceives the victims so they think they are communicating with each other but in fact both are talking to him. It is an [[active attack]]; the attacker needs not only the ability to intercept messages, but to insert his own and to prevent delivery of genuine ones.
In a '''man-in-the-middle''' attack on a communications system, the attacker is the man-in-the-middle. He deceives the victims so they think they are communicating with each other but in fact both are talking to him. It is an [[active attack]]; the attacker needs not only the ability to intercept messages, but to insert his own and to prevent delivery of genuine ones.
Of course it need not be literally a ''man'' in the middle. The attacker might be a woman or a team, and the actual implementation of the attack is often along the lines of device-in-the-middle. The attacker subverts a router, a gateway machine, a firewall, or a telephone switch to do the dirty work.


Conventionally, the communicating parties are A and B or [[Alice and Bob]]. Let us call the attacker Edward, for Eavesdropper or EvilDoer. Edward's goal is to trick both Alice and Bob into talking to him instead of each other. Alice's message go to Edward who reads them, perhaps alters them, and passes them on to Bob. Bob's replies also come to Edward, who passes them on to Alice.
Conventionally, the communicating parties are A and B or [[Alice and Bob]]. Let us call the attacker Edward, for Eavesdropper or EvilDoer. Edward's goal is to trick both Alice and Bob into talking to him instead of each other. Alice's message go to Edward who reads them, perhaps alters them, and passes them on to Bob. Bob's replies also come to Edward, who passes them on to Alice.

Revision as of 22:39, 11 October 2008

In a man-in-the-middle attack on a communications system, the attacker is the man-in-the-middle. He deceives the victims so they think they are communicating with each other but in fact both are talking to him. It is an active attack; the attacker needs not only the ability to intercept messages, but to insert his own and to prevent delivery of genuine ones.

Of course it need not be literally a man in the middle. The attacker might be a woman or a team, and the actual implementation of the attack is often along the lines of device-in-the-middle. The attacker subverts a router, a gateway machine, a firewall, or a telephone switch to do the dirty work.

Conventionally, the communicating parties are A and B or Alice and Bob. Let us call the attacker Edward, for Eavesdropper or EvilDoer. Edward's goal is to trick both Alice and Bob into talking to him instead of each other. Alice's message go to Edward who reads them, perhaps alters them, and passes them on to Bob. Bob's replies also come to Edward, who passes them on to Alice.

If this attack succeeds, it is utterly devastating, completely destroying the security of the communication system. Consider General Alice ordering Major Bob to "Take Hill 37". Having Edward the Enemy able to read that order is highly undesirable. A successful man-in-the-middle attack allows that, but it also lets him do far worse. The man-in-the-middle can alter messages, so he can both send Bob some completely different orders and give General Alice bogus reports that appear to come from Bob.

Note that just encrypting the messages may not help. It does Alice absolutely no good to ensure that her messages are securely delivered and that only the recipient can read them if they are going to the wrong recipient. Along with any encryption, she needs some form of authentication to ensure she is in fact talking to Bob.