Man-in-the-middle attack: Difference between revisions

From Citizendium
Jump to navigation Jump to search
imported>Sandy Harris
(example)
mNo edit summary
 
(20 intermediate revisions by 3 users not shown)
Line 1: Line 1:
{{subpages}}
{{PropDel}}<br><br>{{subpages}}
{{TOC-right}}
{{TOC|right}}
In a '''man-in-the-middle''' attack on a communications system, the attacker is the man-in-the-middle.<ref name=Ellison>{{citation
In a '''man-in-the-middle''' attack on a communications system, the attacker is the man-in-the-middle.<ref name=Ellison>{{citation
  | title = Sixth USENIX Security Symposium
  | title = Sixth USENIX Security Symposium
Line 12: Line 12:
  | publisher = John Wiley & Sons
  | publisher = John Wiley & Sons
  | year = Second Edition, 1996
  | year = Second Edition, 1996
}}, pp. 48-49</ref> He deceives the victims so they think they are communicating with each other but in fact both are talking to him. It is an [[active attack]]; the attacker needs not only the ability to intercept messages, but to insert his own and to prevent delivery of genuine ones. The principle is not used solely for conventional cryptographic countermeasures; a basic technique of [[electronic warfare#meaconing|deceptive electronic warfare]] is to transmit a "more plausible" signal (e.g., a [[radar]] return or a navigational code) than the real source.
}}, pp. 48-49</ref> He deceives the victims so they think they are communicating with each other but in fact both are talking to him. It is an [[active attack]]; the attacker needs not only the ability to intercept messages, but to insert his own and to prevent delivery of genuine ones.


Of course it need not be literally a ''man'' in the middle. The attacker might be a woman or a team, and the actual implementation of the attack is often along the lines of device-in-the-middle. The attacker either subverts an existing infrastructure device &mdash; a [[router]], a [[security gateway]] (e.g., [[virtual private network]] (VPN) concentrator or [[application layer gateway]] machine, a [[firewall]], an [[Asynchronous Transfer Mode]] (ATM) switch, ... &mdash; or inserts an extra device in the communication path to do the dirty work.
Of course it need not be literally a ''man'' in the middle. An alternate term, not much used, is a "middleperson attack". The attacker might be a woman or a team, and the actual implementation of the attack is often along the lines of device-in-the-middle. The attacker either subverts an existing infrastructure device &mdash; a [[router]], a [[virtual private network]] (VPN) gateway, an [[application layer gateway]] machine, a [[firewall]], an [[Asynchronous Transfer Mode]] (ATM) switch, ... &mdash; or inserts an extra device in the communication path to do the dirty work.


Conventionally, the communicating parties are A and B or [[Alice and Bob]]. Let us call the attacker Edward, for Eavesdropper or EvilDoer. Edward's goal is to trick both Alice and Bob into talking to him instead of each other. Alice's message go to Edward who reads them, perhaps alters them, and passes them on to Bob. Bob's replies also come to Edward, who passes them on to Alice.
Conventionally, the communicating parties are A and B or [[Alice and Bob]]. Let us call the attacker Edward, for Eavesdropper or EvilDoer. Edward's goal is to trick both Alice and Bob into talking to him instead of each other. Alice's message go to Edward who reads them, perhaps alters them, and passes them on to Bob. Bob's replies also come to Edward, who passes them on to Alice.
Line 20: Line 20:
If this attack succeeds, it is utterly devastating, completely destroying the security of the communication system. Consider General Alice ordering Major Bob to "Take Hill 37". Having Edward the Enemy able to read that order is highly undesirable. A successful man-in-the-middle attack allows that, but it also lets him do far worse. The man-in-the-middle can alter messages, so he can ''both'' send Bob some completely different orders ''and'' give General Alice bogus reports that appear to come from Bob. In essence, the Enemy completely controls the communication.
If this attack succeeds, it is utterly devastating, completely destroying the security of the communication system. Consider General Alice ordering Major Bob to "Take Hill 37". Having Edward the Enemy able to read that order is highly undesirable. A successful man-in-the-middle attack allows that, but it also lets him do far worse. The man-in-the-middle can alter messages, so he can ''both'' send Bob some completely different orders ''and'' give General Alice bogus reports that appear to come from Bob. In essence, the Enemy completely controls the communication.


In a recent example in the US [http://blog.wired.com/27bstroke6/2008/10/fed-blotter-ind.html], attackers cyber-hijacked trucks. They got information on loads to be moved by hacking a government website, posed as a trucking company and submitted bids to the client then, posing as the client, arranged for a real trucking company to make the deliveries. They had made off wth nearly $500,000 before they were caught.
The principle is not used solely for conventional cryptographic countermeasures; a basic technique of [[electronic warfare#meaconing|deceptive electronic warfare]] is to transmit a "more plausible" signal (e.g., a [[radar]] return or a navigational code) than the real source.
== Examples ==
 
In a recent example in the US <ref>{{citation
| url = http://blog.wired.com/27bstroke6/2008/10/fed-blotter-ind.html
| title = Fed Blotter: Alleged Hackers Charged With Highway Robbery, Literally
| author = Kevin Poulsen
| journal = Wired
| date = October 2008
}}</ref>, attackers cyber-hijacked trucks. They got information on loads to be moved by hacking a government website, posed as a trucking company and submitted bids to the client then, posing as the client, arranged for a real trucking company to make the deliveries. The client paid them; they did not pay the truckers. They had made off with nearly $500,000 before they were caught.
 
[[Ross Anderson]] and others at Cambridge recently published a man-in-the-middle attack <ref>{{citation
| url = http://www.cl.cam.ac.uk/research/security/banking/nopin/
| title = EMV PIN verification “wedge” vulnerability
| author = Steven J. Murdoch, Saar Drimer, Ross Anderson and Mike Bond
| date = 2010
}}</ref> on [[EMV]] or chip-and-pin, an authentication system very widely used in banking. They built a device that goes between the customer's card and the verifying device. With that device in place, '''PIN verification always succeeds''' no matter what number you input.
 
Early in 2011, the Tunisian government seems to have conducted a massive man-in-the-middle attack [http://www.theatlantic.com/technology/archive/2011/01/the-inside-story-of-how-facebook-responded-to-tunisian-hacks/70044/], stealing the passwords for a huge number of [[Facebook]] accounts.
 
A hardware [[key logger]] is a small device that goes between a computer and its keyboard. Several are commercially available and there are instructions on the web for homebrew versions. <ref>{{citation
| author = Bruce Schneier
| title = Do-it-Yourself Keyboard Logger
| date = February 2006
| url = http://www.schneier.com/blog/archives/2006/02/doityourself_ke.html
}}</ref>


==Principles of Countermeasures==
==Principles of Countermeasures==
Note that just encrypting the messages may not help. It does Alice absolutely no good to ensure that her messages are securely delivered and that only the recipient can read them if they are going to the wrong recipient. Along with any encryption, she needs some form of authentication to ensure she is in fact talking to Bob.
Note that just encrypting the messages may not help. It does Alice absolutely no good to ensure that her messages are securely delivered and that only the recipient can read them if they are going to the wrong recipient. Along with any encryption, she needs some form of authentication to ensure she is in fact talking to Bob.


Encryption applied at lower levels of the communication system can prevent many man-in-the-middle attacks. For example, suppose we encrypt the communication link from Alice's headquarters to Bob's and Edward cannot break that encryption. He cannot then conduct a man-in-the-middle attack unless he can intercept messages inside one of the headquarters.
Encryption applied at lower levels of the communication system can prevent many man-in-the-middle attacks. For example, suppose we encrypt the communication link from Alice's headquarters to Bob's. To conduct a man-in-the-middle attack, Edward must then either find a way to ''attack from inside one of the headquarters'' or find a way to ''break that encryption in real time'' (a break that takes hours or months may be of great value to him, but it does not allow man-in-the middle). With good encryption methods and headquarters security procedures, these should be effectively impossible. Even with flaws in those areas, Edward's problem is ''much'' more difficult than without the encryption.  


However, the most general defense against man-in-the-middle attacks is authentication. If Alice and Bob check that they are in fact talking to each other, then no man-in-the-middle attack can succeed unless the attacker can defeat whatever authentication mechanism is in play. For example, if Alice and Bob do a [[Diffie-Hellman]] key negotiation, they much each authenticate themselves to the other.<ref name=RFC2631>{{citation
However, the most general defense against man-in-the-middle attacks is [[cryptographic authentication]]. If Alice and Bob check that they are in fact talking to each other, then no man-in-the-middle attack can succeed unless the attacker can defeat whatever authentication mechanism is in play. For example, if Alice and Bob do a [[Diffie-Hellman]] key negotiation, they much each authenticate themselves to the other.<ref name=RFC2631>{{citation
  | id=RFC2631
  | id=RFC2631
  | title = Diffie-Hellman Key Agreement Method
  | title = Diffie-Hellman Key Agreement Method
Line 34: Line 59:
  | url = http://www.ietf.org/rfc/rfc2631.txt
  | url = http://www.ietf.org/rfc/rfc2631.txt
}}</ref>
}}</ref>
==Trusted intermediaries and certificate authorities==
==Trusted intermediaries and certificate authorities==
If Alice and Bob both trust Charlie, and Charlie can independently verify identity, using a trusted channel to Alice (to verify Bob) and to Bob (to verify Alice), an alternative to Diffie-Hellman is use of a trusted intermediary. <ref name=>{{citation
If Alice and Bob both trust Charlie, and Charlie can independently verify identity, using a trusted channel to Alice (to verify Bob) and to Bob (to verify Alice), an alternative to Diffie-Hellman is use of a trusted intermediary. <ref name=>{{citation
Line 43: Line 69:
}}, pp. 13-35 </ref>
}}, pp. 13-35 </ref>
==References==
==References==
{{reflist|2}}
{{reflist|2}}[[Category:Suggestion Bot Tag]]

Latest revision as of 11:00, 15 September 2024

This article may be deleted soon.
To oppose or discuss a nomination, please go to CZ:Proposed for deletion and follow the instructions.

For the monthly nomination lists, see
Category:Articles for deletion.


This article is developing and not approved.
Main Article
Discussion
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
 
This editable Main Article is under development and subject to a disclaimer.

In a man-in-the-middle attack on a communications system, the attacker is the man-in-the-middle.[1][2] He deceives the victims so they think they are communicating with each other but in fact both are talking to him. It is an active attack; the attacker needs not only the ability to intercept messages, but to insert his own and to prevent delivery of genuine ones.

Of course it need not be literally a man in the middle. An alternate term, not much used, is a "middleperson attack". The attacker might be a woman or a team, and the actual implementation of the attack is often along the lines of device-in-the-middle. The attacker either subverts an existing infrastructure device — a router, a virtual private network (VPN) gateway, an application layer gateway machine, a firewall, an Asynchronous Transfer Mode (ATM) switch, ... — or inserts an extra device in the communication path to do the dirty work.

Conventionally, the communicating parties are A and B or Alice and Bob. Let us call the attacker Edward, for Eavesdropper or EvilDoer. Edward's goal is to trick both Alice and Bob into talking to him instead of each other. Alice's message go to Edward who reads them, perhaps alters them, and passes them on to Bob. Bob's replies also come to Edward, who passes them on to Alice.

If this attack succeeds, it is utterly devastating, completely destroying the security of the communication system. Consider General Alice ordering Major Bob to "Take Hill 37". Having Edward the Enemy able to read that order is highly undesirable. A successful man-in-the-middle attack allows that, but it also lets him do far worse. The man-in-the-middle can alter messages, so he can both send Bob some completely different orders and give General Alice bogus reports that appear to come from Bob. In essence, the Enemy completely controls the communication.

The principle is not used solely for conventional cryptographic countermeasures; a basic technique of deceptive electronic warfare is to transmit a "more plausible" signal (e.g., a radar return or a navigational code) than the real source.

Examples

In a recent example in the US [3], attackers cyber-hijacked trucks. They got information on loads to be moved by hacking a government website, posed as a trucking company and submitted bids to the client then, posing as the client, arranged for a real trucking company to make the deliveries. The client paid them; they did not pay the truckers. They had made off with nearly $500,000 before they were caught.

Ross Anderson and others at Cambridge recently published a man-in-the-middle attack [4] on EMV or chip-and-pin, an authentication system very widely used in banking. They built a device that goes between the customer's card and the verifying device. With that device in place, PIN verification always succeeds no matter what number you input.

Early in 2011, the Tunisian government seems to have conducted a massive man-in-the-middle attack [1], stealing the passwords for a huge number of Facebook accounts.

A hardware key logger is a small device that goes between a computer and its keyboard. Several are commercially available and there are instructions on the web for homebrew versions. [5]

Principles of Countermeasures

Note that just encrypting the messages may not help. It does Alice absolutely no good to ensure that her messages are securely delivered and that only the recipient can read them if they are going to the wrong recipient. Along with any encryption, she needs some form of authentication to ensure she is in fact talking to Bob.

Encryption applied at lower levels of the communication system can prevent many man-in-the-middle attacks. For example, suppose we encrypt the communication link from Alice's headquarters to Bob's. To conduct a man-in-the-middle attack, Edward must then either find a way to attack from inside one of the headquarters or find a way to break that encryption in real time (a break that takes hours or months may be of great value to him, but it does not allow man-in-the middle). With good encryption methods and headquarters security procedures, these should be effectively impossible. Even with flaws in those areas, Edward's problem is much more difficult than without the encryption.

However, the most general defense against man-in-the-middle attacks is cryptographic authentication. If Alice and Bob check that they are in fact talking to each other, then no man-in-the-middle attack can succeed unless the attacker can defeat whatever authentication mechanism is in play. For example, if Alice and Bob do a Diffie-Hellman key negotiation, they much each authenticate themselves to the other.[6]

Trusted intermediaries and certificate authorities

If Alice and Bob both trust Charlie, and Charlie can independently verify identity, using a trusted channel to Alice (to verify Bob) and to Bob (to verify Alice), an alternative to Diffie-Hellman is use of a trusted intermediary. [7]

References

  1. Ellison, Carl M. (1996), Establishing Identity Without Certification Authorities, Sixth USENIX Security Symposium, pp. 67-76
  2. Scheier, Bruce (Second Edition, 1996), Applied Cryptography: Protocols, Algorithms, and Source Code in C, John Wiley & Sons, pp. 48-49
  3. Kevin Poulsen (October 2008), "Fed Blotter: Alleged Hackers Charged With Highway Robbery, Literally", Wired
  4. Steven J. Murdoch, Saar Drimer, Ross Anderson and Mike Bond (2010), EMV PIN verification “wedge” vulnerability
  5. Bruce Schneier (February 2006), Do-it-Yourself Keyboard Logger
  6. Rescorla, E. (June 1999), Diffie-Hellman Key Agreement Method, RFC2631
  7. Arora, Anish, Lecture 3: Cryptography Support Services: Key Management, CIS694K: Introduction to Network Security, Ohio State University, pp. 13-35