Man-in-the-middle attack

related topics
{system, computer, user}
{law, state, case}
{war, force, army}
{math, number, function}
{land, century, early}
{woman, child, man}

In cryptography, the man-in-the-middle attack (often abbreviated MITM), bucket-brigade attack, or sometimes Janus attack, is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. The attacker must be able to intercept all messages going between the two victims and inject new ones, which is straightforward in many circumstances (for example, an attacker within reception range of an unencrypted Wi-Fi wireless access point, can insert himself as a man-in-the-middle).

A man-in-the-middle attack can succeed only when the attacker can impersonate each endpoint to the satisfaction of the other—it is an attack on mutual authentication. Most cryptographic protocols include some form of endpoint authentication specifically to prevent MITM attacks. For example, SSL authenticates the server using a mutually trusted certification authority.


Need for additional transfer over a secure channel

With the exception of Interlock Protocol, all cryptographic systems that are secure against MITM attacks require an additional exchange or transmission of information over some kind of secure channel. Many key-agreement methods have been developed, with different security requirements for the secure channel.

Example of an attack

Suppose Alice wishes to communicate with Bob. Meanwhile, Mallory wishes to intercept the conversation to eavesdrop and possibly deliver a false message to Bob .

First, Alice asks Bob for his public key. If Bob sends his public key to Alice, but Mallory is able to intercept it, a man-in-the-middle attack can begin. Mallory sends a forged message to Alice that claims to be from Bob, but instead includes Mallory's public key.

Alice, believing this public key to be Bob's, encrypts her message with Mallory's key and sends the enciphered message back to Bob. Mallory again intercepts, deciphers the message using her private key, possibly alters it if she wants, and re-enciphers it using the public key Bob originally sent to Alice. When Bob receives the newly enciphered message, he believes it came from Alice.

Full article ▸

related documents
Trusted computing base
Kevin Mitnick
Secure cryptoprocessor
Connection Machine
V5 interface
Remote concentrator
Amiga Chip RAM
Amiga Advanced Graphics Architecture
Frequency-division multiplexing
Scalable Coherent Interface
Motorola 56000
IBM 650
Bit blit
Computing platform
Power Mac G4 Cube
Physical Layer
UAE (emulator)
Session Layer
Microsoft Groove
Basic rate interface
Corel Ventura
International Mobile Subscriber Identity
Atari Transputer Workstation
IBM 7030 Stretch
Next-Generation Secure Computing Base
Coda (file system)