Man-in-the-middle attack

Summary

In cryptography and computer security, a man-in-the-middle attack is a cyberattack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other, as the attacker has inserted themselves between the two parties. One example of a MITM attack is active eavesdropping, in which the attacker makes independent connections with the victims and relays messages between them to make them believe they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. The attacker must be able to intercept all relevant messages passing between the two victims and inject new ones. This is straightforward in many circumstances; for example, an attacker within the reception range of an unencrypted Wi-Fi access point could insert themselves as a man-in-the-middle. As it aims to circumvent mutual authentication, a MITM attack can succeed only when the attacker impersonates each endpoint sufficiently well to satisfy their expectations. Most cryptographic protocols include some form of endpoint authentication specifically to prevent MITM attacks. For example, TLS can authenticate one or both parties using a mutually trusted certificate authority. Suppose Alice wishes to communicate with Bob. Meanwhile, Mallory wishes to intercept the conversation to eavesdrop and optionally to deliver a false message to Bob. First, Alice asks Bob for his public key. If Bob sends his public key to Alice, but Mallory is able to intercept it, a MITM attack can begin. Mallory sends Alice a forged message that appears to originate from Bob, but instead includes Mallory's public key. Alice, believing this public key to be Bob's, encrypts her message with Mallory's key and sends the enciphered message back to Bob. Mallory again intercepts, deciphers the message using her private key, possibly alters it if she wants, and re-enciphers it using the public key she intercepted from Bob when he originally tried to send it to Alice.

Official source

https://en.wikipedia.org/wiki/Man-in-the-middle_attack

About this result

This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.

Related publications (9)

ClaimChain: Improving the Security and Privacy of In-band Key Distribution for Messaging

Carmela González Troncoso, Bogdan Kulynych, Wouter Lueks

The social demand for email end-to-end encryption is barely supported by mainstream service providers. Autocrypt is a new community -driven open specification for e-mail encryption that attempts to re

ACM2018

Distance Bounding based on PUF

Serge Vaudenay, Mathilde Igier

Distance Bounding (DB) is designed to mitigate relay attacks. This paper provides a complete study of the DB protocol of Kleber et al. based on Physical Unclonable Functions (PUFs). We contradict the

Springer Int Publishing Ag2016

The Limits of Composable Crypto with Transferable Setup Devices

Serge Vaudenay, Miyako Ohkubo

UC security realized with setup devices imposes that single instances of these setups are used. In most cases, UC-realization relies further on other properties of the setups devices, like tamper-resi

ACM2015

Related people (5)

Serge Vaudenay, Jean-Pierre Hubaux, Aikaterini Mitrokotsa, Mario Cagalj, Marcin Poturalski

Related concepts (49)

Man-in-the-middle attack

Cryptography

Cryptography, or cryptology (from κρυπτός "hidden, secret"; and γράφειν graphein, "to write", or -λογία -logia, "study", respectively), is the practice and study of techniques for secure communication in the presence of adversarial behavior. More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, information security, electrical engineering, digital signal processing, physics, and others.

Transport Layer Security

Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible. The TLS protocol aims primarily to provide security, including privacy (confidentiality), integrity, and authenticity through the use of cryptography, such as the use of certificates, between two or more communicating computer applications.

Related courses (6)

COM-401: Cryptography and security

This course introduces the basics of cryptography. We review several types of cryptographic primitives, when it is safe to use them and how to select the appropriate security parameters. We detail how

COM-506: Student seminar: security protocols and applications

This seminar introduces the participants to the current trends, problems, and methods in the area of communication security.

CS-523: Advanced topics on privacy enhancing technologies

This advanced course will provide students with the knowledge to tackle the design of privacy-preserving ICT systems. Students will learn about existing technologies to prect privacy, and how to evalu

Related lectures (58)

Internet Capsules: Security and Privacy

Covers internet security, privacy, TLS, blocking, filtering, surveillance, and espionage.

Capsule Evaluations

Evaluates student-made capsules, providing feedback on presentation strengths and areas for improvement.

Bluetooth Security: Pairing Protocols

Explores Bluetooth security, focusing on pairing protocols, key recovery, and active attacks in Bluetooth 2.0 and the enhanced Bluetooth 2.1 with Secure Simple Pairing (SSP).