Introduction to man in the middle
attack
Man-in-the-middle
attack (Meet-in-the-middle attack) is a common type of
security attack that allows attackers to eavesdrop on the communication
between two users.
The
attack takes place in between two users, allowing the attacker to “listen” to a
conversation, without permission of users, hence the name “man-in-the-middle.”
Here’s an
analogy: Alice and Bob are having a conversation; Darth (Attacker) wants to
eavesdrop on the conversation but also remain transparent.
Darth
could tell Alice that he was Bob and tell Bob that she was Alice.
This
would lead Alice to believe she’s speaking to Bob, while actually revealing her
part of the conversation to Darth.
Darth
could then gather information from this, alter the response, and pass the
message along to Bob (who thinks he’s talking to Alice).
As a
result, Darth is able to transparently hijack their conversation.
Purpose
of Diffie-Hellman key exchange algorithm is exchanging public keys
and calculate secret keys using public keys.
Then subsequent messages (further communications) are encrypted using secret keys.
Man-in-the-middle attack in Diffie-Hellman Key exchange algorithm
Man in
the middle attack in Diffie-Hellman key exchange is takes place during
exchanges of public keys, it may be attacker capture the both keys and new
values of keys are share with both the users.
Subsequent encrypted messages are read and modified by attacker. Then send to the respective user. Using this attack attacker may read and modify messages and get the benefits of user communication. Let see one scenario….
As per
Diffie-Hellman key exchange algorithm Alice wants to exchange key with Bob:
As per
Above Diagram
Alice,
Select XA.
Calculate
YA.
Bob,
Select XB.
Calculate YB.
Darth
prepares for the attack,
Generating
two random private keys XD1 and XD2
Calculate
public key YD1
Calculate public key YD2
As per
key exchange algorithm, Alice transmits her public key YA to Bob.
Darth
intercepts YA
Darth calculate secret key KAlice for more conversation with Alice. KAlice = (YA)XD2 mod q.
Darth
transmits YD1 (in place of YA) to Bob. Bob doesn’t have
an idea, YD1 is shared by Darth.
Bob
calculate secret key K1 using YD1. Secret Key K1
= (YD1) XB mod q.
Bob transmits
his public key YB to Alice.
Darth
intercepts YB.
Darth calculate secret key KBob for more conversation with Bob. KBob = (YB) XD1 mod q.
Darth
transmits YD2 (in place of YB) to Alice. Alice doesn’t
have an idea, YD2 is shared by Darth.
Alice calculates
secret key K2 using YD2. Secret Key K2 = (YD2)
XA mod q.
Now,
Darth will capture all subsequent messages of Alice and Bob. Read and modify
all the message and send to the alice and Bob.
It means
Alice communicate with Darth and Bob also communicate with Darth. But Alice and Bob have think, they are
communicate with each others.
This type
of attack is called man in the middle attack in
Diffie-Hellman Key Exchange.
We cannot
easily detect man-in-the-middle attack, so we need to prevent man-in-the-middle
attack before communication.
How to prevent from
Man-in-the-Middle Attack
Strong
WEP/WAP Encryption on Access Points
Strong
Router Login Credentials
Virtual Private Network
Use of HTTPS
To learn more about man in the middle attack in diffied-hellman key exchange algorithm, Click here
No comments:
Post a Comment