Man in the middle

Lecture



The mediator attack , the man-in -the- middle attack, MITM-attack ( Man in the middle ) is a cryptographic term for a situation where a cryptanalyst (attacker) is able to read and alter messages that correspondents exchange with their will, and none of the latter can not guess his presence in the channel.

The method of compromising a communication channel, in which a hacker, having connected to a channel between contractors, interferes with the transfer protocol, deleting or distorting information.

Principle of attack

The attack usually begins with listening to the communication channel and ends with the cryptanalyst trying to replace the intercepted message, extract useful information from it, redirect it to some external resource.

Suppose that object A plans to pass some information to object B. Object C has knowledge of the structure and properties of the data transfer method used, as well as the fact of the planned transfer of the actual information that C plans to intercept. To commit an attack, C "appears" to object A as B, and to object B - as A. Object A, mistakenly believing that it sends information B, sends it to object C. Object C, having received the information, and having performed some actions with it (for example , by copying or modifying for its own purposes, it sends the data to the recipient itself - B; object B, in turn, considers that the information was received by him directly from A.

Example attack

Man in the middle
Attack "man in the middle."

Suppose Alice wants to convey some information to Bob. Mallory wants to intercept the message and possibly change it so that Bob gets the wrong information.

Mallory begins his attack by establishing a connection with Bob and Alice, and they cannot guess that someone else is present in their communication channel. All messages that Bob and Alice send come to Malory.

Alice asks Bob for his public key. Malory is introduced to Alice by Bob and sends her her public key. Alice, believing that this is Bob's key, encrypts the message with them and sends it to Bob. Malory receives the message, decrypts it, then modifies it, if necessary, encrypts it with Bob’s public key and sends it to him. Bob receives the message and thinks it came from Alice:

  1. Alice sends Bob a message that intercepts Malory:

    Alice "Hi Bob, This is Alice. Send me your public key »→ Malory Bob

  2. Mallory forwards the message to Bob; Bob cannot guess that this message is not from Alice:

    Alice Malory "Hi Bob, This is Alice. Send me your public key »→ Bob

  3. Bob sends his key:

    Alice Malory ← [Bob key] Bob

  4. Malory replaces Bob's key with his own and forwards the message to Alice:

    Alice ← [key malori] malori bob

  5. Alice encrypts the message with Malory's key, considering that this is Bob's key, and only he can decrypt it:

    Alice "Meet me at the bus stop!" [Encrypted with Malory key] → Malory Bob

  6. Mallory decrypts the message, reads it, modifies it, encrypts it with Bob's key, and sends it:

    Alice Malory “Wait for me at the entrance to the museum at 18:00!” [Encrypted with Bob's key] → Bob

  7. Bob thinks this is Alice's message.

This example demonstrates the need to use methods to confirm that both parties use the correct public keys, that is, side A has a public key on side B, and side B has a public key on side A. Otherwise, the channel may be subject to attack “man in the middle ".

Attack scenarios

Public key exchange

Man-in-the-middle attacks pose a threat to systems that make financial transactions via the Internet — for example, e-business, Internet banking, or a payment gateway. Using this type of attack, an attacker can gain access to a user account and perform all sorts of financial fraud.

In the case of a public key system, the cryptanalyst can intercept public key exchange messages between the client and the server and modify them, as in the example above. In order to go unnoticed, the cryptanalyst must intercept all messages between the client and the server and encrypt and decrypt them with appropriate keys. Such actions may seem too complicated for an attack, but they pose a real threat to unsafe networks (for example, the Internet and wireless networks). [one]

The introduction of malicious code

The implementation of code [2] in the man-in-the-middle attack is mainly used to capture an already authorized session, execute your own commands on the server and send false answers to the client. [3]

The man-in-the-middle attack allows the cryptanalyst to embed its code in emails, SQL expressions and web pages (that is, it allows performing SQL injections, HTML / script injections or XSS attacks), and even modifies the binary files downloaded by the user in order to get access to the user account or change the behavior of the program downloaded by the user from the Internet. [3]

Downgrade attack

The term “Downgrade Attack” refers to an attack in which the cryptanalyst forces the user to use less secure functions, protocols that are still supported for compatibility reasons. This type of attack can be conducted on the protocols SSH, IPsec and PPTP.

SSH V1 instead of SSH V2

The attacker may try to change the parameters of the connection between the server and the client when establishing a connection between them. [3] According to a report from Blackhat Conference Europe 2003, a cryptanalyst can “force” a client to start an SSH1 session instead of SSH2 by changing the version number “1.99” for the SSH session to “1.51”, which means using SSH V1. [4] The SSH-1 protocol has vulnerabilities that can be exploited by a cryptanalyst.

IPsec

In such an attack scenario, the cryptanalyst misleads his victim, forcing her to think that the IPsec session cannot start at the other end (server). This leads to the fact that messages will be sent explicitly, in case the host machine is running in rollback mode. [four]

PPTP

At the stage of negotiating PPTP session parameters, an attacker can force the victim to use a less secure PAP authentication, MSCHAP V1 (that is, “roll back” from MSCHAP V2 to version 1), or not to use encryption at all.

The attacker may force his victim to repeat the step of negotiating the PPTP session parameters (send a Terminate-Ack packet), steal the password from the existing tunnel, and repeat the attack.

Public communications without the protection of accuracy, confidentiality, availability and integrity of information

The most common means of communication for this group is a social network, a public email service and an instant messaging system. The owner of the resource that provides the communications service has full control over the information exchanged between correspondents and, at his own discretion, at any moment in time can freely make an attack.

Unlike previous scenarios based on technical and technological aspects of communications, in this case the attack is based on mental aspects, namely rooting in the minds of users of the concept of ignoring information security requirements.

Will encryption save?

Consider the case of a standard HTTP transaction. In this case, the attacker can quite easily break the original TCP connection into two new ones: one between themselves and the client, the other between themselves and the server. It is quite simple to do, since it is very rare that the connection between the client and the server is direct, and in most cases they are connected through a number of intermediate servers. MITM attacks can be performed on any of these servers.

However, if the client and server communicate via HTTPS — a protocol that supports encryption — the man-in-the-middle attack can also be carried out. With this type of connection, TLS or SSL is used to encrypt requests, which would seem to make the channel protected from sniffing and MITM attacks. The attacker can create two independent SSL sessions for each TCP connection. The client establishes an SSL connection with the attacker, who in turn creates a connection to the server. The browser in such cases usually warns that the certificate is not signed by a trusted certificate authority, but an ordinary user can easily ignore this warning. In addition, an attacker may have a certificate signed by a certification authority (for example, such certificates are sometimes used for DLP [5] ). In addition, there are a number of attacks on HTTPS. [6] Thus, the HTTPS protocol cannot be considered protected from MITM attacks by ordinary users.

MITM attack detection

To detect the man-in-the-middle attack, you must analyze the network traffic. For example, to detect an SSL attack, you should pay attention to the following parameters: [7]

  • Server ip address
  • DNS server
  • X.509 Server Certificate
    • Is the certificate signed by yourself?
    • Is the certificate signed by a certification authority?
    • Has the certificate been revoked?
    • Has the certificate changed recently?
    • Did other clients on the Internet receive the same certificate?

MITM attack implementations

  • dsniff - a tool for SSH and SSL attacks
  • Cain is a tool for conducting a man-in-the-middle attack. It has a graphical interface. Supports sniffing and ARP-spoofing
  • Ettercap - a tool for conducting attacks in the local network
  • Karma - uses Evil Twin's attack for conducting MITM attacks.
  • AirJack - software demonstrates 802.11 standard MITM attacks
  • SSLStrip - MITM SSL Attack Tool
  • SSLSniff is a tool for MITM attacks on SSL. Originally created to detect vulnerabilities in Internet Explorer. [eight]
  • Mallory is a transparent proxy server carrying out TCP and UDP MITM attacks. Can also be used to attack SSL, SSH, and many others.
  • wsniff is a tool for carrying out attacks on the 802.11 HTTP / HTTPS protocol

These programs can be used to carry out man-in-the-middle attacks, as well as to detect them and test the system for vulnerabilities.

Example in literature

An illustrative literary example can be seen in A. S. Pushkin’s The Tale of Tsar Saltan, in which there are three “people in the middle” (a cryptanalyst): a weaver, a cook, and Babarikh. They substitute letters addressed to the king, and his correspondence.

Also, the mediator’s attack is described in A. Dumas’s novel “The Count of Monte Cristo”, where the message transmitted via optical telegraph is replaced by one of the relay stations.

see also

  • Aspidistra (English) - a British radio transmitter used during the Second World War "invasion", a variant of the MITM-attack.
  • Babington Conspiracy (Eng.) - a conspiracy against Elizabeth I, during which Walsingham intercepted correspondence.

Other attacks

  • Man-in-the-Browser (Man in the Browser) is a type of attack in which an attacker can instantly change the parameters of a transaction, change pages completely transparently to the victim.
  • “Meet-in-the-middle attack” - a cryptographic attack, which also, like the attack of “birthdays”, uses a compromise between time and memory.
  • "Missing in the middle" (Miss in the middle attack) - an effective method of the so-called impossible differential cryptanalysis.
  • Relay attack is a variant of the MITM attack, based on forwarding the intercepted message to a valid recipient, but not to the one to whom this message was intended.
  • Rootkit - a program designed to hide the traces of the presence of the attacker.
  • ARP-spoofing
  • Public key cryptosystem
  • TCP hijacking

Comments

To leave a comment
If you have any suggestion, idea, thanks or comment, feel free to write. We really value feedback and are glad to hear your opinion.
To reply

Cryptanalysis, Types of Vulnerability and Information Protection

Terms: Cryptanalysis, Types of Vulnerability and Information Protection