[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: DH vs. RSA use for symmetric key exchange
"Khaja E. Ahmed" wrote:
> 1.) Can someone point me to either a discussion archive or other material on
> man in the middle attacks on IKE?
There's a brief discussion in the glossary for FreeS/WAN, a Linux IPSEC
implementation:
http://www.freeswan.org/freeswan_trees/freeswan-1.8/doc/glossary.html#middle
Links at the top of that document point to other glossaries, including an
RFC Internet Security Glossary:
http://www.rfc-editor.org/rfc/rfc2828.txt
It gives:
$ man-in-the-middle
(I) A form of active wiretapping attack in which the attacker
intercepts and selectively modifies communicated data in order to
masquerade as one or more of the entities involved in a
communication association. (See: hijack attack, piggyback attack.)
(C) For example, suppose Alice and Bob try to establish a session
key by using the Diffie-Hellman algorithm without data origin
authentication service. A "man in the middle" could (a) block
direct communication between Alice and Bob and then (b) masquerade
as Alice sending data to Bob, (c) masquerade as Bob sending data
to Alice, (d) establish separate session keys with each of them,
and (e) function as a clandestine proxy server between them in
order to capture or modify sensitive information that Alice and
Bob think they are sending only to each other.
Follow-Ups:
References: