Threat Posed by Man-in-the-Middle Attacks

tags:

security

views:

135

answers:

+6 Q:

Threat Posed by Man-in-the-Middle Attacks

How frequent (and/or sophisticated) are man-in-the-middle attacks?

About

In cryptography, the man-in-the-middle attack (often abbreviated MITM), or bucket-brigade attack, or sometimes Janus attack, is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. The attacker must be able to intercept all messages going between the two victims and inject new ones, which is straightforward in many circumstances (for example, an attacker within reception range of an unencrypted Wi-Fi wireless access point, can insert himself as a man-in-the-middle).

http://en.wikipedia.org/wiki/Man-in-the-middle_attack

The reason I ask is to try and gauge whether it's worth the added overhead of encrypting important sections of the content I'm sending to the user or whether it's safe to just go ahead and send it unencrypted.

Note: I know this isn't strictly a "programming" question insofar as there is no code solution, however it influences coding decisions and is coding-based, so it still seems appropriate.

+3 A:

Depends on the application, but if the data being sent is at all sensitive, definitely guard against man in the middle! It is a very relevant danger especially with rise of Wi-Fi, and very easy to do; a friend and I were able to replicate the Gmail MIMA last year with little difficulty.

2010-05-27 17:04:13

+4 A:

The MITM attack is not necessarily thwarted by encryption. For example, if you encrypt using a so-called "self-signed certificate," then your communications will be encrypted, and yet a MITM attack could still occur. For example, with a self-signed cert, if you load "Fiddler" onto the client box, it will perform a MITM exercise so that it can watch all the traffic. The client and the server will not realize that the MITM is happening.

If you use real PKI (a true trusted 3rd party is involved), then MITM isn't possible.

In any case, MITM is fairly easy to achieve, if the value of your data is "worth it" to the attacker.

Brent Arias 2010-05-27 17:04:41

It's not that it isn't possible, it's just that the MITM would have to start when you download your web browser by modifying the public key for the key certifier they're interested in, and then act as the certifier for every security transaction at all times. Your ISP is in a position where it could do this, but protecting against it would go into the realm of security overkill.

tloach 2010-05-27 17:11:38

@tloach: The answer specifically mentions self-signed certificates, so that is not true - we're not talking about web-browsers...

BlueRaja - Danny Pflughoeft 2010-05-27 17:27:14

@BlueRaja - self-signed are defeated by a simple MITM as the answer states. It doesn't matter if it isn't a web browser, the point is that if the middleman can intercept and modify the transmission of the program that will do the security communication then the attack is still possible.

tloach 2010-05-27 17:34:14

You _can_ verify a self-signed cert if you already know the signature... (This is equivalent to downloading the list of public root CAs, there is one and only point vulnerable to interception {although a CA creates another point of failure}) maybe _your_ browser sucks too much to do this?

Longpoke 2010-05-27 17:42:35

@LongPoke: It is NOT equivalent to downloading the list of public CAs. If someone modifies the CA list then they need to intercept every single message to the CA they modify, even if they aren't interested in the traffic. Also the public CA list generally comes with the browser (or OS in the case of IE or safari) which would be more challenging to intercept and modify in the first place as you're modifying a large binary plus MD5 signature on the fly.

tloach 2010-05-27 18:38:12

@tloach, Don't be naive. The crux is that the CA list can be modified on first retrieval as can self signed cert. What you're basically saying is an attack is impossible because it's slightly harder and you don't have some script kiddie tool available to mount it. "which would be more challenging" nope... We can MITM anyone who pirates an O/S or downloads an open source one, except for the 0.0000001% of people (like me) who actually check the sig on the downloaded O/S, and already had it in the first place.

Longpoke 2010-05-27 19:34:37

Although it's more likely that when someone MITMs an O/S or browser transfer, he's just going to inject malicious code...

Longpoke 2010-05-27 19:35:32

@LongPoke: Lets assume that modifying the CA list is as easy as modifying a self-signed cert. Let's say the site you're interested in has a cert signed by Verisign. Now, in order to make the change invisible to the user, you need to act as a middleman for every single site they visit that is signed by Verisign. If your server goes down for even a day they will hit enough sites that pop up security warnings that they may think that something is wrong on their end. If you have a self-signed cert then they only need to worry about intercepting one site.

tloach 2010-05-28 12:20:00

@tloach, 1. There's a decent chance that once you hijack a CA, you're going to use it to takeover the target's computer, thus replacing the hijacked CA with a normal one after. 2. Full time MITM is _not_ a problem, you just have to do it for long enough to get the goods. 3. Even if you leave a broken CA, there is a 99% chance the user wont know what happened and will either: a) force to accept the broken one. b) reinstall his browser c) reinstall his O/S.

Longpoke 2010-05-28 12:38:59

@tloach: You also forgot that _most_ (all?) browsers don't care **what** CA they get, they only care if a known trusted CA signed for the site (yes, there is a plugin to "fix" this). So all you have to do in the MITM attack is attach a new CA to the CA bundle, and you win, and every incontinence you mentioned above doesn't happen.................

Longpoke 2010-05-28 12:40:41

+8 A:

It doesn't take a MITM attack to read data that hasn't been encrypted at all. A MITM attack is used to allow an attacker to read data that has been encrypted.

Edit: The relevant question with respect to MITM attacks is not whether you should do encryption at all. It's whether you should do some sort of authentication (i.e., verifying the identity of the remote party) while you set up an encrypted connection.

With no encryption at all, a "snooper" just looks at your data as it goes through, and sees exactly what's there. A MITM attack applies when you do encryption, but don't verify who you're sending the encrypted data to. In this case, the attacker inserts himself in the middle of the conversation -- you connect to the attacker, and send him encrypted data. He connects to the person you intended to talk to, and creates an encrypted connection to both of you. Then, as you send your data, he receives it, decrypts it with your key, re-encrypts it with the target's key, and sends it to the target. Likewise, any returned data he decrypts with the target's key, and re-encrypts with yours.

This way, it looks to both you and the target as if the communication is going normally -- but the attacker can read everything you send. If you don't encrypt the data at all, though, none of this is necessary -- since you're sending plain text, the attacker can just look at it as it goes by.

Jerry Coffin 2010-05-27 17:04:49

....obviously. OP doesn't need to care about this, he wants to know if it's worth it to setup TLS or similar to defend against MITM...

Longpoke 2010-05-27 17:51:58

@Longpoke: Maybe -- but your conclusion seems to be based primarily on your own assumption, not what the OP actually said/asked.

Jerry Coffin 2010-05-27 17:54:35

"How frequent (and/or sophisticated) are man-in-the-middle attacks?"...

Longpoke 2010-05-27 19:37:27

+1 A:

Any time you talk about security, it's always in context of sensitivity of your data. The more valuable your secret is to someone, the more determined they will be to obtain it, and the more resources they'll expand. Conversely, the more valuable it is to you to keep it secret, the more resources you should expand protecting it.

ykaganovich 2010-05-27 17:05:09

+2 A:

I would refer you to the Internet Storm Center (isc.sans.org) for any questions about frequency of attack types on the Internet.

Keep in mind that MITM is a very broad term, and you seem to be more worried specifically with just session sniffing (i.e., eavesdropping) attacks. Sniffing attacks are trivial to perform. A full MITM facilitates modification of the session, which can have different implications than simply viewing the information. This modification requires a bit more sophistication, but not custom tools.

Using TLS/SSL on your site will provide protection of the data from prying eyes and ensure that clients are indeed communicating with the correct server.

To address the note on coding - whether you decide to use cryptography or not, you should be engineering your web app such that it would not be onerous to add crypto later.

Mike S 2010-05-27 17:23:58

Man in the middle attacks are pretty accessible to anyone, especially on public networks. It's up to you to decide if you want anyone to be able to read your data or not...

Longpoke 2010-05-27 17:37:49

ansaurus

tags:

views:

answers:

Threat Posed by Man-in-the-Middle Attacks

related questions