Man-In-The-Middle-Attack (MITM)

Man-in-the-middle-attack

In cryptography and computer security, aman-in-the-middle attack (often abbreviated MitM, MiM attack, MitMA or the sameusing all capital letters) is an attack where the attacker secretly relays andpossibly alters the communication between two parties who believe they aredirectly communicating with each other. Man-in-the-middle attacks can bethought about through a chess analogy. Mallory, who barely know to play chess,claims that she can play two grandmasters simultaneously and either win onegame or draw both. She waits for the first grandmaster to make a move and thenmakes this same move against the second grandmaster. When the secondgrandmaster responds, Mallory makes the same play against the first. She playsthe entire game this way and cannot lose. A man-in-the-middle attack is asimilar strategy and can be used against many cryptographic protocols. Oneexample of man-in-the-middle attacks is active eavesdropping, in which theattacker makes independent connections with the victims and relays messagesbetween them to make them believe they are talking directly to each other overa private connection, when in fact the entire conversation is controlled by theattacker. The attacker must be able to intercept all relevant messages passingbetween the two victims and inject new ones. This is straightforward in manycircumstances; for example, an attacker within reception range of anunencrypted Wi-Fi wireless access point can insert himself as aman-in-the-middle.

As an attack that aims at circumventingmutual authentication, or lack thereof, a man-in-the-middle attack can succeedonly when the attacker can impersonate each endpoint to their satisfaction asexpected from the legitimate other end. Most cryptographic protocols includesome form of endpoint authentication specifically to prevent MITM attacks. Forexample, TLS can authenticate one or both parties using a mutually trustedcertificate authority.