Page 562 - StudyBook.pdf
P. 562

546    Chapter 9 • Basis of Cryptography

             from Al. He replies to Al and encrypts the message using Beth’s public key. Beth
             again intercepts the message, decrypts it with her private key, and modifies it.Then
             she encrypts the new message with Al’s public key and sends it on to Al, who
             receives it and believes it to be from Charlie.
                 Clearly, this type of communication is undesirable, because a third party not
             only has access to confidential information, but she can also modify it at will. In
             this type of attack, no encryption is broken because Beth does not know either Al
             or Charlie’s private keys, so the Diffie-Hellman algorithm isn’t really at fault.
             Beware of the key exchange mechanism used by any PKE system. If the key
             exchange protocol does not authenticate at least one and preferably both sides of
             the connection, it may be vulnerable to MITM-type attacks.Authentication sys-
             tems generally use some form of digital certificates (usually X.509), such as those
             available from Thawte or VeriSign.


                Remember: Shaken, Not Stirred
           Head of the Class…  evil agent from SPECTRE contacts the agent first, pretending to be Bond.
                A good example of a MITM attack is in the James Bond movie From Russia
                with Love. Bond is supposed to meet another agent in a train station. The

                In this manner, the evil agent gets the correct passphrase. The evil agent
                then pretends to be the agent that Bond is supposed to contact.
                     The same technique can be applied to encrypted protocols. An
                attacker sets up a server that answers requests from clients. For example,
                the server could answer a request for https://www.amazon.com. A user
                contacting this machine will falsely believe they have established an
                encrypted session to Amazon.com. At the same time, the attacker con-
                tacts the real Amazon.com and pretends to be the user. The attacker
                plays both roles, decrypting the incoming data from the user, then reen-
                crypting it for transmission to the original destination.
                     In theory, encryption protocols have defenses against this. A server
                claiming to be Amazon.com needs to prove that it is, indeed,
                Amazon.com. In practice, most users ignore this. MITM attacks have
                proven effective when used in the field.



             Authentication

             Is the receiver able to verify the sender? The answer depends on the type of
             encryption. In cases of symmetric cryptography, the answer is no, but in cases of
             asymmetric cryptography, the answer is yes.With symmetric cryptography, anyone
             with access to the secret key can both encrypt and decrypt messages.Asymmetric



          www.syngress.com
   557   558   559   560   561   562   563   564   565   566   567