Man in middle attack
gfgs pedo
jtrjtrjtr2001 at yahoo.com
Tue Jul 2 03:01:44 PDT 2002
hi,
> The only thing that might, as far as I can see,
> succeed (with a high
> probability) would be for everyone to hash the
> *next* half - meaning that,
> together with half 2 of message N, there will be the
> hash of half one of
> message N + 1. However, I don't see how this would
> be possible for an
> interactive communication...
As far as i can extend the previous attack,i.e faking
1 packet for interlock protocol in the above 1 you
propose,extending the same attack it only takes
Mallory
one and a half faked packets to launch a succefull
attack on the above proposal.
let
A=Alice
M=Mallory
B=Bob
let
1:1 indicate 1 st packet ,1st half
1:2 indicate 1 st packet , 2nd half
2:1 indicate 2 nd packet, 1st half
2:2 indicate 2nd packet , 2nd half
and so on
so we are now have 1:2 and 2:1 as one complete
message
and so on
No: A M B
1 A->1:1 M->1:1
2 M->1:1 B->1:1
3 A->1:2 M->1:2
4 M->1:2 B->1:2
5 A->2:1 M->2:1
6 M->2:1 B->2:1
7 A->2:2 ******
The blank spaces corresponding to each row indicates
that it is a sender and the other 2 are receivers.
Once Mallory receives A->2:2 ,he has 2 full packets in
hand and has faked 1 and a half packets(Step 7)
**** indicates that it is now the earler packet Bob
receives of Alice after Mallory's manupilation.
I hope that table will give some clarity.
now he can send Bob the original message of Alice.
So I think the above suggested protocol will not work.
Mallory can still get away with his scheme
Regards Data.
--- Marcel Popescu <mdpopescu at subdimension.com> wrote:
> From: "gfgs pedo" <jtrjtrjtr2001 at yahoo.com>
>
> > One solution suggested against the man in the
> middle
> > attack is using the interlock protocol
>
> This is the one I vaguely recalled, thank you.
>
> > All mallory would have to do is send the half of
> the
> > (n th) packet when he receives the half of (n+1)th
> > packet since the 1 st packet was faked by mallory.
>
> Interesting attack... assuming that a one-block
> delay doesn't look
> suspicious.
>
> What if every message except the very first one has
> a hash of the previously
> received message?
>
> A -> (M ->) B: half 1 of message A1
> B -> (M ->) A: half 1 of message B1 | hash (half 1
> of message A1)
> A -> (M ->) B: half 2 of message A1 | hash (half 1
> of message B1)
> B -> (M ->) A: half 2 of message B1 | hash (half 2
> of message A1)
> A -> (M ->) B: half 1 of message A2 | hash (half 2
> of message B1)
> ... and so on
>
> Nah... won't work; since M captures A1 and B1, he
> can compute the hashes for
> both the initial bogus message and the (delayed)
> genuine ones. Same if they
> try hasing all the previous messages.
>
> What if they send the hash of the *other* half? (The
> program splitting the
> messages already has the full ones.)
>
> A -> (M ->) B: half 1 of message A1 | hash (half 2
> of message A1)
> B -> (M ->) A: half 1 of message B1 | hash (half 2
> of message B1)
> A -> (M ->) B: half 2 of message A1 | hash (half 1
> of message A1)
> B -> (M ->) A: half 2 of message B1 | hash (half 1
> of message B1)
> ... and so on
>
> Nope, no good... M fakes the first message in both
> direction, and then he
> always has a good one, so he can compute the hashes.
>
> The only thing that might, as far as I can see,
> succeed (with a high
> probability) would be for everyone to hash the
> *next* half - meaning that,
> together with half 2 of message N, there will be the
> hash of half one of
> message N + 1. However, I don't see how this would
> be possible for an
> interactive communication...
>
> Thanks,
> Mark
>
>
__________________________________________________
Do You Yahoo!?
Sign up for SBC Yahoo! Dial - First Month Free
http://sbc.yahoo.com
More information about the cypherpunks-legacy
mailing list