Differences between version 3 and previous revision of ManInTheMiddle.
Other diffs: Previous Major Revision, Previous Author, or view the Annotated Edit History
| Newer page: | version 3 | Last edited on Thursday, April 1, 2004 4:00:43 am | by StuartYeates | Revert |
| Older page: | version 2 | Last edited on Thursday, April 1, 2004 3:56:35 am | by StuartYeates | Revert |
@@ -1,8 +1,8 @@
[ManInTheMiddle] is a classic cryptographic attack.
If Alice and Bob want to communicate securely via email (or phone or whatever) then unless they have some means to authenticate themselves and each other, Cain could pretend to Alice that he's Bob and pretend to Bob that he's Alice. When Alice sends a message to Cain (whom she thinks is Bob), she encrypts it with Cains key and sends it to him, he receives it, decrypts it, reads the message, and encrypts it with Bob's key and sends it to him. Unless they have some way of communicating outside of the secure channel, Alice and Bob may nevre know that their email is being read.
-The combination of authentication and
DiffieHellmanKeyExchange or the WebOfTrust are thought to be effective countermeasures to ManInTheMiddle attacks.
+The combination of authentication,
DiffieHellmanKeyExchange and [Signature]s
or the WebOfTrust are thought to be effective countermeasures to ManInTheMiddle attacks.
----
CategoryCryptography
