SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    Re: DH-CHAP



    
    "Yongge Wang" <ywang@karthika.com> writes:
    > You can say this is MITM if you define MITM in this way.
    
    That's how it is usually defined in the literature.
    
    > However, in the literature, the man-in-the-middle attack is defined
    > in the way David (Jablon) has pointed out: The attack controls the entire
    > communication links between the two real entities. This is a subtle 
    > difference.
    
    > The attacker on DH-CHAP does not need to control the links.
    > A simple example is as follows:
    
    > The initiator and the attacker sit on one local Ethernet-I(e.g., 
    > connected by a hub), the target sits on another Ethernet-II though
    > still in the same organization.  The Ethernet-I and Ethernet-II
    > are connected by a switch or a router. Now the attacker could easily
    > (almost trivially) launch the attack though neither the attacker controls
    > the links between the initiator and the target nor the attacker 
    > sits between the initiator and the target.
    
    I must admit that I completely fail to understand the difference
    between this and a normal "man in the middle" attack. In either, you
    insert yourself into the communications and play to each end.
    
    I'm also very much unclear on why this attack, given the CHAP
    authentication layered on top of the Diffie-Hellman exchange, is of
    concern.
    
    
    --
    Perry E. Metzger		perry@wasabisystems.com
    --
    NetBSD: The right OS for your embedded design. http://www.wasabisystems.com/
    

    • Follow-Ups:
    • References:


Home

Last updated: Mon Apr 15 14:18:25 2002
9674 messages in chronological order