Re: DH-CHAP

["Perry E. Metzger" <perry@wasabisystems.com>]

"Yongge Wang" <ywang@karthika.com> writes:
> You can say this is MITM if you define MITM in this way.

That's how it is usually defined in the literature.

> However, in the literature, the man-in-the-middle attack is defined
> in the way David (Jablon) has pointed out: The attack controls the entire
> communication links between the two real entities. This is a subtle 
> difference.

> The attacker on DH-CHAP does not need to control the links.
> A simple example is as follows:

> The initiator and the attacker sit on one local Ethernet-I(e.g., 
> connected by a hub), the target sits on another Ethernet-II though
> still in the same organization.  The Ethernet-I and Ethernet-II
> are connected by a switch or a router. Now the attacker could easily
> (almost trivially) launch the attack though neither the attacker controls
> the links between the initiator and the target nor the attacker 
> sits between the initiator and the target.

I must admit that I completely fail to understand the difference
between this and a normal "man in the middle" attack. In either, you
insert yourself into the communications and play to each end.

I'm also very much unclear on why this attack, given the CHAP
authentication layered on top of the Diffie-Hellman exchange, is of
concern.


--
Perry E. Metzger		perry@wasabisystems.com
--
NetBSD: The right OS for your embedded design. http://www.wasabisystems.com/