[Cryptography] Encryption opinion
Kristian Gjøsteen
kristian.gjosteen at math.ntnu.no
Wed Aug 27 06:22:10 EDT 2014
27. aug. 2014 kl. 03:29 skrev ianG <iang at iang.org>:
> On 26/08/2014 23:29 pm, Paul Ferguson wrote:
>> The real "in the middle" threat these days is credential-stealing
>> Man-in-the-Browser (MitB) malware, such as most modern day banking
>> Trojans (ZeuS, et al).
>>
>> This is truly "in the middle" insofar as the attacker is actively and
>> surreptitiously part of the end-to-end session.
>
> It's curious that you say that. In MITM there are the two end nodes and
> a node in the middle. When MITB takes over Alice's node, he isn't in
> the middle anymore, he's Alice's node.
This is the wrong way to think about such cryptographic protocols. Alice is the end-point, the bank is the other end-point, and the computer is between the end-points. With this point of view, internet banking (and many other applications) is easy to apply cryptograpic protocol analysis tools to. Also, with this point of view, a compromised computer is little different from a compromised network, so it is a MITM attack.
That said, I would say that MITM and MITB are informal terms used to describe classes of attacks. Quarrelling about what is and is not a MITM is sometimes fun and almost never productive.
--
Kristian Gjøsteen
More information about the cryptography
mailing list