# How to Stop Man in the Middle Attacks Part 1

In an earlier post I linked to a video from Khan Academy that talked about how encrypted communication works. Unfortunately that video series left out a very important thing to be aware of about encryption, and that’s man in the middle attacks.
If you haven’t watched that video series I would recommend watching it again. Here‘s the link to the video again just in case you need it.

The story:
Now that Alice and Bob have figured out the Diffie-Hellman key exchange they are now safe from Eve’s eavesdropping; however Eve doesn’t give up easily and so she calls in her big sister Mallory. You see Alice and Bob are communicating over the Internet. When messages travel through the Internet they don’t just jump from point A to point B. Instead they jump from one computer to another until they reach their destination. Mallory in this analogy is one of the computers that their messages have to pass through.

Mallory can do some things that Eve can’t do. Eve could only read their messages; however all messages have to go through Mallory and thus she has the following abilities:
*Refuse to carry a given message (AKA “dropping packets”),
*Modify a message before delivering it,
*Create a message where she pretends to be Alice or Bob,
*and read the messages being sent through.

Since Mallory has these abilities she can do a “man in the middle attack”. Here’s how it works:
First Alice tries to do a Diffie-Hellman key exchange with Bob.

Alice begins her part of the key exchange thinking that she’s establishing an encrypted connection with Bob when in reality she’s forming an encrypted connection with Mallory and Bob does the same.
Now Mallory has an encrypted connection with Alice and Bob, and can eavesdrop on them by decrypting messages sent by Alice, reading them, encrypting them, and sending them to Bob.

To stop this from happening we need to find some way to either stop Mallory from altering/replacing the messages or detect when she does this.

Unfortunately it’s impossible to stop her from altering/replacing the message so instead we’ll have to detect her tampering with public/private key cryptography. I will go over public/private key encryption in the next post.

## 31 thoughts on “How to Stop Man in the Middle Attacks Part 1”

1. Melba Osmond says:

Hello noahs-blog.net

BRINE MED CARE offers TOP quality at attractive prices, we deliver to companies and private customers.
http://www.brineshop.ch for Switzerland
http://www.brineshop.de for Europe

Companies can request a special offer at med@brine.ch

The .BRINE team looks forward to hearing from you
Thanks, Melba Osmond
If you no longer wish to hear from us, please reply me.

2. Enid Hanes says:

Hello

YOU NEED QUALITY VISITORS FOR YOUR: noahs-blog.net ?

WE PROVIDE HIGH-QUALITY VISITORS WITH:
– 100% safe for your site
– real visitors with unique IPs. No bots, proxies, or datacenters
– visitors from Search Engine (by keyword)
– visitors from Social Media Sites (referrals)
– visitors from any country you want (USA/UK/CA/EU…)
– very low bounce rate
– very long visit duration
– multiple pages visited
– custom URL tracking provided
– boost ranking in SERP, SEO, profit from CPM

CLAIM YOUR 24 HOURS FREE TEST HERE=> ventfara@mail.com

Thanks, Enid Hanes

3. German Tarr says:

Hello

YOU NEED QUALITY VISITORS FOR YOUR: noahs-blog.net ?

WE PROVIDE HIGH-QUALITY VISITORS WITH:
– 100% safe for your site
– real visitors with unique IPs. No bots, proxies, or datacenters
– visitors from Search Engine (by keyword)
– visitors from Social Media Sites (referrals)
– visitors from any country you want (USA/UK/CA/EU…)
– very low bounce rate
– very long visit duration
– multiple pages visited
– custom URL tracking provided
– boost ranking in SERP, SEO, profit from CPM

CLAIM YOUR 24 HOURS FREE TEST HERE=> ventfara@mail.com

Thanks, German Tarr

4. Domenic Jose says:

Hello

YOU NEED FAST PROXY SERVERS ?

Check it out this Anonymous and Private Proxy Servers.
– HTTP & SOCKS5 Proxy supported.
– IP Authentication or Password Authentication available.

Thanks, Domenic Jose
If you no longer wish to hear from us, please reply this email.

5. SEObyAxy says:

Hello

YOU NEED QUALITY VISITORS FOR YOUR: noahs-blog.net ?

WE PROVIDE HIGH-QUALITY VISITORS WITH:
– 100% safe for your site
– real visitors with unique IPs. No bots, proxies, or datacenters
– visitors from Search Engine (by keyword)
– visitors from Social Media Sites (referrals)
– visitors from any country you want (USA/UK/CA/EU…)
– very low bounce rate
– very long visit duration
– multiple pages visited