How to Stop Man in the Middle Attacks Part 1

In an earlier post I linked to a video from Khan Academy that talked about how encrypted communication works. Unfortunately that video series left out a very important thing to be aware of about encryption, and that’s man in the middle attacks.
If you haven’t watched that video series I would recommend watching it again. Here‘s the link to the video again just in case you need it.

The story:
Now that Alice and Bob have figured out the Diffie-Hellman key exchange they are now safe from Eve’s eavesdropping; however Eve doesn’t give up easily and so she calls in her big sister Mallory. You see Alice and Bob are communicating over the Internet. When messages travel through the Internet they don’t just jump from point A to point B. Instead they jump from one computer to another until they reach their destination. Mallory in this analogy is one of the computers that their messages have to pass through.

Mallory can do some things that Eve can’t do. Eve could only read their messages; however all messages have to go through Mallory and thus she has the following abilities:
*Refuse to carry a given message (AKA “dropping packets”),
*Modify a message before delivering it,
*Create a message where she pretends to be Alice or Bob,
*and read the messages being sent through.

Since Mallory has these abilities she can do a “man in the middle attack”. Here’s how it works:
First Alice tries to do a Diffie-Hellman key exchange with Bob.

Alice begins her part of the key exchange thinking that she’s establishing an encrypted connection with Bob when in reality she’s forming an encrypted connection with Mallory and Bob does the same.
Now Mallory has an encrypted connection with Alice and Bob, and can eavesdrop on them by decrypting messages sent by Alice, reading them, encrypting them, and sending them to Bob.

To stop this from happening we need to find some way to either stop Mallory from altering/replacing the messages or detect when she does this.

Unfortunately it’s impossible to stop her from altering/replacing the message so instead we’ll have to detect her tampering with public/private key cryptography. I will go over public/private key encryption in the next post.

31 thoughts on “How to Stop Man in the Middle Attacks Part 1

  1. Hello noahs-blog.net

    BUY CERTIFIED PROTECTIVE MASKS & MASK CHAINS

    BRINE MED CARE offers TOP quality at attractive prices, we deliver to companies and private customers.
    Visit our website:
    http://www.brineshop.ch for Switzerland
    http://www.brineshop.de for Europe

    Companies can request a special offer at med@brine.ch

    The .BRINE team looks forward to hearing from you
    Thanks, Melba Osmond
    If you no longer wish to hear from us, please reply me.

  2. Hello

    YOU NEED QUALITY VISITORS FOR YOUR: noahs-blog.net ?

    WE PROVIDE HIGH-QUALITY VISITORS WITH:
    – 100% safe for your site
    – real visitors with unique IPs. No bots, proxies, or datacenters
    – visitors from Search Engine (by keyword)
    – visitors from Social Media Sites (referrals)
    – visitors from any country you want (USA/UK/CA/EU…)
    – very low bounce rate
    – very long visit duration
    – multiple pages visited
    – tractable in google analytics
    – custom URL tracking provided
    – boost ranking in SERP, SEO, profit from CPM

    CLAIM YOUR 24 HOURS FREE TEST HERE=> ventfara@mail.com

    Thanks, Enid Hanes

  3. Hello

    YOU NEED QUALITY VISITORS FOR YOUR: noahs-blog.net ?

    WE PROVIDE HIGH-QUALITY VISITORS WITH:
    – 100% safe for your site
    – real visitors with unique IPs. No bots, proxies, or datacenters
    – visitors from Search Engine (by keyword)
    – visitors from Social Media Sites (referrals)
    – visitors from any country you want (USA/UK/CA/EU…)
    – very low bounce rate
    – very long visit duration
    – multiple pages visited
    – tractable in google analytics
    – custom URL tracking provided
    – boost ranking in SERP, SEO, profit from CPM

    CLAIM YOUR 24 HOURS FREE TEST HERE=> ventfara@mail.com

    Thanks, German Tarr

  4. Hello

    YOU NEED FAST PROXY SERVERS ?

    Check it out this Anonymous and Private Proxy Servers.
    – HTTP & SOCKS5 Proxy supported.
    – IP Authentication or Password Authentication available.
    – MORE INFO HERE: https://bit.ly/3ifZkmL

    Thanks, Domenic Jose
    If you no longer wish to hear from us, please reply this email.

  5. Hello

    YOU NEED QUALITY VISITORS FOR YOUR: noahs-blog.net ?

    WE PROVIDE HIGH-QUALITY VISITORS WITH:
    – 100% safe for your site
    – real visitors with unique IPs. No bots, proxies, or datacenters
    – visitors from Search Engine (by keyword)
    – visitors from Social Media Sites (referrals)
    – visitors from any country you want (USA/UK/CA/EU…)
    – very low bounce rate
    – very long visit duration
    – multiple pages visited
    – tractable in google analytics
    – custom URL tracking provided
    – boost ranking in SERP, SEO, profit from CPM

    CLAIM YOUR 24 HOURS FREE TEST HERE=> ventfara@mail.com

    Thanks, Imogene Clay

Leave a Reply

Your email address will not be published. Required fields are marked *

2 + 9 =