[SOLVED] Can encryption beat a man-in-the-middle attack?
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
If I could get physical access to a server and store a few GB of really random text on the server, or somehow store it when there is NO man in the middle, I could then program a special proxy in the server whereby the link between me and the proxy would be encrypted with the one-time pad method, ie by simply XORing the random text with the data.
Then it is impossible to break the encryption, but it is also impossible for the man in the middle to harm me by directing me to another server of theirs, because that other server does not have a copy of the secret random text.
1. Can the same be achieved by conventional encryption schemes like SSL or PGP when I do NOT have physical access to a proxy?
2. Can a conventional authentication take place somewhere where there is no man in the middle, at a cafe or something, and then continue my access at a place where I know there is a man in the middle to any access to the internet?
I'd suggest a Google search for one time passwords (OTP). Also read RFC 2222. Look up OPIE (One Time Passwords in Everything) and the pam_opie module.
SSH and others are susceptible to man-in-the-middle attack during the initial connection. Certificates were supposed to take care of that possibility. If you do have physical access to the server and can save your public key on it, and grab it's public key, then AFAIK, you won't be susceptible.
You don't seem to be separating authentication and encryption at all in your scheme. The encryption would be unbreakable as long as you never reused the key. If an attacker has two encoded messages using the same key, guessing the contents of one message, xor'ing the guess and applying it to the second message would be trivial. Also consider that "really random text" isn't easy. Also you would need several GB of keys for each server and you would need to keep them straight.
The US used one time pads for communications with submarines in WW1. They carried in several suitcases of keys when they make port. On of the axis powers found out about this and adopted OTP themselves, however they didn't know that you should never ever reuse the keys. Their codes were broken. OTP allows one-to-one communication, but what about server A talking to server B?
Thanks. By the way, I am aware of the one-time requirement, I think it was mentioned.
Given that physical access is not really an option, what if I can assume that there is no MITM in one session, and use that session to save my public key on the proxy, and grab its public key as you are saying (how do I do this?). Then how do I tell my browser in another session to connect to that proxy according to the keys?
why dont you set up apache with ssl and make a server cert and a client soft cert and then make the website require the client cert. If there is a client cert you cant man-in-the-middle the connection because the middle man does not have 2 certs that would be required.
The supposed "security" of a one-time pad is actually quite specious: the communications are actually no more, and no less, secure than the key itself. Realistically speaking, if you could possibly attain the necessary degree of protection for the key, you would have no need for encryption at all: if you can protect the key to that degree, then it follows that you'd also be able to protect the plaintext just as thoroughly, so why bother to encrypt it?
Furthermore, if someone did duplicate the "secret" key, and used it to encrypt bogus messages, you would have absolutely no way to know that the messages were not authentic. And if you somehow discovered the theft, well, you'd still be screwed: you'd have no way to repudiate the stolen key!
The weakness of the "impregnable" one-time key system is that the "secret" key must in fact be disclosed, in its entirety and in unprotected form, to every user of the crypto system!
A well-managed certificate based system has none of these deficiencies, because two people can securely communicate with one another (and only with one another) without either one of them having to reveal their personal secret. There are very sound reasons why these principles are used, even for high-grade military communications.
Last edited by sundialsvcs; 11-22-2009 at 03:32 PM.
if you can protect the key to that degree, then it follows that you'd also be able to protect the plaintext just as thoroughly, so why bother to encrypt it?
If it were one message being transmitted and no more, I'd use snail mail rather than send DVDs or physically access the server. What is required here is a secure proxy service for long term use, that can beat a MITM attack.
Btw, the suggestion of the one-time-pad was for a proxy of my own, not for a proxy shared with millions. The key is only held in my computer and the server. It does not ever appear in a wire, it is physically sent in a DVD. So the man in the middle has no chance. Only by breaking into the server. Or my computer.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.