man in the middle attacks revisited
play

Man-in-the-Middle attacks revisited Hugo Jonker, Rolando Trujillo, - PowerPoint PPT Presentation

Dec 30, 2023 •142 likes •401 views

Man-in-the-Middle attacks revisited Hugo Jonker, Rolando Trujillo, Sjouke Mauw Man-in-the-middle attack Diffie-Hellman Alice Bob new na new nb g na g nb K = (g nb ) na K = (g na ) nb Man-in-the-middle attack Diffie-Hellman Alice Bob Alice

  1. Man-in-the-Middle attacks revisited Hugo Jonker, Rolando Trujillo, Sjouke Mauw

  2. Man-in-the-middle attack Diffie-Hellman Alice Bob new na new nb g na g nb K = (g nb ) na K = (g na ) nb

  3. Man-in-the-middle attack Diffie-Hellman Alice Bob Alice Eve new na new nb new na new nb g na g na g nb g nb K = (g nb ) na K = (g na ) nb

  4. Man-in-the-middle attack Diffie-Hellman Diffie-Hell, man! Alice Bob Alice Eve new na new nb new na new nb g na g na g nb g nb K = (g nb ) na K = (g na ) nb

  5. Needham-Schroeder Roger Michael new na new nb {Roger, na} pk(Michael) {na, nb} pk(Roger) {nb} pk(Michael) Talking to Roger

  6. Needham, Schroeder & Lowe '95 Roger Gavin Gavin Michael new na new nb {Roger, na} pk(Gavin) {Roger, na} pk(Michael) {na, nb} pk(Roger) {na, nb} pk(Roger) {nb} pk(Gavin) {nb} pk(Lowe) Talking to Roger

  7. Just a few of many examples ● Academic: – Diffie-Hellman: 1976? – Lowe on Needham-Schroeder: 1995 ● Practice: – Moxie Marlinspike: ● SSLsniff: 2002 attacks IE5.5 ● SSLstrip: 2009 (Black Hat 2009) Conclusion: we're abundantly aware.

  8. Stopping the MitM? ● Theory: – Modelchecking (~ 1995) – Tagging (~ 2003) – Tool support (mCRL, Scyther, Tamarin,...) ● Practice: – Certificate Authorities – DNSSec – Certificate Pinning – ...

  9. Stopping the MitM? ● Theory: – Modelchecking (~ 1995) – Tagging (~ 2003) – Tool support (mCRL, Scyther, Tamarin,...) ● Practice: – Certificate Authorities – DNSSec – Certificate Pinning – ... Conclusion: we've got this.

  10. Meanwhile...

  11. POODLE attack [MDK14] ● Force downgrade of TLS ● Attack SSLv3.0 – RC4 is biased

  12. FREAK attack [S&P15] ● US export restrictions mandated weak crypto (RSA < 512 bits) ● Still supported in some TLS implementations ● MitM changes cipher spec to “weak crypto”

  13. LOGJAM attack [CCS15]

  14. DROWN attack [ASS+16] ● Take client's encrypted TLS messages ● Use SSLv2.0 server as decryption oracle

  15. DROWN attack [ASS+16] ● Take client's encrypted TLS messages ● Use SSLv2.0 server as decryption oracle In general, the attacker must passively capture about 1,000 TLS sessions using RSA key exchange, make 40,000 SSLv2 connections to the victim server and perform 2 50 symmetric encryption operations.

  16. That's all theoretical, right? MitM devices for cellphones: ● Stingray: $68,000 ● Gossamer: $19,000 ● Triggerfish: $90,000 ● Hailstorm: $170,000

  17. Conclusion: We definitely do not “have” this.

  18. Exploited flaws ● POODLE, Logjam, FREAK, DROWN: initialisation ● Cellphone MitM devices: new properties Both cases: not accounted for by protocol.

  19. Categorising attacks ● Protocol context – Initialisation ● User context – location

  20. Solution directions Embed context into formal security proofs ● With a trusted partner: context agreement ● Without a trusted partner: context verification

  21. Context agreement Note: agreement on observed context, not on actual context.

  22. Context verification

  23. Example application: GSM

  24. Conclusion ● Man-in-the-middle attacks still exist ● They are preventable ● Prevention: – Account for context ● Protocol context (initialisation) ● User context (location) – With or without trusted partner

  25. Thank you for your attention!

Recommend

MitM attacks on sessions t attac s o sess o s sws2 1 MitM (Man-in-the-Middle)attacks ( )

MitM attacks on sessions t attac s o sess o s sws2 1 MitM (Man-in-the-Middle)attacks ( )

Software and Web Security 2 MitM attacks on sessions t attac s o sess o s sws2 1 MitM (Man-in-the-Middle)attacks ( ) MitM attack: attacker gets between the browser and the web server, eg eg by setting up a wifi access point

345 views • 9 slides
Statistical Fault Attacks Revisited Application to Authenticated Encryption C. Dobraunig, M.

Statistical Fault Attacks Revisited Application to Authenticated Encryption C. Dobraunig, M.

Statistical Fault Attacks Revisited Application to Authenticated Encryption C. Dobraunig, M. Eichlseder, T. Korak, V. Lomn e, F. Mendel ASK 2016 The research leading to these results has received funding from the European Unions Horizon

551 views • 26 slides
Experiences on NFC Relay Attacks with Android: Virtual Pickpocketing Revisited e Vila ,

Experiences on NFC Relay Attacks with Android: Virtual Pickpocketing Revisited e Vila ,

Experiences on NFC Relay Attacks with Android: Virtual Pickpocketing Revisited e Vila , Ricardo J. Rodr guez Jos 594190@unizar.es, rj.rodriguez@unileon.es All wrongs reversed University of Zaragoza, Spain RIASC,

1.03k views • 53 slides
Practical Experiences on NFC Relay Attacks with Android Virtual Pickpocketing Revisited e Vila

Practical Experiences on NFC Relay Attacks with Android Virtual Pickpocketing Revisited e Vila

Practical Experiences on NFC Relay Attacks with Android Virtual Pickpocketing Revisited e Vila 1 and Ricardo J. Rodr Jos guez 2 1 DIIS, University of Zaragoza, Spain 2 Research Institute of Applied Sciences in Cybersecurity, University

337 views • 17 slides
Protecting Free and Open Communications on the Internet Against Man-in-the-Middle Attacks on

Protecting Free and Open Communications on the Internet Against Man-in-the-Middle Attacks on

Protecting Free and Open Communications on the Internet Against Man-in-the-Middle Attacks on Third-Party Software Jeffrey Knockel, Jedidiah Crandall Computer Science Department University of New Mexico Recent News Iran: forged SSL

569 views • 27 slides
Mars Attacks! Revisited. Differential Attack 12 Rounds of the MARS Core and Defeating the Complex

Mars Attacks! Revisited. Differential Attack 12 Rounds of the MARS Core and Defeating the Complex

MARS Distinguisher and Subkey Recovery Recovery of the secret key Attack Analysis Conclusion Mars Attacks! Revisited. Differential Attack 12 Rounds of the MARS Core and Defeating the Complex MARS Key Schedule INDOCRYPT11 Michael Gorski,

1.16k views • 48 slides
Lets Revoke Public key infrastructure prevents Man-in-the-Middle attacks Revocation protects

Lets Revoke Public key infrastructure prevents Man-in-the-Middle attacks Revocation protects

Lets Revoke Public key infrastructure prevents Man-in-the-Middle attacks Revocation protects clients from compromised certificates Without revocation, these attacks would go undetected 2 Certificate Revocation Lists (CRLs) Lists of

544 views • 27 slides
Exhausting Demirci-Sel cuk Meet-in-the-Middle Attacks against Reduced-Round AES Patrick Derbez

Exhausting Demirci-Sel cuk Meet-in-the-Middle Attacks against Reduced-Round AES Patrick Derbez

Introduction Demirci and Sel cuk Attack Differential Enumeration Technique Conclusion Exhausting Demirci-Sel cuk Meet-in-the-Middle Attacks against Reduced-Round AES Patrick Derbez 1 Pierre-Alain Fouque 1 , 2 Ecole Normale Sup

1.25k views • 60 slides
Certificate Measurements to Detect Man-in-the-Middle Attacks and Middleboxes Mark ONeill,

Certificate Measurements to Detect Man-in-the-Middle Attacks and Middleboxes Mark ONeill,

Certificate Measurements to Detect Man-in-the-Middle Attacks and Middleboxes Mark ONeill, Scott Ruoti, Kent Seamons, Daniel Zappala Internet Research Lab &amp; Internet Security Research Lab Brigham Young University Certificate validation

484 views • 14 slides
Heart Attacks in Middle-aged Recreational Athletes Karl Cernovitch Alex C. Samak Jay Brophy

Heart Attacks in Middle-aged Recreational Athletes Karl Cernovitch Alex C. Samak Jay Brophy

Heart Attacks in Middle-aged Recreational Athletes Karl Cernovitch Alex C. Samak Jay Brophy MD,PhD Mark Goldberg PhD Royal Victoria Hospital Clinical Epidemiology Unit If it happened to a Pro, it could happen to you! Montreal

963 views • 21 slides
Man in the Middle Attacks Engineering Secure Software Last Revised: September 1, 2020 SWEN-331:

Man in the Middle Attacks Engineering Secure Software Last Revised: September 1, 2020 SWEN-331:

Man in the Middle Attacks Engineering Secure Software Last Revised: September 1, 2020 SWEN-331: Engineering Secure Software Benjamin S Meyers 1 High Level View Allows the hacker to sit in between all communication between client and

398 views • 15 slides
in Middle Tennessee Prevent Asthma Attacks in Children Gwen Sunkel, Indiana University-Purdue

in Middle Tennessee Prevent Asthma Attacks in Children Gwen Sunkel, Indiana University-Purdue

Breathe Easy: Helping Parents in Middle Tennessee Prevent Asthma Attacks in Children Gwen Sunkel, Indiana University-Purdue University Indianapolis United Neighborhood Health Services Nashville, TN Introduction Gwen en Sun unkel, , RN

570 views • 15 slides
Man in the middle attacks on IEC 60870-5-104 Pete Maynard @pgmaynard ORCID 0000-0002-6267-7530

Man in the middle attacks on IEC 60870-5-104 Pete Maynard @pgmaynard ORCID 0000-0002-6267-7530

Man in the middle attacks on IEC 60870-5-104 Pete Maynard @pgmaynard ORCID 0000-0002-6267-7530 Introduction Pete Maynard PhD Student CSIT Queen's University Belfast, UK Industrial Control System Security Partnership with

584 views • 34 slides
Hom and Ext, Revisited Justin Lyle Lawrence, KS justin.lyle@ku.edu April 28, 2018 JL Hom and

Hom and Ext, Revisited Justin Lyle Lawrence, KS justin.lyle@ku.edu April 28, 2018 JL Hom and

Hom and Ext, Revisited Hom and Ext, Revisited Justin Lyle Lawrence, KS justin.lyle@ku.edu April 28, 2018 JL Hom and Ext, Revisited Hom and Ext, Revisited Joint work with Hailong Dao and Mohammad Eghbali JL Hom and Ext, Revisited Hom

871 views • 45 slides
MitM attacks on HTTPS sessions Much of this material can also be seen in DEFCON 2009 presentation

MitM attacks on HTTPS sessions Much of this material can also be seen in DEFCON 2009 presentation

Software and Web Security 2 MitM attacks on HTTPS sessions Much of this material can also be seen in DEFCON 2009 presentation by Moxie Marlinspike; see URL on course page sws2 1 MitM (Man-in-the-Middle) attacks MitM attack: attacker

971 views • 38 slides
Boomerang Connectivity Table Revisited Ling Song 1,2 , Xianrui Qin 3 , Lei Hu 2 1. Nanyang

Boomerang Connectivity Table Revisited Ling Song 1,2 , Xianrui Qin 3 , Lei Hu 2 1. Nanyang

Boomerang Connectivity Table Revisited Ling Song 1,2 , Xianrui Qin 3 , Lei Hu 2 1. Nanyang Technological University, Singapore 2. Institute of Information Engineering, CAS, China 3. Shandong University, China FSE 2019 @ Paris Boomerang Attacks

483 views • 37 slides
Match Box Meet-in-the-Middle Attack against KATAN Thomas Fuhr and Brice Minaud ANSSI, France

Match Box Meet-in-the-Middle Attack against KATAN Thomas Fuhr and Brice Minaud ANSSI, France

Match Box Meet-in-the-Middle Attack against KATAN Thomas Fuhr and Brice Minaud ANSSI, France FSE, March 3-5 2014 Plan 1 Match Box Meet-in-the-Middle Attacks Sieve-in-the-Middle Framework Match Box Cryptanalysis of KATAN 2 Description

1.61k views • 37 slides
NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3

NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3

CMPS122: COMPUTER SECURITY NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3 due tonight NETWORKING ATTACKS LAST TIME TCP/IP networking stack Physical layer Data link layer Network

1.1k views • 61 slides
The middle program $ middle 3 3 5 middle: 3 $ middle 2 1 3 middle: 1 10 10 int main(int

The middle program $ middle 3 3 5 middle: 3 $ middle 2 1 3 middle: 1 10 10 int main(int

Detecting Anomalies Andreas Zeller 1 Tracing Infections For every infection, we must find the earlier infection that causes it. Which origin should we focus upon? 2 2 Tracing Infections 3 3 Focusing on Anomalies

522 views • 27 slides
Generic Attacks on Stream Ciphers John Mattsson Generic Attacks on Stream Ciphers 2/22

Generic Attacks on Stream Ciphers John Mattsson Generic Attacks on Stream Ciphers 2/22

Generic Attacks on Stream Ciphers John Mattsson Generic Attacks on Stream Ciphers 2/22 Overview What is a stream cipher? Classification of attacks Different Attacks Exhaustive Key Search Time Memory Tradeoffs

656 views • 22 slides
Wireless Security Wireless Network Attacks Access control attacks These attacks attempt to

Wireless Security Wireless Network Attacks Access control attacks These attacks attempt to

Wireless Security Wireless Network Attacks Access control attacks These attacks attempt to penetrate a network by using wireless or evading WLAN access control measures, like AP MAC filters and 802.1X port access controls. Type of Attack

184 views • 7 slides
Welcome to Randolph Middle School An IB World School Randolph Middle School

Welcome to Randolph Middle School An IB World School Randolph Middle School

Welcome to Randolph Middle School An IB World School Randolph Middle School Charlotte-Mecklenburg Schools International Baccalaureate Middle Years Program Grades 6 8 Brian Bambauer, Principal Fast Facts RMS was built in1967

673 views • 40 slides
WELCOME TO LASALLE SPRINGS MIDDLE SCHOOL! Which one are you? MIDDLE SCHOOL MODEL Image taken

WELCOME TO LASALLE SPRINGS MIDDLE SCHOOL! Which one are you? MIDDLE SCHOOL MODEL Image taken

WELCOME TO LASALLE SPRINGS MIDDLE SCHOOL! Which one are you? MIDDLE SCHOOL MODEL Image taken from Noblesville East Middle School MIDDLE SCHOOL TEAMS 6 TH GRADE LEVEL TEAMS Searchers Seekers TEACHER MAKE-UP 2 Language Arts 1 Social

546 views • 42 slides
Revere Middle School Welcome to Middle School! A major goal of middle school is to help students

Revere Middle School Welcome to Middle School! A major goal of middle school is to help students

Revere Middle School Welcome to Middle School! A major goal of middle school is to help students learn how they can be successful learners and creative problem solvers. We strive to help students find the balance of challenging themselves

439 views • 18 slides

More recommend