Man-in-the-middle attack

A man-in-the-middle attack (often abbreviated MITM) is a form of active eavesdropping in which the attacker place himself physically or – today most often – logically between two communication parties to gain control over the data traffic between the users and to intercept or even manipulate the exchanged information.

The attacker makes independent connections with both parties and relays messages between them, making them believe that they are communicating via a direct, private connection. Therefore, all messages have to be intercepted and (modified) send on.

An example in the cellular network is the IMSI-Catcher attack.

The man-in-the-middle attack is an effective method to gain access to encrypted communication. The attacker intercepts the encryption key from the first party and sends another key to the second party, pretending that it is from the original communication partner. The forging of wrong keys allows him to decrypt all communication in this system.

To secure a system against MITM attacks the encryption key has to bee verified by an additional exchange of information (e.g. a hash code) over some kind of secure channel.

[ Back ]

The Babylon nG Secure Phone protects confidential mobile calls against all kind of tapping scenarios - without any loss of quality or comfort.

	Copyright © 2007,2008 Safe-com GmbH & Co. KG - Terms and Conditions - Site info - Sitemap
		ISO9001:2000 certified