I’ve seen a couple of explanations, but I don’t understand it completely. Most explanations go something like this. Alice requests Bob for a key. Bob sends the key back. Eve(attacker) receives bob’s key stores it, then sends Alice a different key. when Alice sends bob things, eve can decrypt it since Alice is using Eve’s key. Eve then re-encrypts it using bobs key then sends it back to bob. The part I don’t understand is why Eve supplies Alice with a different key. Alice already knows bob’s key, so couldn’t she already intercept Alice’s messages and read them?
In: Technology
During a MITM attack, the attacker effectively becomes a proxy. Sending the user the data they expect to see, but also reading /stealing the data on its way by.
The attacker sends their own key so that they can decrypt and re-encrypt the traffic.
This isn’t 100% accurate, but illustrates the concept.
Computer (C)
Server (S)
Attacker (A)
(C) -> let’s talk, give me a key -> (S)
(A) -> I’m “C” -> (S)
(C) <- I’m “S” <- (A)
(A) <- here’s servers key <- (S)
(C) -> here’s computers key -> (A)
(C) <- here’s attackers key <- (A) -> here’s attackers key2 -> (S)
(C) <-encrypted convo-> (A) <-encrypted convo-> (S)
Latest Answers