Active attack: Difference between revisions

From Citizendium
Jump to navigation Jump to search
imported>Sandy Harris
(new page, basic info, some links)
 
imported>Sandy Harris
(typo)
Line 10: Line 10:
Successful active attacks are devastating; if the attacker can replace messages and have them taken as genuine, it is all over. The security system is then at best worthless; at worst it is of great value to the enemy. Fortunately, active attacks are often hard to execute.
Successful active attacks are devastating; if the attacker can replace messages and have them taken as genuine, it is all over. The security system is then at best worthless; at worst it is of great value to the enemy. Fortunately, active attacks are often hard to execute.


Moreover, [[cryptographic authentication]] provides a complete defense against active attackers. [[Public key]] techniques are often used to authenticate people or devices, to ensure communication is with the right party and prevent [[man-in-the-middle attack]]s. Packets or messages are often authenticated with a [[hashed message authentication]] code; this prevents [[Stream_cipher#Rewrite_attacks | rewrite attacks]], among others.
Moreover, [[cryptographic authentication]] provides a complete defense against active attackers. [[Public key]] techniques are often used to authenticate people or devices, to ensure communication is with the right party and prevent [[man-in-the-middle attack]]s. Packets or messages are often authenticated with a [[hashed message authentication code]]; this prevents [[Stream_cipher#Rewrite_attacks | rewrite attacks]], among others.

Revision as of 05:33, 1 November 2008

This article is developing and not approved.
Main Article
Discussion
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
 
This editable Main Article is under development and subject to a disclaimer.
For more information, see: Cryptography.

Template:TOC-right

In cryptography an active attack on a communications system is one in which the attacker changes the communication. He may forge, alter, replace, block or reroute messages. This contrasts with a passive attack in which the attacker only eavesdrops; he may read messages he is not supposed to see, but he does not alter messages.

Active attack include:

  • man-in-the-middle attack; the attacker tricks both communicating parties into communicating with him; they think they are talking to each other
  • rewrite attacks; the attacker can replace a message with anything he chooses

Successful active attacks are devastating; if the attacker can replace messages and have them taken as genuine, it is all over. The security system is then at best worthless; at worst it is of great value to the enemy. Fortunately, active attacks are often hard to execute.

Moreover, cryptographic authentication provides a complete defense against active attackers. Public key techniques are often used to authenticate people or devices, to ensure communication is with the right party and prevent man-in-the-middle attacks. Packets or messages are often authenticated with a hashed message authentication code; this prevents rewrite attacks, among others.