Re: Need some education: Man-in-the-Middle Attacks



Thank you for showing a useful URL.

The answer to your question would be found on the White Paper which the
same company, Vandyke, has on their Web:
http://www.vandyke.com/solutions/whitepapers.html
The latest paper, "Understanding Host Keys" is the one -I think, if I
interpreted your question correctly.

The summary of the answer is, "Eve needs the SECRET KEY of Alice in
order to impersonate her." Authentication message is encrypted (I am not
sure. It might be signed) by the secret key and Bob, who received the
authentication message, checks whether the message was really encrypted
by Eve's secret key. Therefore simply having Alice's PUBLIC KEY is
useless in the MitM attack.

Christ, Bryan wrote:

http://www.vandyke.com/solutions/ssh_overview/ssh_overview_threats.html

So my question is this... Given the illustration in the URL above, what
prevents Eve from *first* contacting Alice to obtain a fingerprint which
then gets passed to Bob on the first connection attempt?


--

Masahito Gotaishi, Researcher
R & D Initiative, Chuo University
1-13-27 Kasuga, Bunkyo, Japan, 112-8551
DDI:03-3817-1621, FAX:03-3817-1606