Active attack
In cryptography an active attack on a communications system is one in which the attacker changes the communication. He may create, forge, alter, replace, block or reroute messages. This contrasts with a passive attack in which the attacker only eavesdrops; he may read messages he is not supposed to see, but he does not alter messages.
Active attacks on communication
Active attacks that target the communication system itself include:
- man-in-the-middle attack; the attacker tricks both communicating parties into communicating with him; they think they are talking to each other
- rewrite attacks; the attacker can replace a message with anything he chooses
Successful active attacks are devastating! If the attacker can replace messages and have them taken as genuine, it is all over. The security system is then at best worthless; at worst it is of great value to the enemy.
Fortunately, these attacks are generally hard to execute. The attacker must not only intercept messages, break whatever cryptography is in use (often both an authentication mechanism and a cipher), and send off his bogus message; he also has to block delivery of the genuine message. Moreover, he has to do it all in real time, fast enough to avoid alerting his victims and to beat whatever synchronisation mechanisms the network may be using. A cryptosystem that an enemy can break in hours or days would generally be considered insecure, even worthless, but it will prevent active attacks as long as the enemy cannot break it quickly enough to replace messages.
Note, however, that in some applications the previous paragraph does not apply. For example, if the encrypted "message" is actually a stored document, then an attacker may have ample time and it may be relatively easy to replace the document.
Cryptographic authentication can provide a complete defense against this group of active attacks.
- Public key techniques are often used for source authentication, to authenticate people or devices. This ensures that communication is with the right party and prevents man-in-the-middle attacks.
- Packets or messages are often authenticated with a hashed message authentication code, for data integrity protection. This prevents rewrite attacks, among others.
Systems that combine several cryptographic techniques are called hybrid cryptosystems.
Impersonation attacks
A whole range of active attacks in which the attacker impersonates a legitimate player are possible. Nearly all require defeating or bypassing some authentication mechanism.
Many of these rely on deception or some related form of social engineering. More than one system has been broken by someone simply pretending to be from network support and asking for passwords. Phishing emails may pretend to be from a bank and lead the victim to a web site that looks much like the bank's site, but if the victim is deceived into logging in then the attacker gets his password.
Some attacks rely on "practical cryptanalysis", simply stealing passwords. These range from simple "shoulder surfing", reading a password as it is typed, to things like installing a hidden camera above an Automatic Teller Machine (ATM), to burglary or "dumpster diving".
Other attacks are based on "rubber hose cryptanalysis", using force, threats, intimidation, or even torture to extract passwords. One example is the British Regulation of Investigatory Powers Act (RIPA) which makes it a criminal offense to withhold such data from police under some circumstances.
Other attacks, such as a dictionary attack on a password system or network sniffing, are more technical than social, but they have similar goals — acquire passwords or other credentials so that you can impersonate the user.
Still other attacks are indirect; an attacker subverts a computer by whatever means and then uses that computer and its data to perform impersonations. Often taking over a machine gives the miscreant credentials that can be used elsewhere.
A burglar in an office or a thief with a stolen laptop may find that the machine is set up not to require a password for login; this is convenient for users, so quite common. Unfortunately, it is also very convenient for thieves. If a password is required, that is easily bypassed if booting from a USB key or CD is possible. Viruses can take over a user account, or even the entire machine if the user is running as administrator, a common bad habit among Windows users and not unknown elsewhere.
If your browser is set up to automatically connect to your email account and to remember the password for that account, then anyone who gains access to the computer as you can read all your emails and can send email in your name. PGP is a partial defense against this — simply getting into your computer and email account does not allow an attacker either to read encrypted emails or to PGP-sign mail in your name. However, if the attacker has taken over your machine, he can defeat PGP by installing a keyboard logger to get the PGP passphrase.
Browser history may give an attacker account information for high-value links — PayPal or online banking, or a VPN connection to an employer's network. Simply telling the browser never to remember passwords for such links avoids "giving away the farm", letting any attacker or virus that gets into your account have everything. However, this too can be defeated by a keystroke logger.