Active attack: Difference between revisions
imported>Sandy Harris (typo) |
imported>Sandy Harris No edit summary |
||
Line 5: | Line 5: | ||
In [[cryptography]] an '''active attack''' on a communications system is one in which the attacker changes the communication. He may forge, alter, replace, block or reroute messages. This contrasts with a [[passive attack]] in which the attacker only eavesdrops; he may read messages he is not supposed to see, but he does not alter messages. | In [[cryptography]] an '''active attack''' on a communications system is one in which the attacker changes the communication. He may forge, alter, replace, block or reroute messages. This contrasts with a [[passive attack]] in which the attacker only eavesdrops; he may read messages he is not supposed to see, but he does not alter messages. | ||
Active | Active attacks include: | ||
* [[man-in-the-middle attack]]; the attacker tricks both communicating parties into communicating with him; they think they are talking to each other | * [[man-in-the-middle attack]]; the attacker tricks both communicating parties into communicating with him; they think they are talking to each other | ||
* [[Stream_cipher#Rewrite_attacks | rewrite attacks]]; the attacker can replace a message with anything he chooses | * [[Stream_cipher#Rewrite_attacks | rewrite attacks]]; the attacker can replace a message with anything he chooses |
Revision as of 04:35, 1 November 2008
In cryptography an active attack on a communications system is one in which the attacker changes the communication. He may forge, alter, replace, block or reroute messages. This contrasts with a passive attack in which the attacker only eavesdrops; he may read messages he is not supposed to see, but he does not alter messages.
Active attacks include:
- man-in-the-middle attack; the attacker tricks both communicating parties into communicating with him; they think they are talking to each other
- rewrite attacks; the attacker can replace a message with anything he chooses
Successful active attacks are devastating; if the attacker can replace messages and have them taken as genuine, it is all over. The security system is then at best worthless; at worst it is of great value to the enemy. Fortunately, active attacks are often hard to execute.
Moreover, cryptographic authentication provides a complete defense against active attackers. Public key techniques are often used to authenticate people or devices, to ensure communication is with the right party and prevent man-in-the-middle attacks. Packets or messages are often authenticated with a hashed message authentication code; this prevents rewrite attacks, among others.