]> A taxonomy of eavesdropping attacks Sandelman Software Works
mcr+ietf@sandelman.ca
Cloudflare Ltd.
jhoyland@cloudflare.com
Security Security Area Working Group Internet-Draft The terms on-path attacker and Man-in-the-Middle Attack have been used in a variety of ways, sometimes interchangeably, and sometimes meaning different things. This document offers an update on terminology for network attacks. A consistent set of terminology is important in describing what kinds of attacks a particular protocol defends against, and which kinds the protocol does not.
Introduction A number of terms have been used to describe attacks against networks. In the paper, the attacker is assumed to be able to:
  • view messages as they are transmitted
  • selectively delete messages
  • selectively insert or modify messages
Some authors refer to such an attacker as an "on-path" attacker [reference], or a "Man-in-the-Middle" [reference]. This type of attack is also refered to as a "monster-in-the-middle" attack. Despite a broad consensus on what is meant by a MITM attack, there is less agreement on the how to describe its variants. The term "passive attacker" has been used in many cases to describe situations where the attacker can only observe messages, but can not intercept, modify or delete any messages. Another variant is the case where an eavesdropper is not on the network path between the actual correspondants, and thus cannot drop messages, they may be able to inject packets faster than the correspondants, and thus beat legitimate packets in a race. As summarised, there are three broad variations of the MITM attacker:
  1. An on-path attacker that can view, delete and modify messages. This is the Dolev-Yao attack.
  2. An off-path attacker that can view messages and insert new messages.
  3. An off-path attacker that can only view messages.
Three kinds of attack The attacks are numbered in this section as no consensus on naming the attacks yet. In the diagrams below, the sender is named "Alice", and the recipient is named "Bob", as is typical in many cryptographic protocols , as first introduced by . The attacker is named "Mallory"
Alice communicating with Bob Alice Bob | Bob | '-------' '-----' ]]>
First Kind of attack In this attack, the attacker is involved with the forwarding of the packets. A firewall or network router is ideally placed for this attack.
The first kind of attack Alice Mallory Bob | Bob | '-------' '=========' '-----' ]]>
In this case Mallory can:
  • view all packets
  • selectively forward or drop any packet
  • modify any packets that is forwarded
  • insert additional packets
Second Kind of attack In this attack, the attacker is not involved with the forwarding of the packets. The attacker receives a copy of packets that are sent. This could be from, for instance, a mirror port or SPAN . Alternatively, a copy of traffic may be obtained via passive (optical) tap . This kind of attack is often associated with Pervasive Monitoring .
The second kind of attack Alice Bob Mallory | Bob | '-------' | '-----' v .=========. | Mallory | '=========' ]]>
In this case Mallory can:
  • view all packets
Second Kind of attack with bypass In some cases, Mallory may be able to send messages to Bob via another route which due to some factor will arrive at Bob prior to the original message from Alice.
The second kind of attack with bypass -> Alice > Bob -> Mallory --. .-----. | Alice |---------------| | | .>| Bob | '-------' | | | | | '-----' | | | v | ^ | | | | | | v '--> '->| | .=========. | |Mallory |---------------------' '=========. ]]>
In that case Mallory can:
  • view all packets
  • insert additional/copied packets into the stream
But Mallory will be unable to drop or modify the original packets. Bob however, may be unable to distinguish packets from Alice vs packets sent from Mallory that purport to be from Alice.
Third Kind of attack The third kind of attack is one in which Mallory can not see any packets from Alice. This is usually what is meant by an "off-path" attack. Mallory can usually forge packets purporting to be from Alice, but can never see Alice's actual packets.
The third kind of attack Alice Bob **** ** Mallory **** ** | Bob | '-------' '-----' ^ | | *********** | * Mallory *---------------------' *********** ]]>
In this case Mallory can:
  • insert additional packets
Three proposals on terminology This document aspires to pick a single set of terms and explain them.
QUIC terms ended up with a different taxonomy:
  • on-path [Dolev-Yao]
  • Limited on-path (cannot delete)
  • Off-path
Malory/Man in various places proposes:
  • man-in-the-middle [Dolev-Yao]
  • man-on-the-side
  • man-in-the-rough
Alternatively:
  • Malory-in-the-middle [Dolev-Yao]
  • Malory-on-the-side
  • Malory-in-the-rough
Council of Attackers proposes the "the council of attackers"
  • malicious messenger [Dolev-Yao: who rewrites messages sent]
  • oppressive observer [who uses your information against you]
  • off-path attacker
Security Considerations This document introduces a set of terminology that will be used in many Security Considerations sections.
IANA Considerations This document makes no IANA requests.
Acknowledgements The SAAG mailing list.
Changelog
References Normative References Internet Security Glossary, Version 2 This Glossary provides definitions, abbreviations, and explanations of terminology for information system security. The 334 pages of entries offer recommendations to improve the comprehensibility of written material that is generated in the Internet Standards Process (RFC 2026). The recommendations follow the principles that such writing should (a) use the same term or definition whenever the same concept is mentioned; (b) use terms in their plainest, dictionary sense; (c) use terms that are already well-established in open publications; and (d) avoid terms that either favor a particular vendor or favor a particular technology or mechanism over other, competing techniques that already exist or could be developed. This memo provides information for the Internet community. Informative References On the Security of Public Key Protocols QUIC terms for attacks Man-in-the-Middle Port Mirroring Fiber Tap Council of Attackers Alice and Bob A method for obtaining digital signatures and public-key cryptosystems MIT Lab. for Computer Science and Department of Mathematics, Cambridge, MA MIT Lab. for Computer Science and Department of Mathematics, Cambridge, MA MIT Lab. for Computer Science and Department of Mathematics, Cambridge, MA Pervasive Monitoring Is an Attack Pervasive monitoring is a technical attack that should be mitigated in the design of IETF protocols, where possible.
Contributors
ekr@rtfm.com
lberger@labn.net
aland@deployingradius.com
huitema@huitema.net