A toxonomy of eavesdropping attacks
Sandelman Software Works
mcr+ietf@sandelman.ca
Internet
anima Working Group
Internet-Draft
The terms on-path attacker and Man-in-the-Middle Attack have been used in a variety of ways, sometimes interchangeably, and sometimes meaning different things.
This document offers an update on terminology for network attacks.
A consistent set of terminology is important in describing what kinds of attacks a particular protocol defends against, and which kinds the protocol does not.
Introduction
A number of terms have been used to describe attacks against networks.
In the paper, the attacker is assumed to be able to:
- view messages as they are transmitted
- selectively delete messages
- selectively insert or modify messages
Some authors refer to such an attacker as an "on-path" attack [reference], or a "Man-in-the-Middle" attack [reference].
In general, most authors form a clear consensus about this mode.
Some authors are not happy with the gender of the attack ("Man") being assumed, and have sought other terminology.
Where opinions diverge is what to call other forms of attack or eavesdropping.
The term "passive attack" has been used in many cases to describe situations where the attacker can only observe messages, but can not intersept, modify or delete any messages.
There are situations where an eavesdropper has a better network connection than the actual corresponds, and so while no messages can be removed, such an attacker may be able to beat the original packet in a race.
The summary is that there are probably three variations of attack:
- An on-path attacker that can view, delete and modify messages. This is the Dolev-Yao attack.
- An off-path attacker that can view messages and insert new messages.
- An off-path attacker that can only view messages.
Three proposals on terminology
This document aspires to pick a single set of terms and explain them.
QUIC terms
ended up with a different taxonomy:
- On-path [Dolev-Yao]
- Off-path
- Limited on-path (cannot delete)
Malory/Man in various places
proposes:
- man-in-the-middle [Dolev-Yao]
- man-on-the-side
- man-in-the-rough
Alternatively:
- Malory-in-the-middle [Dolev-Yao]
- Malory-on-the-side
- Malory-in-the-rough
Council of Attackers
proposes the "the council of attackers"
- malicious messenger [Dolev-Yao: who rewrites messages sent]
- oppressive observer [who uses your information against you]
Security Considerations
This document introduces a set of terminology that will be used in many Security Considerations sections.
IANA Considerations
This document makes no IANA requests.
Acknowledgements
The SAAG mailing list.
References
Normative References
Internet Security Glossary, Version 2
This Glossary provides definitions, abbreviations, and explanations of terminology for information system security. The 334 pages of entries offer recommendations to improve the comprehensibility of written material that is generated in the Internet Standards Process (RFC 2026). The recommendations follow the principles that such writing should (a) use the same term or definition whenever the same concept is mentioned; (b) use terms in their plainest, dictionary sense; (c) use terms that are already well-established in open publications; and (d) avoid terms that either favor a particular vendor or favor a particular technology or mechanism over other, competing techniques that already exist or could be developed. This memo provides information for the Internet community.
Informative References
On the Security of Public Key Protocols
QUIC terms for attacks
Man-in-the-Middle
Council of Attackers