Internet-Draft MITM December 2020
Richardson Expires 2 July 2021 [Page]
Workgroup:
anima Working Group
Internet-Draft:
draft-richardson-saag-onpath-attacker-01
Published:
Intended Status:
Standards Track
Expires:
Author:
M. Richardson
Sandelman Software Works

A toxonomy of eavesdropping attacks

Abstract

The terms on-path attacker and Man-in-the-Middle Attack have been used in a variety of ways, sometimes interchangeably, and sometimes meaning different things.

This document offers an update on terminology for network attacks. A consistent set of terminology is important in describing what kinds of attacks a particular protocol defends against, and which kinds the protocol does not.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on 2 July 2021.

Table of Contents

1. Introduction

A number of terms have been used to describe attacks against networks.

In the [dolevyao] paper, the attacker is assumed to be able to:

Some authors refer to such an attacker as an "on-path" attack [reference], or a "Man-in-the-Middle" attack [reference]. In general, most authors form a clear consensus about this mode. Some authors are not happy with the gender of the attack ("Man") being assumed, and have sought other terminology.

Where opinions diverge is what to call other forms of attack or eavesdropping.

The term "passive attack" has been used in many cases to describe situations where the attacker can only observe messages, but can not intersept, modify or delete any messages.

There are situations where an eavesdropper has a better network connection than the actual corresponds, and so while no messages can be removed, such an attacker may be able to beat the original packet in a race.

The summary is that there are probably three variations of attack:

  1. An on-path attacker that can view, delete and modify messages. This is the Dolev-Yao attack.
  2. An off-path attacker that can view messages and insert new messages.
  3. An off-path attacker that can only view messages.

2. Three kinds of attack

The attacks are numbered in this section as no consensus on naming the attacks yet. In the diagrams below, the sender is named "Alice", and the recipient is named "Bob", as is typical in many cryptographic protocols [alicebob], as first introduced by [digisign].

The attacker in is named "Mallory"

.-------.                   .-----.
| Alice |------------------>| Bob |
'-------'                   '-----'
Figure 1: Alice communicating with Bob

2.1. First Kind of attack

In this attack, the attacker is involved with the forwarding of the packets. A firewall or network router is ideally placed for this attack.

.-------.      ***********       .-----.
| Alice |------* Mallory *------>| Bob |
'-------'      ***********       '-----'
Figure 2: The first kind of attack

In this case Mallory can:

  • view all packets
  • selectively forward or drop any packet
  • modify any packets that is forwarded
  • insert additional packets

2.2. Second Kind of attack

In this attack, the attacker is not involved with the forwarding of the packets. The attacker receives a copy of packets that are sent. This could be from, for instance, a mirror port or SPAN [span]. Alternatively, a copy of traffic may be obtained via passive (optical) tap [fibertap].

.-------.                        .-----.
| Alice |---------.------------->| Bob |
'-------'         |              '-----'
                  v
             ***********
             * Mallory *
             ***********
Figure 3: The second kind of attack

In this case Mallory can:

  • view all packets

2.3. Second Kind of attack with bypass

In some cases, Mallory may be able to send messages to Bob via another route which due to some factor will arrive at Bob prior to the original message from Alice.

.-------.                  .->--.    .-----.
| Alice |---------------|  |    |  .>| Bob |
'-------'     |         |  |    |  | '-----'
              |         |  |    v  |     ^
              |         |  |    |  |     |
              v         '-->    '->|     |
         ***********                     |
         * Mallory *---------------------'
         ***********
Figure 4: The second kind of attack with bypass

In that case Mallory can:

  • view all packets
  • insert additional/copied packets into the stream

But Mallory will be unable to drop or modify the original packets. Bob however, may be unable to distinguish packets from Alice vs packets sent from Mallory that purport to be from Alice.

2.4. Third Kind of attack

The third kind of attack is one in which Mallory can not see any packets from Alice. This is usually what is meant by an "off-path" attack. Mallory can usually forge packets purporting to be from Alice, but can never see Alice's actual packets.

.-------.                            .-----.
| Alice |--------------------------->| Bob |
'-------'                            '-----'
                                         ^
                                         |
                                         |
         ***********                     |
         * Mallory *---------------------'
         ***********
Figure 5: The third kind of attack

In this case Mallory can:

  • insert additional packets

3. Three proposals on terminology

This document aspires to pick a single set of terms and explain them.

3.1. QUIC terms

[quic] ended up with a different taxonomy:

  • nn-path [Dolev-Yao]
  • Limited on-path (cannot delete)
  • Off-path

3.2. Malory/Man in various places

[malory] proposes:

  • man-in-the-middle [Dolev-Yao]
  • man-on-the-side
  • man-in-the-rough

Alternatively:

  • Malory-in-the-middle [Dolev-Yao]
  • Malory-on-the-side
  • Malory-in-the-rough

3.3. Council of Attackers

[alliteration] proposes the "the council of attackers"

  • malicious messenger [Dolev-Yao: who rewrites messages sent]
  • oppressive observer [who uses your information against you]
  • off-path attacker

4. Security Considerations

This document introduces a set of terminology that will be used in many Security Considerations sections.

5. IANA Considerations

This document makes no IANA requests.

6. Acknowledgements

The SAAG mailing list.

7. Changelog

8. References

8.1. Normative References

[RFC4949]
Shirey, R., "Internet Security Glossary, Version 2", FYI 36, RFC 4949, DOI 10.17487/RFC4949, , <https://www.rfc-editor.org/info/rfc4949>.

8.2. Informative References

[alicebob]
"Alice and Bob", , <https://en.wikipedia.org/wiki/Alice_and_Bob>.
[alliteration]
"Council of Attackers", , <https://mailarchive.ietf.org/arch/msg/saag/R0uevzT0Vz9uqqaxiu98GtK1rks/>.
[digisign]
Rivest, R.L., Shamir, A., and L. Adleman, "A method for obtaining digital signatures and public-key cryptosystems", , <https://doi.org/10.1145/359340.359342>.
[dolevyao]
"On the Security of Public Key Protocols", , <https://www.cs.huji.ac.il/~dolev/pubs/dolev-yao-ieee-01056650.pdf>.
[fibertap]
"Fiber Tap", , <https://en.wikipedia.org/wiki/Room_641A>.
[malory]
"Man-in-the-Middle", , <https://mailarchive.ietf.org/arch/msg/saag/b26jvEz4NRHSm-Xva6Lv5-L8QIA/>.
[quic]
"QUIC terms for attacks", , <https://mailarchive.ietf.org/arch/msg/saag/wTtDYlRAADMmgqd6Vhm8rFybr_g/>.
[span]
"Port Mirroring", , <https://en.wikipedia.org/wiki/Port_mirroring>.

Contributors

Author's Address

Michael Richardson
Sandelman Software Works