Options

# Can anyone easily explain Meet-In-The-Middle Crypto Attack?

Member Posts: 1,118
I've read this thru a few times and have Googled the subject and still not understanding how this attack is done.

I'm reading E Conrad's description and still not able to understand this.
***Freedom of Speech, Just Watch What You Say*** Example, Beware of CompTIA Certs (Deleted From Google Cached)

"Its easier to deceive the masses then to convince the masses that they have been deceived."
-unknown

• Options
Member Posts: 978
Ok,

If you reference page 118 in his book. He talks about this being a double DES Encrypt Encrypt attack. Thinking about it from a chaining perspective helped me. You are performing a known text attack against a single DES 56 bit Key space to deduce the 64 bit key. If you try to deduce the key at the end you effectively have to break a 112 bit encryption. By breaking the first DES key you then know what is being fed into the second key space. Now you can work on breaking the second key. Once you have both keys you can decrypt the message. You could break the 112 bit at the end but it would have a much higher work factor.

Also using the Triple DES Key EDE will help combat the man in the middle because you are breaking the ability to perform a man in the middle with the decrypt. This means the attacker still has to deal with a 112bit and a 56 bit.

Hope this helps and pardon the spelling...

-Phil
• Options
Member Posts: 1,118
philz1982 wrote: »
Ok,

If you reference page 118 in his book.

I have the 2nd Edition, in which pg 118 refers to Chp3, telecommunications and network security domain.

In 2nd Edition, Meet-In-The-Middle paragraphs are on pg 242.
***Freedom of Speech, Just Watch What You Say*** Example, Beware of CompTIA Certs (Deleted From Google Cached)

"Its easier to deceive the masses then to convince the masses that they have been deceived."
-unknown
• Options
Member Posts: 978
Sorry mine is version 1. It's Chapter 4 domain 3. Under attacks. Meet-In-the-Middle attack.

First sentence is A meet-in-the-middle attack encrypts on one side, decrypts on the other side, andmeets in the middle.