Categories
Welcome Center
Education & Development
Cyber Security
Virtualization
General
Certification Preparation
Project Management
Posts
Groups
Training Resources
Infosec
IT & Security Bootcamps
Practice Exams
Security Awareness Training
About Us
Home
Certification Preparation
(ISC)²
SSCP
Can anyone easily explain Meet-In-The-Middle Crypto Attack?
JockVSJock
I've read this thru a few times and have Googled the subject and still not understanding how this attack is done.
I'm reading E Conrad's description and still not able to understand this.
Find more posts tagged with
Comments
philz1982
Ok,
If you reference page 118 in his book. He talks about this being a double DES Encrypt Encrypt attack. Thinking about it from a chaining perspective helped me. You are performing a known text attack against a single DES 56 bit Key space to deduce the 64 bit key. If you try to deduce the key at the end you effectively have to break a 112 bit encryption. By breaking the first DES key you then know what is being fed into the second key space. Now you can work on breaking the second key. Once you have both keys you can decrypt the message. You could break the 112 bit at the end but it would have a much higher work factor.
Also using the Triple DES Key EDE will help combat the man in the middle because you are breaking the ability to perform a man in the middle with the decrypt. This means the attacker still has to deal with a 112bit and a 56 bit.
Hope this helps and pardon the spelling...
-Phil
JockVSJock
philz1982
wrote:
»
Ok,
If you reference page 118 in his book.
I have the 2nd Edition, in which pg 118 refers to Chp3, telecommunications and network security domain.
In 2nd Edition, Meet-In-The-Middle paragraphs are on pg 242.
philz1982
Sorry mine is version 1. It's Chapter 4 domain 3. Under attacks. Meet-In-the-Middle attack.
First sentence is A meet-in-the-middle attack encrypts on one side, decrypts on the other side, andmeets in the middle.
That should help you look for it if you have the PDF version.
beads
Maybe a bit oversimplified and in a lecture based series but covers everything you need to understand how man-in-the-middle attacks occur in living 4-bit:
CSS322, Lecture 08, 30 Nov 2012 - YouTube
You while oft difficult to find exactly what your looking for is often a really good, if not overlooked, resource.
- beads
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
