This post is the first in a short series of articles about essential concepts in IT security to explain common security flaws in simple, everyday-life terms. This idea developed during an online presentation about IT security in the medical sector.
A man in the middle (MITM) scenario happens, when an unexpected party becomes part of an exchange between to individuals or entities. Let us imagine two friends somewhere in the world are good friends and are writing each other letters from time to time. To make things easier, we will name the two people Alice and Bob, which is a very common choice in information security. When Alice sends a letter to Bob, Bob can read this letter and respond to it by writing his own letter back to Alice. At some point, a malicious third party becomes interested in the communication between Alice and Bob. Let’s stick to common naming and call that malicious party „Eve“ (from eavesdropping). Eve is interested in the communication between Alice and Bob because she hopes to find information that she can use either to gain a personal advantage or to inflict harm on Alice or Bob. Eve decides to wait in front of the house of Bob every morning until the postman arrives and steal the letters from Bob’s mailbox. To stay undetected, she opens the letters (probably using hot steam), reads them, reseals the envelope and puts the letter back into Bob’s mailbox. This scenario works well for letters Bob receives from Alice, but is quite hard for letters Bob sends to Alice. In order to have all information on the exchange, Eve would also need access to the mail Bob sends out to Alice.
The mail system in Germany (and surely more other countries) is to some extend protected against MITM attacks, as mailboxes usually have a lock, that can only be opened by the righteous owner. Furthermore, if you send a letter, there’s another lock on the mailbox, that hopefully only can be opened by the postman. Bob and Alice could take countermeasures themselves as well to make things harder for Eve. They could send the post to someone else and pick it up there, hoping Eve doesn’t notice. Furthermore, they could come up with some more advanced techniques, like adding seals to their letters that cannot be restored by Eve using sealing wax together with the imprint of their heraldic ring. Furthermore, they could think of a secret code they use in their letters that only the two of them know to hide the content of the letter from Eve even if she gains physical access.
In IT security, most interactions between people or servers is at some point transmitted via a stream of bits and bytes. Very much like in real letters, some actor could try to catch this data transfer, read the information from it and pass the data along to the original recipient without him noticing. This can happen to all kind of data transmission from simple e-mail (or messenger) communication, over the data entered into forms on websites (passwords, credit card number etc.) to large data streams (such as software packages used for software updates or file system backups stored into a cloud). The countermeasures in the real-life example are transferable to these situations. One could try to confuse the attacker by sharing a common secret which corresponds loosely to the concept of security by obfuscation (which is considered quite weak). Having a key to your mailbox is like a password to your mail account. The better the password, the stronger the key (there is a huge discussion ongoing about what a „good“ password is, but TL;DR: it should be long and not inside a dictionary) and of course keeping the password safe from others is important. Inventing a secret language for all your messages is known in IT security as encryption and there a many good ways to do that and also some bad. Putting a seal on an envelope in a tamper-proof way is quite hard to do in IT security as usually data can be read and copied without changing it. Quantum cryptography might be the real-world solution to this challenge, but it yet needs to be proven safe, reliable and affordable.