7

This came up while discussing Web & insecure HTTP - Using RSA for encrypting passwords on the client side

Is there any such situation possible when requesting an HTTP page where an attacker is able to read all the communications but is not able to modify/spoof the communications?

Till now I've worked with ARP spoofing, which lets one modify packets if necessary. AFAICT if the network is willing to send you packets which aren't yours, the network will accept packets coming from you that appear to come from someone else.

Community
  • 1
Manishearth
  • 8,237
  • 5
  • 34
  • 56
  • 1
    One could imagine a stream which is HMACed but not encrypted, anything that is digitally signed is tamper evident. – lynks Apr 28 '13 at 12:18

1 Answers1

3

Passive-only attack scenarios tend to be rather specialized. Mostly, they involve radio links; the attacker can play with a homemade reception antenna, but is not rich enough to build an emitter which can drown out the genuine signal. This rarely applies to the Internet; this is more relevant to military on-field communications.

It could be argued that defeating passive attackers forces said attackers to go active, making them potentially easier to detect and retaliate upon. That's a rather weak argument, though. There again, it more applies to spy networks than to Internet business.

Thomas Pornin
  • 320,799
  • 57
  • 780
  • 949
  • 1
    (not my downvote) So there's no technological barrier preventing an attacker from going active in any MITM attack? It's just a financial or strategic choice? – Manishearth Apr 28 '13 at 12:21
  • As @links says, you can make an unencrypted, tamper-resistant data tunnel (e.g. with IPSec in "AH" mode), but that's rather artificial: you have to go to the trouble of managing cryptographic keys and computing MAC, and then refrain from actually encrypting the data, although it would be very easy at that point. That's not something that is often encountered in the field. – Thomas Pornin Apr 28 '13 at 13:48