hi,
The only thing that might, as far as I can see, succeed (with a high probability) would be for everyone to hash the *next* half - meaning that, together with half 2 of message N, there will be the hash of half one of message N + 1. However, I don't see how this would be possible for an interactive communication...
As far as i can extend the previous attack,i.e faking 1 packet for interlock protocol in the above 1 you propose,extending the same attack it only takes Mallory one and a half faked packets to launch a succefull attack on the above proposal. let A=Alice M=Mallory B=Bob let 1:1 indicate 1 st packet ,1st half 1:2 indicate 1 st packet , 2nd half 2:1 indicate 2 nd packet, 1st half 2:2 indicate 2nd packet , 2nd half and so on so we are now have 1:2 and 2:1 as one complete message and so on No: A M B 1 A->1:1 M->1:1 2 M->1:1 B->1:1 3 A->1:2 M->1:2 4 M->1:2 B->1:2 5 A->2:1 M->2:1 6 M->2:1 B->2:1 7 A->2:2 ****** The blank spaces corresponding to each row indicates that it is a sender and the other 2 are receivers. Once Mallory receives A->2:2 ,he has 2 full packets in hand and has faked 1 and a half packets(Step 7) **** indicates that it is now the earler packet Bob receives of Alice after Mallory's manupilation. I hope that table will give some clarity. now he can send Bob the original message of Alice. So I think the above suggested protocol will not work. Mallory can still get away with his scheme Regards Data. --- Marcel Popescu <mdpopescu@subdimension.com> wrote:
From: "gfgs pedo" <jtrjtrjtr2001@yahoo.com>
One solution suggested against the man in the middle attack is using the interlock protocol
This is the one I vaguely recalled, thank you.
All mallory would have to do is send the half of the (n th) packet when he receives the half of (n+1)th packet since the 1 st packet was faked by mallory.
Interesting attack... assuming that a one-block delay doesn't look suspicious.
What if every message except the very first one has a hash of the previously received message?
A -> (M ->) B: half 1 of message A1 B -> (M ->) A: half 1 of message B1 | hash (half 1 of message A1) A -> (M ->) B: half 2 of message A1 | hash (half 1 of message B1) B -> (M ->) A: half 2 of message B1 | hash (half 2 of message A1) A -> (M ->) B: half 1 of message A2 | hash (half 2 of message B1) ... and so on
Nah... won't work; since M captures A1 and B1, he can compute the hashes for both the initial bogus message and the (delayed) genuine ones. Same if they try hasing all the previous messages.
What if they send the hash of the *other* half? (The program splitting the messages already has the full ones.)
A -> (M ->) B: half 1 of message A1 | hash (half 2 of message A1) B -> (M ->) A: half 1 of message B1 | hash (half 2 of message B1) A -> (M ->) B: half 2 of message A1 | hash (half 1 of message A1) B -> (M ->) A: half 2 of message B1 | hash (half 1 of message B1) ... and so on
Nope, no good... M fakes the first message in both direction, and then he always has a good one, so he can compute the hashes.
The only thing that might, as far as I can see, succeed (with a high probability) would be for everyone to hash the *next* half - meaning that, together with half 2 of message N, there will be the hash of half one of message N + 1. However, I don't see how this would be possible for an interactive communication...
Thanks, Mark
__________________________________________________ Do You Yahoo!? Sign up for SBC Yahoo! Dial - First Month Free http://sbc.yahoo.com