hi,
The only thing that might, as far as I can see, succeed (with a high probability) would be for everyone to hash the *next* half - meaning that, together with half 2 of message N, there will be the hash of half one of message N + 1. However, I don't see how this would be possible for an interactive communication...
As far as i can extend the previous attack,i.e faking
1 packet for interlock protocol in the above 1 you
propose,extending the same attack it only takes
Mallory
one and a half faked packets to launch a succefull
attack on the above proposal.
let
A=Alice
M=Mallory
B=Bob
let
1:1 indicate 1 st packet ,1st half
1:2 indicate 1 st packet , 2nd half
2:1 indicate 2 nd packet, 1st half
2:2 indicate 2nd packet , 2nd half
and so on
so we are now have 1:2 and 2:1 as one complete
message
and so on
No: A M B
1 A->1:1 M->1:1
2 M->1:1 B->1:1
3 A->1:2 M->1:2
4 M->1:2 B->1:2
5 A->2:1 M->2:1
6 M->2:1 B->2:1
7 A->2:2 ******
The blank spaces corresponding to each row indicates
that it is a sender and the other 2 are receivers.
Once Mallory receives A->2:2 ,he has 2 full packets in
hand and has faked 1 and a half packets(Step 7)
**** indicates that it is now the earler packet Bob
receives of Alice after Mallory's manupilation.
I hope that table will give some clarity.
now he can send Bob the original message of Alice.
So I think the above suggested protocol will not work.
Mallory can still get away with his scheme
Regards Data.
--- Marcel Popescu
From: "gfgs pedo"
One solution suggested against the man in the middle attack is using the interlock protocol
This is the one I vaguely recalled, thank you.
All mallory would have to do is send the half of the (n th) packet when he receives the half of (n+1)th packet since the 1 st packet was faked by mallory.
Interesting attack... assuming that a one-block delay doesn't look suspicious.
What if every message except the very first one has a hash of the previously received message?
A -> (M ->) B: half 1 of message A1 B -> (M ->) A: half 1 of message B1 | hash (half 1 of message A1) A -> (M ->) B: half 2 of message A1 | hash (half 1 of message B1) B -> (M ->) A: half 2 of message B1 | hash (half 2 of message A1) A -> (M ->) B: half 1 of message A2 | hash (half 2 of message B1) ... and so on
Nah... won't work; since M captures A1 and B1, he can compute the hashes for both the initial bogus message and the (delayed) genuine ones. Same if they try hasing all the previous messages.
What if they send the hash of the *other* half? (The program splitting the messages already has the full ones.)
A -> (M ->) B: half 1 of message A1 | hash (half 2 of message A1) B -> (M ->) A: half 1 of message B1 | hash (half 2 of message B1) A -> (M ->) B: half 2 of message A1 | hash (half 1 of message A1) B -> (M ->) A: half 2 of message B1 | hash (half 1 of message B1) ... and so on
Nope, no good... M fakes the first message in both direction, and then he always has a good one, so he can compute the hashes.
The only thing that might, as far as I can see, succeed (with a high probability) would be for everyone to hash the *next* half - meaning that, together with half 2 of message N, there will be the hash of half one of message N + 1. However, I don't see how this would be possible for an interactive communication...
Thanks, Mark
__________________________________________________ Do You Yahoo!? Sign up for SBC Yahoo! Dial - First Month Free http://sbc.yahoo.com