A man-in-the-middle (MITM) attack is a form of active eavesdropping where the attacker intercepts messages between two victims and relays them while pretending to be each victim directly. The attacker must be able to impersonate each endpoint to the satisfaction of the other to succeed. Most cryptographic protocols use endpoint authentication to prevent MITM attacks, such as SSL authenticating both parties through a certification authority. Defenses include using strong encryption between clients and servers, with the server authenticating the client through a digital certificate before connecting, and avoiding open WiFi networks or using browser plugins to force secure connections.

1. Deepanshu Kapoor
Man in the Middle attack & its Security | Copyright @ 2014
MITM – Man in the Middle
The man-in-the-middle attack (often abbreviated MITM, MitM, MIM, MiM, MITMA) in
cryptography and computer security is a form of active eavesdropping in which the attacker
makes independent connections with the victims and relays messages between them, making
them believe that they are talking directly to each other over a private connection, when in fact
the entire conversation is controlled by the attacker. The attacker must be able to intercept all
messages going between the two victims and inject new ones, which is straightforward in many
circumstances (for example, an attacker within reception range of an unencrypted Wi-Fi wireless
access point, can insert himself as a man-in-the-middle).
A man-in-the-middle attack can succeed only when the attacker can impersonate each endpoint
to the satisfaction of the other — it is an attack on mutual authentication (or lack thereof). Most
cryptographic protocols include some form of endpoint authentication specifically to prevent
MITM attacks. For example, SSL can authenticate one or both parties using a mutually trusted
certification authority.
A popular method is Man-in-the-middle attack. It is also known as a bucket brigade attack, or
sometimes Janus attack in cryptography. As its name suggests, the attacker keeps himself /
herself between two parties, making them believe that they are talking directly to each other over
a private connection, when actually the entire conversation is being controlled by the attacker.
A man-in-the-middle attack can be successful only when the attacker forms a mutual
authentication between two parties. Most cryptographic protocols always provides some form of
endpoint authentication, specifically to block MITM attacks on users. Secure Sockets Layer
(SSL) protocol is always being used to authenticate one or both parties using a mutually trusted
certification authority.
Man-in-the-middle attack prevention & tools
Most of the effective defenses against MITM can be found only on router or server-side. You
won't be having any dedicated control over the security of your transaction. Instead, you can use
a strong encryption between the client and the server. In this case server authenticates client's
request by presenting a digital certificate, and then only connection could be established.
Another method to prevent such MITM attacks is, to never connect to open WiFi routers
directly. If you wish to so, you can use a browser plug-in such as HTTPS Everywhere or
ForceTLS. These plug-ins will help you establishing a secure connection whenever the option is
available.
Deepanshu Kapoor
Security Specialist