Threat Posed by Man-in-the-Middle Attacks

Question

How frequent (and/or sophisticated) are man-in-the-middle attacks?

About

In cryptography, the man-in-the-middle attack (often abbreviated MITM), or bucket-brigade attack, or sometimes Janus attack, is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. The attacker must be able to intercept all messages going between the two victims and inject new ones, which is straightforward in many circumstances (for example, an attacker within reception range of an unencrypted Wi-Fi wireless access point, can insert himself as a man-in-the-middle).

http://en.wikipedia.org/wiki/Man-in-the-middle_attack

The reason I ask is to try and gauge whether it's worth the added overhead of encrypting important sections of the content I'm sending to the user or whether it's safe to just go ahead and send it unencrypted.

Note: I know this isn't strictly a "programming" question insofar as there is no code solution, however it influences coding decisions and is coding-based, so it still seems appropriate.

Answer 1

It doesn't take a MITM attack to read data that hasn't been encrypted at all. A MITM attack is used to allow an attacker to read data that has been encrypted.

Edit: The relevant question with respect to MITM attacks is not whether you should do encryption at all. It's whether you should do some sort of authentication (i.e., verifying the identity of the remote party) while you set up an encrypted connection.

With no encryption at all, a "snooper" just looks at your data as it goes through, and sees exactly what's there. A MITM attack applies when you do encryption, but don't verify who you're sending the encrypted data to. In this case, the attacker inserts himself in the middle of the conversation -- you connect to the attacker, and send him encrypted data. He connects to the person you intended to talk to, and creates an encrypted connection to both of you. Then, as you send your data, he receives it, decrypts it with your key, re-encrypts it with the target's key, and sends it to the target. Likewise, any returned data he decrypts with the target's key, and re-encrypts with yours.

This way, it looks to both you and the target as if the communication is going normally -- but the attacker can read everything you send. If you don't encrypt the data at all, though, none of this is necessary -- since you're sending plain text, the attacker can just look at it as it goes by.

Answer 2

The MITM attack is not necessarily thwarted by encryption. For example, if you encrypt using a so-called "self-signed certificate," then your communications will be encrypted, and yet a MITM attack could still occur. For example, with a self-signed cert, if you load "Fiddler" onto the client box, it will perform a MITM exercise so that it can watch all the traffic. The client and the server will not realize that the MITM is happening.

If you use real PKI (a true trusted 3rd party is involved), then MITM isn't possible.

In any case, MITM is fairly easy to achieve, if the value of your data is "worth it" to the attacker.

Answer 3

Depends on the application, but if the data being sent is at all sensitive, definitely guard against man in the middle! It is a very relevant danger especially with rise of Wi-Fi, and very easy to do; a friend and I were able to replicate the Gmail MIMA last year with little difficulty.