In cryptography and
computer security, a
man-in-the-middle attack (often abbreviated
MitM,
MiM attack,
MitMA or the same using all capital letters) is an attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other. A man-in-the-middle attack can be used against many cryptographic
protocols.
[1] One example of man-in-the-middle attacks is active
eavesdropping, in which the attacker makes independent connections with the victims and relays messages between them to make them believe they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. The attacker must be able to intercept all relevant messages passing between the two victims and inject new ones. This is straightforward in many circumstances; for example, an attacker within reception range of an unencrypted
Wi-Fi wireless access point can insert himself as a man-in-the-middle.
[2]
As an attack that aims at circumventing
mutual authentication, or lack thereof, a man-in-the-middle attack can succeed only when the attacker can impersonate each endpoint to their satisfaction as expected from the legitimate other end. Most cryptographic protocols include some form of endpoint
authentication specifically to prevent MITM attacks. For example,
TLS can authenticate one or both parties using a mutually trusted
certificate authority.
[3]
