The man-in-the-middle attack intercepts, relays, and possibly alters the communication between two systems. Which of the following incorporates encryption to mitigate the threat of a middle man?
A. DSSS (Direct Sequence Spread Spectrum)
B. ARP (Address Resolution Protocol)
C. TCP (Transmission Control Protocol)
D. DNS (Domain Name System)
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is A. DSSS (Direct Sequence Spread Spectrum).
DS and SS
Direct Sequence (DS) is similar to the encryption key of the stream cipher. The source signal (plaintext) together with the signal of DS, pseudo-random sequence (a PN sequence), is modularized (encrypted) to generate the target signal (ciphertext).
ARP and MACSec
ARP is vulnerable to the spoofing attack. It is MACSec that can mitigate attacks on Layer 2 protocols. MACsec (802.1AE) is the IEEE MAC Security standard that defines connectionless data confidentiality and integrity for media access independent protocols.
TCP and TCPCrypt
TCP itself doesn’t provide encryption mechanisms in terms of TCP 3-way handshaking, segmentation, or activities of transmission control. Security is provided by other services, e.g., TLS/SSL or IPSec.
TCP can fall back to its complement, the “tcpcrypt” protocol, a transport layer communication encryption protocol. However, “tcpcrypt” is an experimental project for the time being.
DNS and DNSCrypt
Traditional DNS doesn’t provide encryption either. Its extension, DNSSEC, doesn’t employ encryption to enforce confidentiality, instead, it digitally signs DNS records to enforce data integrity and authenticity.
DNSCrypt is the secure version of DNS. However, the protocol was never proposed to the Internet Engineering Task Force (IETF) by the way of a Request for Comments (RFC).
Thank you, Hannah!
Many thanks to Hannah from Comparitech, UK, who reported that an OWASP link went broken and suggested Mr. Watson’s awesome article, What is a Man in the Middle attack and how can I avoid it?.
- What is a Man in the Middle attack and how can I avoid it?
- Man-in-the-middle attack (This OWASP is broken probaly because of platform migration)
- Man-in-the-browser attack
- Manipulator-in-the-middle attack
- Man-in-the-middle attack (Wikipedia)
- A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends
- Spread Spectrum, Cryptography and Information Hiding
- A Novel Approach to Signal Encryption: Improved Version of Conventional DSSS Scheme
- Spread spectrum
- DSSS – Direct Sequence Spread Spectrum
- Spread Spectrum
- IEEE 802.1AE
- Domain Name System Security Extensions