In a wireless network environment, all the users are able to access the wireless channel. Thus, if malicious users exploit this feature by mimicking the characteristics of a normal user or even the central wireless access point (AP), they can intercept almost all the information through the network. This scenario is referred as a Man-in-the-middle (MITM) attack. In the MITM attack, the attacker...

TWINE is a lightweight block cipher proposed in SAC 2012 by Suzaki et al.. TWINE operates on 64-bit block and supports 80 or 128bit key, denoted as TWINE-80 and TWINE-128 respectively. TWINE has attracted some attention since its publication and its security has been analyzed against several cryptanalytic techniques in both singlekey and related-key settings. In the single-key setting, the best...

Although recent compromises and admissions have given new credibility to claimed encounters of Man-in-the-middle (MitM) attacks on SSL/TLS, very little proof exists in the public realm. In this paper, we report on the development and deployment of Crossbear, a tool to detect MitM attacks on SSL/TLS and localise their position in the network with a fair degree of confidence. MitM attacks are det...

Secured communication has been widely deployed to guarantee confidentiality and integrity of connections over untrusted networks, e.g., the Internet. Although secure connections are designed to prevent attacks on the connection, they hide attacks inside the channel from being analyzed by Intrusion Detection Systems (IDS). Furthermore, secure connections require a certain key exchange at the ini...

Domain Name System (DNS) cache poisoning is a stepping stone towards advanced (cyber) attacks. DNS cache poisoning can be used to monitor users’ activities for censorship, to distribute malware and spam and to subvert correctness and availability of Internet clients and services. Currently, the DNS infrastructure relies on challengeresponse defences against attacks by (the common) off-path adve...

The Initial Network Entry procedure is the first stage in establishing a connection in an IEEE 802.16 (WiMAX) network. The process involves the transmission of unencrypted management messages, which constitutes a major security flaw that is exploited by the Man-in-the-Middle (MITM) attack. This security defect necessitates the implementation of appropriate security protocols. Research has shown...

TCP/IP protocols have long been subject to man-in-the-middle (MITM) attacks, but the advent of SSL/TLS was supposed to mitigate that risk for web transactions by providing endpoint authentication and encryption. The advent of Dug Song's 'webmitm' in late 2000 demonstrated the feasibility of mounting an MITM attack on the protocol, but a properlyconfigured client SSL implementation would warn th...

Transport Layer Security (TLS, RFC 5246 and previous, including SSL v3 and previous) is subject to a number of serious man-in-the-middle (MITM) attacks related to renegotiation. In general, these problems allow an MITM to inject an arbitrary amount of chosen plaintext into the beginning of the application protocol stream, leading to a variety of abuse possibilities. In particular, practical att...

Man-in-the-middle (MITM) attacks pose a serious threat to SSL/TLS-based e-commerce applications, and there are only a few technologies available to mitigate the risks. In [OHB05], we introduced the notion of SSL/TLS session-aware user authentication to protect SSL/TLSbased e-commerce applications against MITM attacks, and we proposed an implementation based on impersonal authentication tokens. ...

The meet-in-the-middle (MITM) attack on AES is a great success. In this paper, we apply the method to the lightweight SPN block cipher mCrypton. We prove that the multiset technique used to analyze AES can not be applied directly to mCrypton due to the scarcity of information. As a solution, we replace the unordered multiset with the ordered sequence. We lower the memory requirement from 2 to 2...