The Man-In-The-Middle (MITM) attack is one of the most common attacks employed in the network hacking. MITM attackers can successfully invoke attacks such as denial of service (DoS) and port stealing, and lead to surprisingly harmful consequences for users in terms of both financial loss and security issues. The conventional defense approaches mainly consider how to detect and eliminate those a...

At ASIACRYPT 2012, Sasaki et al. introduced the guess-and-determine approach to extend meet-in-the-middle (MITM) preimage attack. CRYPTO 2021, Dong proposed a technique derive solution spaces of nonlinear constrained neutral words in MITM In this paper, we try combine these two techniques further improve attacks. Based on previous MILP-based automatic tools for attacks, introduce new constraint...

Syftet med det här arbetet har varit att utveckla en praktisk Man-In-The-Middle-attack mot trådlösa klienter på NetLogon-systemet vid Linköpings Universitet. Målsättningen har varit att attacken skall ske så transparent som möjligt ur offrets synvinkel. Attacken använder DNS-spoofing och en MITM-metod med förfalskade avsändaradresser genom packet injection. Vi har implementerat ett fungerande v...

At EUROCRYPT 2006, Kelsey and Kohno proposed the so-called chosen target forced-prefix (CTFP) preimage attack, where for any challenge prefix P, attacker can generate a suffix S such that H(P∥S) = y some hash value published in advance by attacker. Consequently, pretend to predict event represented P she did not know before, thus this type of attack is also known as Nostradamus attack. ASIACRYP...

In this paper we present and discuss a new approach for securing multimedia communication, which is based on three innovations. The first innovation is the integration of a challenge-response scheme for enhancing the Diffie-Hellman based ZRTP protocol. When being called, a callee must present the result of a computational puzzle (a “token”) within a short amount of time. A Man-in-the-Middle (Mi...