Man-in-the-Middle Attack

A Man-in-the-Middle (MitM) Attack involves an attacker intruding on an existing connection, establishing himself or herself as a "man-in-the-middle", or someone able to intercept and selectively modify all network traffic between two communicating devices.

If Alice is attempting to communicate with Bob, a MitM attack on Alice (by attacker Charlie) would occur as follows:

  1. Charlie redirects Alice’s network traffic destined for Bob to himself.
  2. Charlie takes note of Alice’s public key used to encrypt her data, and re-encrypts her now unencrypted data with his own public key, sending it to Bob.
  3. Bob decrypts Alice’s information encrypted with Charlie’s public key (unaware that it isn’t Alice’s key) and sends his reply encrypted with his own public key.
  4. Charlie receives Bob’s reply to Alice encrypted with Bob’s public key, takes note of it, and re-encrypts Bob’s reply with his own public key, and sends it to Alice.

Alice receives Bob’s message encrypted with Charlie’s public key (unaware that it isn’t Bob’s key), and this process continues, with Charlie able to read and potentially modify any messages sent between Alice and Bob without either one of them knowing.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center