质询-响应协议如何帮助抵御中间人攻击?
质询响应身份验证如何防止中间人攻击?我读了维基文章,但仍然无法理解。
How does challenge-response authentication prevent man-in-the-middle attacks? I read the wiki article but still I cannot understand.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
一般来说,质询-响应系统不一定能防止中间人攻击:如果 Alice 试图告诉 Bob 她的银行帐号,则该协议确实实现了一些质询和响应,但不会提供完整性或隐私:
马洛里可以代替爱丽丝或鲍勃回答“是”,可以伪造第三条“结果”消息,或者可以监听第三条消息。
即使挑战得到改善,例如:“请在我们的共享密码前面添加哈希 0x31415926”,以明文方式传输的数据(或在弱/不良密码或不良密钥选择下)也将面临隐私和数据损失未经任何消息身份验证检查而传输的信息可能会被第三方修改。
质询/响应协议的真正亮点在于防止重放攻击:如果 Alice 向 Bob 发送一条消息,内容是“请借记我的帐户 5 美元,并存入您的帐户 5 美元”,Mallory 可以记录该消息并重播该消息以耗尽 Alice 的帐户。
一个好的挑战/响应系统将为每个交易或会话生成一个新的挑战(并确保以前的挑战不会被重复使用!),因此会话记录不能拼接在一起以创建新的欺诈系统。
我希望这会有所帮助,但恐怕如果没有更详细地了解您的疑虑从何而来,那只是噪音。
In general, challenge-response systems do not necessarily prevent man-in-the-middle-attacks: If Alice is trying to tell Bob her bank account number, this protocol, which does implement some challenge and response, won't provide integrity or privacy:
Mallory could answer "yes" in place of either Alice or Bob, could fake the third 'result' message, or could listen in on the third message.
Even if the challenges are improved, to something like: "Please hash 0x31415926 prepended to our shared password", data transmitted in the clear (or under weak/poor ciphers or with poor key selection) would be subject to loss of privacy, and data transmitted without any message authentication checks could be subject to modification by a third party.
Where challenge/response protocols really shine is in preventing replay attacks: if Alice just sends Bob a message along the lines of "Please debit my account $5 and credit your account $5", Mallory could record the message and replay the message to deplete Alice's account.
A good challenge/response system will generate a new challenge for every transaction or session (and make sure that previous challenges are not reused!), so that session transcripts cannot be spliced together to create new fraudulent systems.
I hope this helps, but I'm afraid without more detailed idea of where your doubts are coming from, it'll just be noise.
用户 sarnold 已经提供了一个很好的答案,我想将注意力转移到以下内容。
挑战-响应解决了两个问题 - 无需以明文形式发送秘密(发送类似于散列的产品)并防止重放攻击(因为挑战每次都会改变)。除此之外,它不会做任何事情 - 它不会自行向任何人验证任何人的身份,它只是明文协议的改进,其中客户端发送他的用户名和密码(秘密),服务器决定这些是否正确。
因此,如果中间有某个方,它不会帮助检测它或阻止它冒充该特定会话的客户端,但该方将无法访问秘密,因为秘密永远不会以明文形式发送,并且一方将无法通过重播再次进行模拟 - 它只能在该会话期间进行模拟。
User sarnold already provides a good answer, I'd like to drag attention to the following.
Challenge-response solves two problems - makes sending the secret in plaintext unnecessary (hash-like product is sent) and prevents replay attacks (since challenges change every time). It doesn't do anything beyond that - it doesn't authenticate anyone to anyone on its own, it is only an improvement of a plaintext protocol where the client sends his username and password (the secret) and the server decides whether those are correct.
So if there's some party in the middle it won't help detect it or prevent it from impersonating as the client for that specific session, yet that party will not gain access the the secret, since the secret is never sent in plaintext, and that party will be unable to impersonate again by doing a replay - it can only work impersonated during that very session.