@mastersthesis {15192, title = {Efficient Cryptographic Protocols Preventing {\textquotedblleft}Man-in-the-Middle{\textquotedblright} Attacks}, year = {2002}, month = {2002///}, school = {Columbia University}, abstract = {In the analysis of many cryptographic protocols, it is useful to distinguish two classes of attacks:passive attacks in which an adversary eavesdrops on messages sent between honest users and active attacks (i.e., {\textquotedblleft}man-in-the-middle{\textquotedblright} attacks) in which {\textemdash} in addition to eavesdropping {\textemdash} the adversary inserts, deletes, or arbitrarily modifies messages sent from one user to another. Passive attacks are well characterized (the adversary{\textquoteright}s choices are inherently limited) and techniques for achieving security against passive attacks are relatively well understood. Indeed, cryptographers have long focused on methods for countering passive eavesdropping attacks, and much work in the 1970{\textquoteright}s and 1980{\textquoteright}s has dealt with formalizing notions of security and providing provably-secure solutions for this setting. On the other hand, active attacks are not well characterized and precise modeling has been difficult. Few techniques exist for dealing with active attacks, and designing practical protocols secure against such attacks remains a challenge. This dissertation considers active attacks in a variety of settings and provides new, provably- secure protocols preventing such attacks. Proofs of security are in the standard cryptographic model and rely on well-known cryptographic assumptions. The protocols presented here are efficient and practical, and may find application in real-world systems. }, author = {Katz, Jonathan} }