It is desirable in many instances for two parties to communicate in a secure manner, such as via a network including, for example, the internet. In this manner, each party can be confident that the messages received from the other party were actually transmitted by the other party and have not been altered during transmission. Moreover, the parties to the communication can be confident that the messages transmitted therebetween cannot be intercepted and comprehended by a third party.
Generally, two parties can share information or other data securely under certain conditions. In this regard, the two parties can utilize keys and/or other techniques to encrypt and correspondingly decrypt the data. To avoid bypassing the security otherwise provided by encryption, however, no third party can have access to the unencrypted data at any point before, during, or after the parties communicate. Similarly, no third party can have access to the keys and/or techniques used to encrypt the data. In addition, the encryption techniques employed by the two parties must be of sufficient strength to ensure that third parties who access the encrypted data cannot decrypt the data, at least not before the need to secure the data has passed. Further, both parties should be able to verify that the other party is the correct party. Finally, no third party should be able to exist undetected between the two parties.
In a perfect world, the foregoing conditions would hold true, and encryption techniques would adequately safeguard communication channels. However, real world practicalities often prevent communications from meeting one or more of these conditions. As the number of WiFi sites and internet cafes grows, for example, communications networks become easier to access by both legitimate and other parties. In this regard, even in instances in which sophisticated encryption techniques are employed, third parties can abrogate the security of a communication channel by “spoofing the data source” or using a “man in the middle” attack. As explained below, these types of attacks negate the effectiveness of encryption techniques by breaching security without confronting the encryption technique itself.
In a spoofing attack, a first party intends to connect to and communicate with a second party but instead connects to and communicates with a third party. The third party communicates in the same manner and otherwise behaves like the intended party, thereby tricking the first party into trusting and communicating with the third party. The third party may then send incorrect information to or obtain information from the unwitting first party. Encryption cannot prevent the attack because the first party actually shares the encryption key with the third party since the first party believes that it is actually communicating with the intended recipient, i.e., the second party.
In a man in the middle attack, the first party actually connects to and communicates with the intended second party. A third party, though, taps into the communication channel and listens to information passed between the first and second parties. If the third party can identify passwords, encryption keys, or other such information that is passed between the first and second parties, the third party can decode the information communicated between the first two parties. Also, the third party can then use that information to spoof either party and learn still more information.
Current encryption techniques fail to prevent at least some attacks, such as spoofing and man in the middle attacks as described above, because the attacker obtains the necessary passwords, encryption keys or the like to decrypt the communications. One advancement in secure communications that has been provided by RSA Security employs two communication channels to lower the likelihood of these types of attacks. In this regard, the system provided by RSA Security requires users to send user login identification through the internet. The second party receives the identification and sends a one-time access code to the user's phone number that is on record with the second party. By sending the entirety of each piece of information over one channel (i.e., the entire user login identification and the access code are each sent through a single, albeit a different, channel), though, this technique fails to provide maximum security since the breach of either channel and, in particular, the channel by which the access code is provided can provide the third party with the information necessary to successfully monitor future communications between the parties.