Log In / Register
Frequently Asked Questions
How does 3rdKey shut down a Man In The Middle Attack?
In order for the Man In The Middle (MITM) to decipher the encrypted communication between the server and the browser, it needs to know the secret key.
3rdKey.com uses a
secret key exchange formula to ensure the key can not be discovered.
The only way that this secret key exchange can be broken is if there is an MITM attack that manipulates the exchange.
Some form of "signature" is required to ensure that the message received is what was sent, and that it was not manipulated.
If the MITM can manipulate the key exchange, it can manipulate the "signature" -
the signature is not included in the message
We use the 3rd Key as the "signature" - we add the 3rd key to the secret key, and then encrypt the message
The only way to decipher the message is to know both the secret code and the 3rd key, combine them and then decipher the message
Although the browser asks for the 3rd key, its not transmitted, so the MITM can not find out what the 3rd key is, without changing the way the page works
Therefore, using the 3rd key as a "signature" for the server-browser encryption shuts down the MITM attack
(c)Copyright 1997-2022 3rdKey.com, Andrew Hughes. All rights reserved.