Bucket Brigade

This week's Word of the Week is bucket brigade.

Bucket Brigade

A bucket brigade attack is one in which the attacker intercepts messages in a public key exchange and then retransmits them, substituting their own public key for the requested one, so that the two original parties still appear to be communicating with each other directly. The attacker uses a program that appears to be the server to the client and appears to be the client to the server. The attack may be used simply to gain access to the messages, or enable the attacker to modify them before retransmitting them. The term derives from the bucket brigade method of putting out a fire by handing buckets of water from one person to another between a water source and the fire. Another name for the bucket brigade attack is the more accurately descriptive name, man-in-the-middle, based on the ball game where a number of people try to throw a ball directly to each other while one person in between them attempts to catch it.


SearchSecurity's experts answer your questions regarding encryption and public key infrastructure. Peruse our archive of answers or submit a question of your own.


This was first published in August 2001

Dig deeper on Security Resources

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close