Most recent major Internet services use TLS based encrypted communication. For the security of TLS communication, use a digital signature certificate between the client and server to ensure that each other can be trusted. Confidentiality is maintained using symmetric key cryptography, and integrity is verified through message authentication. However, even if encrypted communication through TLS is used, security issues such as MitM may occur. In this paper, we analyzed the MitM attack method and tool. The process of TLS encryption communication and representative MitM attack methods such as SSL Strip and SSL Split were analyzed. Bettercap, MitMproxy and Fiddler were analyzed as MitM attack tools. Protocols with strong security such as the HSTS protocol could also perform MitM attacks using SSL strip attack. In encrypted communication, additional authentication is required as well as a certificate.
