User:Gnonne/Adversary (cryptography)
 | This is the sandbox page where you will draft your initial Wikipedia contribution.
If you're starting a new article, you can develop it here until it's ready to go live. If you're working on improvements to an existing article, copy only one section at a time of the article to this sandbox to work on, and be sure to use an edit summary linking to the article you copied from. Do not copy over the entire article. You can find additional instructions here. Remember to save your work regularly using the "Publish page" button. (It just means 'save'; it will still be in the sandbox.) You can add bold formatting to your additions to differentiate them from existing content. |
Article Draft
[edit]Lead
[edit]In cryptography, an adversary (rarely opponent, enemy) is a malicious an entity whose aim is to prevent the users of the cryptosystem from achieving their goal (primarily privacy, integrity, and availability of data), often with malicious intent. An adversary's efforts might take the form of attempting to discover secret data, corrupting some of the data in the system, spoofing the identity of a message sender or receiver, or forcing system downtime.
Article Body
[edit]Actual adversaries, as opposed to idealized ones, are referred to as attackers. The former term predominates in the cryptographic and the latter in the computer security literature. Eavesdropper Eve, malicious attacker Mallory, opponent Oscar, and intruder Trudy are all adversarial characters widely used in both types of texts.
This notion of an adversary helps both intuitive and formal reasoning about cryptosystems by casting security analysis of cryptosystems as a 'game' between the users and a centrally co-ordinated coordinated enemy. The notion of security of a cryptosystem is meaningful only with respect to particular attacks (usually presumed to be carried out by particular sorts of adversaries).
Adversaries can be divided into two main categories based on how they behave within protocols: passive and active. [1][2] Passive adversaries (also known as semi-honest or honest-but-curious) are static adversaries that faithfully follow the protocol, but try to infer from the data they receive to gather more information than intended. Active adversaries (also known as malicious) are adversaries that may arbitrarily deviate from the protocol, often trying to disrupt its execution, steal data, inject false data, or cause damage.
There are several types of adversaries depending on what capabilities or intentions they are presumed to have. Adversaries may be[3]
- computationally bounded or unbounded (i.e. in terms of time and storage resources),
- eavesdropping or Byzantine (i.e. passively listening on or actively corrupting data in the channel),
- static or adaptive (i.e. having fixed or changing behavior),
- mobile or non-mobile (e.g. in the context of network security)
and so on. In actual security practice, the attacks assigned to such adversaries are often seen, so such notional analysis is not merely theoretical.
How successful an adversary is at breaking a system is measured by its advantage. An adversary's advantage is the difference between the adversary's probability of breaking the system and the probability that the system can be broken by simply guessing. The advantage is specified as a function of the security parameter.
References
[edit]- ^ Aumann, Yonatan; Lindell, Yehuda (2010-04-01). "Security Against Covert Adversaries: Efficient Protocols for Realistic Adversaries". Journal of Cryptology. 23 (2): 281–343. doi:10.1007/s00145-009-9040-7. ISSN 1432-1378.
- ^ Do, Quang; Martini, Ben; Choo, Kim-Kwang Raymond (2019-03-01). "The role of the adversary model in applied security research". Computers & Security. 81: 156–181. doi:10.1016/j.cose.2018.12.002. ISSN 0167-4048.
- ^ 'Adversary Attacks'