Adversary (cryptography)
Encyclopedia
In cryptography
, an adversary (rarely opponent, enemy) is a malicious entity whose aim is to prevent the users of the cryptosystem
from achieving their goal (primarily privacy, integrity, and availability of data). An adversary's efforts might take the form of attempting to discover secret data, corrupting some of the data in the system, spoof
ing the identity of a message sender or receiver, or forcing system downtime.
Actual adversaries, as opposed to idealized ones, are referred to as attackers. Not surprisingly, the former term predominates in the cryptographic and the latter in the computer security
literature. Eve, Mallory, Oscar and Trudy
are all adversarial characters widely used in both types of texts.
This notion of an adversary helps both intuitive and formal reasoning about cryptosystems by casting security analysis of cryptosystems as a 'game' between the users and a centrally co-ordinated enemy. The notion of security of a cryptosystem is meaningful only with respect to particular attacks (usually presumed to be carried out by particular sorts of adversaries).
There are several types of adversaries depending on what capabilities or intentions they are presumed to have. Adversaries may be
and so on. In actual security practice, the attacks assigned to such adversaries are often seen, so such notional analysis is not merely theoretical.
How successful an adversary is at breaking a system is measured by its advantage. An adversary's advantage is the difference between the adversary's probability of breaking the system and the probability that the system can be broken by simply guessing. The advantage is specified as a function of the security parameter
.
Cryptography
Cryptography is the practice and study of techniques for secure communication in the presence of third parties...
, an adversary (rarely opponent, enemy) is a malicious entity whose aim is to prevent the users of the cryptosystem
Cryptosystem
There are two different meanings of the word cryptosystem. One is used by the cryptographic community, while the other is the meaning understood by the public.- General meaning :...
from achieving their goal (primarily privacy, integrity, and availability of data). An adversary's efforts might take the form of attempting to discover secret data, corrupting some of the data in the system, spoof
Spoofing attack
In the context of network security, a spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage.- Spoofing and TCP/IP :...
ing the identity of a message sender or receiver, or forcing system downtime.
Actual adversaries, as opposed to idealized ones, are referred to as attackers. Not surprisingly, the former term predominates in the cryptographic and the latter in the computer security
Computer security
Computer security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to...
literature. Eve, Mallory, Oscar and Trudy
Alice and Bob
The names Alice and Bob are commonly used placeholder names for archetypal characters in fields such as cryptography and physics. The names are used for convenience; for example, "Alice sends a message to Bob encrypted with his public key" is easier to follow than "Party A sends a message to Party...
are all adversarial characters widely used in both types of texts.
This notion of an adversary helps both intuitive and formal reasoning about cryptosystems by casting security analysis of cryptosystems as a 'game' between the users and a centrally co-ordinated enemy. The notion of security of a cryptosystem is meaningful only with respect to particular attacks (usually presumed to be carried out by particular sorts of adversaries).
There are several types of adversaries depending on what capabilities or intentions they are presumed to have. Adversaries may be
- computationally bounded or unbounded (i.e. in terms of time and storage resources),
- eavesdropping or Byzantine (i.e. passively listening on or actively corrupting data in the channel),
- static or adaptive (i.e. having fixed or changing behavior),
- mobile or non-mobile (e.g. in the context of network security)
and so on. In actual security practice, the attacks assigned to such adversaries are often seen, so such notional analysis is not merely theoretical.
How successful an adversary is at breaking a system is measured by its advantage. An adversary's advantage is the difference between the adversary's probability of breaking the system and the probability that the system can be broken by simply guessing. The advantage is specified as a function of the security parameter
Security parameter
In cryptography, the security parameter is a variable that measures the input size of the problem. Both the resource requirements of the cryptographic algorithm or protocol as well as the adversary's probability of breaking security are expressed in terms of the security parameter.The security...
.