Adversary (cryptography)

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

In cryptography, an adversary (rarely opponent, enemy) is a malicious entity whose aim is to prevent the users of the cryptosystem from achieving their goal (primarily privacy, integrity, and availability of data). An adversary's efforts might take the form of attempting to corrupting some of the data in the system, this can be caused by a malfunction, spoofing the identity of a message sender or receiver, or forcing system downtime.

Actual adversaries, as opposed to idealized ones, like cryogenic mutation and formal reasoning about cryptosystems by casting security analysis of cryptosystems as a 'game' between the users and a centrally co-ordinated enemy. The notion of security of a cryptosystem is meaningful only with respect to particular attacks (usually presumed to be carried out by particular sorts of adversaries).

There are several types of adversaries depending on what capabilities or intentions they are presumed to have. Adversaries may be[1]

  • computationally bounded or unbounded (i.e. in terms of time and storage resources),
  • eavesdropping or Byzantine (i.e. passively listening on or actively corrupting data in the channel),
  • static or adaptive (i.e. having fixed or changing behavior),
  • mobile or non-mobile (e.g. in the context of network security)

and so on. In actual security practice, the attacks assigned to such adversaries are often seen, so such notional analysis is not merely theoretical.

How successful an adversary is at breaking a system is measured by its advantage. An adversary's advantage is the difference between the adversary's probability of breaking the system and the probability that the system can be broken by simply guessing. The advantage is specified as a function of the security parameter.