cryptography Cryptography, or cryptology (from "hidden, secret"; and ''graphein'', "to write", or ''-logy, -logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of Adversary (cryptography), ...

, an adversary (rarely opponent, enemy) is an entity whose aim is to prevent the users of the

cryptosystem In cryptography, a cryptosystem is a suite of cryptographic algorithms needed to implement a particular security service, such as confidentiality (encryption). Typically, a cryptosystem consists of three algorithms: one for key generation, one ...

from achieving their goal (primarily

privacy Privacy (, ) is the ability of an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively. The domain of privacy partially overlaps with security, which can include the concepts of a ...

, integrity, and availability of data), often with malicious intent. An adversary's efforts might take the form of attempting to discover secret data, corrupting some of the data in the system, spoofing the identity of a message sender or receiver, or forcing system downtime. Actual adversaries, as opposed to idealized ones, are referred to as ''attackers''. The former term predominates in the cryptographic and the latter in the

computer security Computer security (also cybersecurity, digital security, or information technology (IT) security) is a subdiscipline within the field of information security. It consists of the protection of computer software, systems and computer network, n ...

literature. Eavesdropper Eve, malicious attacker Mallory, opponent Oscar, and intruder Trudy are all adversarial characters widely used in both types of texts. This notion of an adversary helps both intuitive and formal reasoning about cryptosystems by casting security analysis of cryptosystems as a 'game' between the users and a ''centrally co-ordinated'' enemy. The notion of security of a cryptosystem is meaningful only with respect to particular attacks (usually presumed to be carried out by particular sorts of adversaries). Adversaries can be divided into two main categories based on how they behave within protocols: ''passive'' and ''active''. Passive adversaries (also known as semi-honest or honest-but-curious) are static adversaries that faithfully follow the protocol, but try to infer from the data they receive to gather more information than intended. Active adversaries (also known as malicious) are adversaries that may arbitrarily deviate from the protocol, often trying to disrupt its execution, steal data, inject false data, or cause damage. There are several types of adversaries depending on what capabilities or intentions they are presumed to have. Adversaries may be'Adversary Attacks'
/ref> * computationally bounded or unbounded (i.e. in terms of time and storage resources), *eavesdropping or Byzantine (i.e. passively listening on or actively corrupting data in the channel), *static or adaptive (i.e. having fixed or changing behavior), *mobile or non-mobile (e.g. in the context of network security) and so on. In actual security practice, the attacks assigned to such adversaries are often seen, so such notional analysis is not merely theoretical. How successful an adversary is at breaking a system is measured by its ''advantage''. An adversary's advantage is the difference between the adversary's probability of breaking the system and the probability that the system can be broken by simply guessing. The advantage is specified as a function of the security parameter.

References

Cryptographic attacks {{crypto-stub

See also

References