Skip to Main Content Area
  • CPS-VO
    • Contact Support
      
 
Not a member?
Click here to register!
Forgot username or password?
 
logo
logo
Science of Security VO
  • Home
  • Archive
  • About
  • Search
  • Calendar
  • Members
  • Contact Us
  • Forums
  • Files
CPS-VO

Visible to the public Adversary Models

  • View
    1 reply [Last post]
    Fri, 10/19/2012 - 6:02pm
    rvmeush
    rvmeush's picture
    Offline
    Established Community Member
    Joined: Aug 27 2010

    The roles of humans in cyber systems - including developers, operators, and defenders, as well as attackers - adds enormously to the complexity of security design and analysis. Limitations in our ability to model an active, intelligent, and determined adversary is one of the problems that has plagued security researchers for decades. Some have argued that if there is a science of security it is likely to have the characteristics of a social science. Nevertheless, the development of more powerful adversary models should improve our ability to make meaningful advances in our ability to design more trustworthy systems. This forum is intended to foster discussion of new ideas in adversary modeling.

    ‹ Controversies in Security Science Hard Problems in Security Science ›
    Top
    • PDF version
    • Printer-friendly version
    Sat, 11/03/2012 - 1:34pm
    #1
    Dusko P
    Dusko P's picture
    Offline
    Established Community Member
    Joined: Jun 28 2012
    adaptive attacker requires adaptive security

    There are many attacker models, but it seems that there are 4 substantially different attacker paradigms:

    1. Shannon's attacker: computationally unbounded
      • breaks all but perfectly secure crypto systems
      • --- i.e., if there is a statistical correlation, the attacker will find it.
    2. Diffie-Hellman attacker: computationally bounded
      • real attacks must be executable by real computers, with limited computational powers
      • --- i.e., a plaintext may be statistically dependent on cyphertext, but hard to compute from it
    3. Modern crypto attacker: logically unbounded
      • "A crypto-system is secure if for every feasible attack algorithm, the security property is preserved."
      • --- i.e., if there is a feasible attack algorithm, the attacker will find it.
    4. Post-modern crypto attacker: logically bounded
      • real attacks must be programmed by real programmers, with limited logical powers
      • --- i.e., there may be a feasible attack algorithm, but it may be hard to program it

    Modern crypto is defending against the modern crypto attacker. This is prudent, but not necessary, since real attackers are not logically unbounded. E.g., they are unable to construct the algorithm to surely win or tie in chess, although such algorithm surely exists. So we should study the post-modern crypto attacker.

    (See www.asecolab.org for graphic depictions of the 4 paradigms. This is a draft page, so comments and suggestions are particularly welcome.)

    Top

      Comment viewing options

      Select your preferred way to display the comments and click "Save settings" to activate your changes.

      Terms of Use  |  ©2023. CPS-VO