China
Africa
Explore chapters and articles related to this topic
Single Server Authentication
Published in Chintan Patel, Nishant Doshi, Internet of Things Security, 2018
In general terms, if we want to define an adversary then we can say that βan adversary is any user who performs an active attack or passive attack by applying all the capabilities it has.β Adversary can be any user, it can be either registered user of the system or unregistered user of system. Registered adversary is more dangerous than unregistered adversary. Basic goal of an adversary is to extract the secret data from the communication and prevent or intercept the communication between authentic entities. As shown in Figure 4.6, adversary can attack during all the phases of communication.
Overview of Cryptography
Published in Alfred J. Menezes, Paul C. van Oorschot, Scott A. Vanstone, Handbook of Applied Cryptography, 2018
Alfred J. Menezes, Paul C. van Oorschot, Scott A. Vanstone
An adversary is an entity in a two-party communication which is neither the sender nor receiver, and which tries to defeat the information security service being provided between the sender and receiver. Various other names are synonymous with adversary such as enemy, attacker, opponent, tapper, eavesdropper, intruder, and interloper. An adversary will often attempt to play the role of either the legitimate sender or the legitimate receiver.
Intelligent Situation Assessment to Secure Smart Cities with Cryptography
Published in Huansheng Ning, Liming Chen, Ata Ullah, Xiong Luo, Cyber-Enabled Intelligence, 2019
Pushpinder Kaur Chouhan, Jorge Martinez Carracedo, Bryan Scotney, Sally McClean
Another aspect of security is protect, which can be addressed with cryptography. Cryptography is usually defined as the study, development and comprehension of techniques that provide secure communications when an adversary is present.
Covert Cognizance: A Novel Predictive Modeling Paradigm
Published in Nuclear Technology, 2021
Arvind Sundaram, Hany Abdel-Khalik
A third example is in the field of security research where the zero-observability requirement becomes more challenging because in principle, any change to a software or a network is expected to have a footprint. The latter manifests itself in the form of additional memory requirements, CPU time, or new network architecture, forcing defenders to rely on complex strategies to hide the footprint of their defenses via the use of decoy networks, moving target defenses, etc.12 The situation is often much more complicated when the adversary is an insider, expected to have a strategic foothold in the system with near-perfect privileged access to the software, system data, and network architecture design. In this situation, the choice of the courier variables becomes critical because if the attackers know where the cognizance information is being stored, they have already won half the battle, and their job is reduced to decoding the cognizance information or bypassing it altogether. The implication is that the defender must select courier variables that remain invisible to the attackers. For example, brute force introduction of additional variables or log files to store the cognizance information could be potentially circumvented by attackers receiving insider access.
Advanced multi-factor user authentication scheme for E-governance applications in smart cities
Published in International Journal of Computers and Applications, 2019
The adversary engages in following ways to breach the security to get access of government services.User impersonation attack: In this attack, the adversary tries to impersonate as a legitimate user by sending recorded messages from previous or present successful sessions between the user and the server.Denial of Service attack: In this attack, the adversary denies the services of government server for its legitimate users by flooding it large number of requests. This can result in crash of server.Offline password guessing attack: This attack takes place when the adversary intercepts the transmitted messages and extracts meaningful information from it. Low entropy passwords are easily decrypted. Thus, the user must choose a high entropy password.Stolen smart card attack: In such attacks, the adversary is successful in stealing the smart card of the user and extracts the vital information stored in it by performing power analysis attack. The adversary can use this extracted sensitive information to impersonate as an authentic user to get access to the services of the government server.Replay attack: This attack takes place when the adversary intercepts the ongoing transmission between two entities. The adversary extracts information and replays it later.Insider attack: In such attacks, the adversary is a trusted entity and has authorized admittance. The adversary intends to steal the secret information or intellectual property.