A secure communication system will protect against both
passive
and
active
attacks. A passive attack is one in which
a party for whom a message is not intended is listening on the
communications. An active attack is one in which some
adversarial party is tampering with messages, and can inject,
alter, or replay messages.
Cryptography should be used to solve specific problems, such
as
Eavesdropping: as is the case with in-person
conversations, an attacker could listen in on traffic
going in and out, potentially stealing secrets passed back
and forth. The security goal of confidentiality will
mitigate this attack to an extent; while cryptography will
obscure the contents of the message, by itself it doesn’t
hide the fact that two parties are communicating. An
attacker might also be able to determine information based
on the size of the messages.
Tampering: traffic going in and out of the application
could be modified en-route; the system needs to make sure
that messages it receives have not been tampered with. The
integrity goal is used to ensure messages haven’t been
tampered with.
Spoofing: an attacker can pretend to be a legitimate user
by faking certain details of a message. An attacker can
use spoofing to steal sensitive information, forge
requests from a user, or take over a legitimate session.
Authentication helps to defend against this attack, by
validating the identity of users and messages.
评论3