Quiz Entry - updated: 2026.07.14
How does the "Embedded Security" model differ from the classical cryptographic model?
In the embedded security model, the attacker can attack everywhere — not just the communication channel, but also the endpoints themselves.
| Aspect | Classical Model | Embedded Security Model |
|---|---|---|
| Attack surface | Communication channel only | Channel AND endpoints |
| Crypto operations in | Black box (tamper-proof HW) | Grey box (e.g., protected software) |
| Security depends on | Algorithm strength + key size | Algorithm + key size + protocol choice + secure implementation |
The evolution of the trust boundary:
- Old model: Only the channel between Alice and Bob is untrusted
- Current model: The attacker is everywhere — channels, endpoints, even inside devices
This is why secure implementation matters as much as strong algorithms. A mathematically perfect cipher can be broken through:
- Poor implementation
- Side-channel attacks
- Protocol weaknesses