LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

In the classic Alice/Bob/Eve attacker model, what more than passive eavesdropping could Eve attempt?

Modify messages, inject forged messages, replay an old message later, delete messages entirely, or impersonate Alice or Bob.

The point of listing these is that "confidentiality" alone isn't enough — a system has to defend against an active adversary too.

Threat Defense category
Eavesdropping Confidentiality (encryption)
Modification Integrity (MAC, signature)
Forgery / injection of fake message Authenticity (MAC, signature)
Replay (capture & resend later) Freshness (nonces, timestamps, sequence numbers)
Deletion / suppression Availability (out of scope of pure crypto)
Impersonation Authentication (passwords, certs, challenge-response)

Tip: Modern protocols like TLS 1.3 are designed to handle all of the active threats at once. Old-fashioned "just encrypt the channel" misses every threat except eavesdropping. CIA triad (Confidentiality, Integrity, Availability) plus Authenticity is the framing most courses use.

From Quiz: ISF / Symmetric Cryptography | Updated: Jul 14, 2026