LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

What is the difference between an insider and an outsider attacker in the classic crypto model?

An insider is a legitimate participant (Alice or Bob) who behaves dishonestly; an outsider (Eve) is a third party attacking the communication channel.

Outsider (Eve) can perform:

  • Eavesdropping, Modifying, Inserting, Replaying, Deleting, Masquerade

Insider attacks — only a participant can do these:

  • Alice can deny having sent a message (non-repudiation of origin)
  • Bob can deny having received a message (non-repudiation of receipt)

This distinction matters because insider attacks require fundamentally different countermeasures. You can't protect against a dishonest sender with a symmetric shared secret — both parties know the key. This is exactly why digital signatures (asymmetric) exist: they provide non-repudiation that symmetric MACs cannot.

Go deeper:

  • doc Non-repudiation — why a dishonest insider needs signatures, not a shared secret.

From Quiz: KRYPTOG / Fundamentals of Cryptography | Updated: Jul 14, 2026