Why doesn't encryption alone prevent masquerade attacks?
Encryption hides message content but doesn't verify who sent it — an attacker with the right key (or in asymmetric crypto, the public key) can encrypt messages pretending to be someone else.
Symmetric case: If Eve somehow obtains the shared key $K$, she can encrypt messages that look identical to Alice's messages. Bob cannot tell the difference.
Asymmetric case: Public keys are public! Anyone can encrypt a message with Bob's public key and claim to be Alice. Encryption proves nothing about the sender — only that the sender knew the recipient's public key.
The solution: Challenge-Response (C-R) protocols:
- Bob sends a random challenge (nonce) to Alice
- Alice must prove she knows a secret (e.g., sign the challenge with her private key)
- Bob verifies the response
This proves Alice's identity in real-time, not just that someone possesses a key.
Go deeper:
Challenge-response authentication — the fix that proves identity in real time.