Talk:Passive attack/Draft: Difference between revisions

From Citizendium
Jump to navigation Jump to search
imported>Sandy Harris
(New page: {{subpages}})
 
m (Text replacement - "communications intelligence" to "communications intelligence")
 
(29 intermediate revisions by 7 users not shown)
Line 1: Line 1:
{{subpages}}
{{subpages}}
There's another category of attack that I'm not sure how to handle. The attacker may not be active in the sense of forging messages etc. but he isn't just a passive listener either. Things like grabbing a password file for offline crack attempts, subjecting a smartcard to heat for [[Block_cipher#Side_channel_attacks |  differential fault analysis]], et cetera. Where do we categorise these? do they need an article on the category? Is there a standard term? [[User:Sandy Harris|Sandy Harris]] 01:28, 4 November 2008 (UTC)
: The term "passive-aggressive" comes to mind, but probably isn't standard. [[User:Sandy Harris|Sandy Harris]] 01:36, 4 November 2008 (UTC)
::While there are individual techniques, I don't think there's a standard term. As you suggest, some are going after side channels, others are looking for key or passwords to get into the primary information flow, etc. No really elegant unifying term comes to mind, but you could probably group the techniques under communications intelligence, although some, if they are based on unintentional radiation (acoustic or electronic), blur into [[measurement and signature intelligence]] of different flavors.
::If you are trying to identify rather than grab an information flow, the terminology gets even more complex. Using time domain analysis to recognize the "fist" of a specific Morse operator, for example, is [[radiofrequency MASINT]]. Now, if unintentional RF or other emissions identify the crypto device, that certainly is a much better cryptanalytic starting point than just having a bit stream. [[User:Howard C. Berkowitz|Howard C. Berkowitz]] 02:03, 4 November 2008 (UTC)
== Known plaintext ==
When you say "he may read messages he is not supposed to see", does that include known plaintext? [[User:Howard C. Berkowitz|Howard C. Berkowitz]] 14:36, 16 April 2009 (UTC)
== Related disciplines ==
You mention cryptanalysis in the last paragraph. Should [[Radiofrequency MASINT]] and [[Communications intelligence]] be mentioned for non-cryptanalytic approaches?  Is, for example, TEMPEST a passive attack?  (yes, I know TEMPEST is the defense against something else).
: I think my second paragraph covers it.
Electronic probing (see [[Electronic warfare]]) is another: take some real-world action in order to have the opponent issue predictable messages (e.g., intercept the intruder, turn on the radar). [[User:Howard C. Berkowitz|Howard C. Berkowitz]] 15:26, 14 June 2010 (UTC)
: That's active. "... probing ... take some action" [[User:Sandy Harris|Sandy Harris]] 01:51, 15 June 2010 (UTC)
::Indirectly active -- passive as far as the communications channel. Should be made distinct. [[User:Howard C. Berkowitz|Howard C. Berkowitz]] 02:14, 15 June 2010 (UTC)
== Approval Process: {{ApprovalProcess|certify}} ==
''Call for review: ''[[User:Sandy Harris|Sandy Harris]] 04:20, 19 April 2012 (UTC)
''Call for Approval: ''[[User:Anthony.Sebastian|Anthony.Sebastian]] 21:56, 23 April 2012 (UTC)
''Approval Notice: ''Set for 20 June 2012.  —[[User:Anthony.Sebastian|Anthony.Sebastian]] 02:58, 4 June 2012 (UTC)
''Certification of Approval: ''[[User:Anthony.Sebastian|Anthony.Sebastian]] 22:36, 20 June 2012 (UTC)
----
''Please discuss the article below, [[{{BASEPAGENAME}}/Approval]] is for brief official referee's only!''
=== Comments ===
Sandy, no Bibliography or External Links. Main Article has no inline citations. It doesn't feel complete. —[[User:Anthony.Sebastian|Anthony.Sebastian]] 14:48, 22 April 2012 (UTC)
: It is a short article, basically just defining a term. I think it has everything it needs.
: I think there is room for discussion around which articles need bibliographies and link sections. I am convinced not all do.
: As for citations, I do not think it needs those either. This is a standard term, familiar to anyone in the field. We need to define it for non-expert readers, but it does not necessarily need a citation. If there is a good one, for example Rivest's definition of Cryptology, that should used. Otherwise, no problem.
: Arguably, this article should just be redirect to a section of some broader article, but it is not clear which one. Perhaps [[Cryptanalysis#The_attacker.27s_objective]], but the term passive attack is somewhat broader than just its use in cryptanalysis. [[User:Sandy Harris|Sandy Harris]] 02:45, 23 April 2012 (UTC)
:: I agree with this: References to standard facts are not needed. In contrast to WP, references are not used to "prove" statements (references may point to incorrect material -- who knows?). Bibliographies should be to the point, and helpful to the reader: In this case the relevant books will be found for cryptology, and similar.
:: In my view, short independent articles are preferable over redirects to subsections: They make it easier for the reader. Subsections are in context and it will usually be necessary to read the whole article. (Of course, there may be topics that cannot be treated independently.) Moreover, I think that articles should not become too long -- detailed subsections are better transferred to separate pages, keeping only a summary. --[[User:Peter Schmitt|Peter Schmitt]] 20:09, 24 April 2012 (UTC)
::: Sometimes I use inline citations to establish the truth of a statement/assertion, but more often to inform the reader where it came from, and to give the reader, in the context of the statement/assertion, a source where she can find additional information pertaining to it. At other times, at the end of a paragraph, say, I will give a set of inline citations to indicate/suggest that the content in the paragraph emerged as a synthesis/amalgamation of information from several sources.
::: But, as Sandy writes, the article basically just defines passive attack, and it comes from an authority, viz., Sandy.  Nevertheless, it would not be inappropriate to cite Rivest's Cryptology article, as section 6.3.1 of the article describes passive (and active) attacks, and as that article is a readable PDF, the context and perspective there might contribute to a reader's search for knowledge.  —[[User:Anthony.Sebastian|Anthony.Sebastian]] 20:51, 24 April 2012 (UTC)
::::Sandy, will you be very disappointed if I request more time to review?  There is an entire cluster of security-related articles that I hope to look at in toto. I will not roadblock, but personally feel no rush towards approval.  Because it appears folks are interested in these, however, I will try very hard to give them my attention in the near future.[[User:Pat Palmer|Pat Palmer]] 21:34, 24 April 2012 (UTC)
::::: @Pat: There is no need to hurry -- there are no deadlines set and, so far, no deadlines are set, and nor review have been written. --[[User:Peter Schmitt|Peter Schmitt]] 22:04, 24 April 2012 (UTC)
::::: @Anthony: No, I do not think that the cryptology survey should be cited here. It would be arbitrary. The right place is a selection of recommended reading (both on introductory and on expert level) is the bibliography of a cryptology (or cryptanalysis). Only a monograph or survey article (mainly) on (passive) attacks would fit here. --[[User:Peter Schmitt|Peter Schmitt]] 22:11, 24 April 2012 (UTC)
:::::: I have no objection to review taking as long as it needs. I've had half a dozen articles listed at [[CZ:Ready_for_approval#Computers]] for a year or so and could have added another half dozen. Listing them had no perceptible effect, which was distinctly frustrating. So now I have started adding <nowiki>{{subst:Call for review|~~~~}}</nowiki> tags to some of the talk pages. That seems to be moving the process forward, so I'll be happy more-or-less irrespective of how long it takes. [[User:Sandy Harris|Sandy Harris]] 00:40, 25 April 2012 (UTC)
+++++
Submitted requests for comments/suggestions to mailing lists: Mathematics; Computers. —[[User:Anthony.Sebastian|Anthony.Sebastian]] 03:11, 25 April 2012 (UTC)<br>
Submitted request on forum: "Please review "Passive attack" for consideration of Approval" —[[User:Anthony.Sebastian|Anthony.Sebastian]] 03:11, 25 April 2012 (UTC)<br>
+++++
No further comments since requests went out over a month ago.  I know Pat Palmer wants to comment, and has been told there's no rush. To keep the approval process moving along, I will set a notice for two weeks hence.  If the article receives approval by then, any substantive changes to the article that occur later in response when Pat has time to review the article will make it eligible for facilitated re-approval. —[[User:Anthony.Sebastian|Anthony.Sebastian]] 02:42, 4 June 2012 (UTC)

Latest revision as of 07:33, 26 August 2024

This article is developing and not approved.
Main Article
Discussion
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
 

There's another category of attack that I'm not sure how to handle. The attacker may not be active in the sense of forging messages etc. but he isn't just a passive listener either. Things like grabbing a password file for offline crack attempts, subjecting a smartcard to heat for differential fault analysis, et cetera. Where do we categorise these? do they need an article on the category? Is there a standard term? Sandy Harris 01:28, 4 November 2008 (UTC)

The term "passive-aggressive" comes to mind, but probably isn't standard. Sandy Harris 01:36, 4 November 2008 (UTC)
While there are individual techniques, I don't think there's a standard term. As you suggest, some are going after side channels, others are looking for key or passwords to get into the primary information flow, etc. No really elegant unifying term comes to mind, but you could probably group the techniques under communications intelligence, although some, if they are based on unintentional radiation (acoustic or electronic), blur into measurement and signature intelligence of different flavors.
If you are trying to identify rather than grab an information flow, the terminology gets even more complex. Using time domain analysis to recognize the "fist" of a specific Morse operator, for example, is radiofrequency MASINT. Now, if unintentional RF or other emissions identify the crypto device, that certainly is a much better cryptanalytic starting point than just having a bit stream. Howard C. Berkowitz 02:03, 4 November 2008 (UTC)

Known plaintext

When you say "he may read messages he is not supposed to see", does that include known plaintext? Howard C. Berkowitz 14:36, 16 April 2009 (UTC)

Related disciplines

You mention cryptanalysis in the last paragraph. Should Radiofrequency MASINT and Communications intelligence be mentioned for non-cryptanalytic approaches? Is, for example, TEMPEST a passive attack? (yes, I know TEMPEST is the defense against something else).

I think my second paragraph covers it.

Electronic probing (see Electronic warfare) is another: take some real-world action in order to have the opponent issue predictable messages (e.g., intercept the intruder, turn on the radar). Howard C. Berkowitz 15:26, 14 June 2010 (UTC)

That's active. "... probing ... take some action" Sandy Harris 01:51, 15 June 2010 (UTC)
Indirectly active -- passive as far as the communications channel. Should be made distinct. Howard C. Berkowitz 02:14, 15 June 2010 (UTC)


Approval Process: Approval certified

Call for review: Sandy Harris 04:20, 19 April 2012 (UTC)

Call for Approval: Anthony.Sebastian 21:56, 23 April 2012 (UTC)

Approval Notice: Set for 20 June 2012. —Anthony.Sebastian 02:58, 4 June 2012 (UTC)

Certification of Approval: Anthony.Sebastian 22:36, 20 June 2012 (UTC)


Please discuss the article below, Passive attack/Approval is for brief official referee's only!

Comments

Sandy, no Bibliography or External Links. Main Article has no inline citations. It doesn't feel complete. —Anthony.Sebastian 14:48, 22 April 2012 (UTC)

It is a short article, basically just defining a term. I think it has everything it needs.
I think there is room for discussion around which articles need bibliographies and link sections. I am convinced not all do.
As for citations, I do not think it needs those either. This is a standard term, familiar to anyone in the field. We need to define it for non-expert readers, but it does not necessarily need a citation. If there is a good one, for example Rivest's definition of Cryptology, that should used. Otherwise, no problem.
Arguably, this article should just be redirect to a section of some broader article, but it is not clear which one. Perhaps Cryptanalysis#The_attacker.27s_objective, but the term passive attack is somewhat broader than just its use in cryptanalysis. Sandy Harris 02:45, 23 April 2012 (UTC)
I agree with this: References to standard facts are not needed. In contrast to WP, references are not used to "prove" statements (references may point to incorrect material -- who knows?). Bibliographies should be to the point, and helpful to the reader: In this case the relevant books will be found for cryptology, and similar.
In my view, short independent articles are preferable over redirects to subsections: They make it easier for the reader. Subsections are in context and it will usually be necessary to read the whole article. (Of course, there may be topics that cannot be treated independently.) Moreover, I think that articles should not become too long -- detailed subsections are better transferred to separate pages, keeping only a summary. --Peter Schmitt 20:09, 24 April 2012 (UTC)
Sometimes I use inline citations to establish the truth of a statement/assertion, but more often to inform the reader where it came from, and to give the reader, in the context of the statement/assertion, a source where she can find additional information pertaining to it. At other times, at the end of a paragraph, say, I will give a set of inline citations to indicate/suggest that the content in the paragraph emerged as a synthesis/amalgamation of information from several sources.
But, as Sandy writes, the article basically just defines passive attack, and it comes from an authority, viz., Sandy. Nevertheless, it would not be inappropriate to cite Rivest's Cryptology article, as section 6.3.1 of the article describes passive (and active) attacks, and as that article is a readable PDF, the context and perspective there might contribute to a reader's search for knowledge. —Anthony.Sebastian 20:51, 24 April 2012 (UTC)
Sandy, will you be very disappointed if I request more time to review? There is an entire cluster of security-related articles that I hope to look at in toto. I will not roadblock, but personally feel no rush towards approval. Because it appears folks are interested in these, however, I will try very hard to give them my attention in the near future.Pat Palmer 21:34, 24 April 2012 (UTC)
@Pat: There is no need to hurry -- there are no deadlines set and, so far, no deadlines are set, and nor review have been written. --Peter Schmitt 22:04, 24 April 2012 (UTC)
@Anthony: No, I do not think that the cryptology survey should be cited here. It would be arbitrary. The right place is a selection of recommended reading (both on introductory and on expert level) is the bibliography of a cryptology (or cryptanalysis). Only a monograph or survey article (mainly) on (passive) attacks would fit here. --Peter Schmitt 22:11, 24 April 2012 (UTC)
I have no objection to review taking as long as it needs. I've had half a dozen articles listed at CZ:Ready_for_approval#Computers for a year or so and could have added another half dozen. Listing them had no perceptible effect, which was distinctly frustrating. So now I have started adding {{subst:Call for review|~~~~}} tags to some of the talk pages. That seems to be moving the process forward, so I'll be happy more-or-less irrespective of how long it takes. Sandy Harris 00:40, 25 April 2012 (UTC)

+++++

Submitted requests for comments/suggestions to mailing lists: Mathematics; Computers. —Anthony.Sebastian 03:11, 25 April 2012 (UTC)
Submitted request on forum: "Please review "Passive attack" for consideration of Approval" —Anthony.Sebastian 03:11, 25 April 2012 (UTC)

+++++

No further comments since requests went out over a month ago. I know Pat Palmer wants to comment, and has been told there's no rush. To keep the approval process moving along, I will set a notice for two weeks hence. If the article receives approval by then, any substantive changes to the article that occur later in response when Pat has time to review the article will make it eligible for facilitated re-approval. —Anthony.Sebastian 02:42, 4 June 2012 (UTC)