CZ:Featured article/Current

From Citizendium
< CZ:Featured article
Revision as of 06:26, 5 May 2012 by imported>Chunbum Park
Jump to navigation Jump to search

Passive attack


A passive attack on a communications system is one in which the attacker only eavesdrops; he may read messages he is not supposed to see, but he does not create or alter messages. This contrasts with an active attack in which the attacker may create, forge, alter, replace or reroute messages.

Generally, the term "passive attack" is used in the context of cryptanalysis. However, the term is actually considerably broader than that. For example, wiretapping an unencrypted line is a passive attack. So is traffic analysis, attempting to infer useful information from the source, destination, timing and size of messages without reading the content. There are also situations where the attacker is active in some way — such as probing an air defense system to obtain data on their radar systems or tricking an enemy into encrypting known text (ULTRA called this "gardening") — but the actual cryptanalysis is a passive attack.

.... (read more)