Impersonation attacks

A few months ago I posted a note about some comments made in the Quantum Cryptography course I was teaching. Specifically it concerned the difference between a regular attack and an “impersonation” attack. In his reply, Matt Leifer pointed out that the “missing” link is the authentication of the classical channel shared by Alice and Bob (i.e. Alice needs to know she is actually talking to Bob). Authentication has always played an important role in cryptography, perhaps in no more poignant a way than during WWII.

I am presently reading a terrific book entitled Between Silk and Cyanide: A Codemaker’s War, 1941-1945 by Leo Marks who was the head of the codes department for the Special Operations Executive (AKA, the Baker Street Irregulars and originally viewed as the dirty water to the champagne of Bletchley Park until Marks overhauled the entire system). In it, Marks recounts that nearly the entire Dutch Resistance was captured and controlled by the Germans. Marks’ only suspicion that something was wrong came from the fact that no Dutch agents ever made mistakes in their coding while everyone else did. Not only did the famous German precision backfire in the case of Enigma (meticulous records that were eventually obtained by the Poles and Brits – plus some really good cryptographers) but it clearly backfired here too! Unfortunately it took Marks a long time to convince his superiors of this.


Comment (obtuse, impolite, or otherwise "troll"-like comments may be deleted)

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at

Up ↑

%d bloggers like this: