Cryptology ePrint Archive: Report 2018/1189

The Role of the Adversary Model in Applied Security Research

Quang Do and Ben Martini and Kim-Kwang Raymond Choo

Abstract: Adversary models have been integral to the design of provably-secure cryptographic schemes or protocols. However, their use in other computer science research disciplines is relatively limited, particularly in the case of applied security research (e.g., mobile app and vulnerability studies). In this study, we conduct a survey of prominent adversary models used in the seminal field of cryptography, and more recent mobile and Internet of Things (IoT) research. Motivated by the findings from the cryptography survey, we propose a classification scheme for common app-based adversaries used in mobile security research, and classify key papers using the proposed scheme. Finally, we discuss recent work involving adversary models in the contemporary research field of IoT. We contribute recommendations to aid researchers working in applied (IoT) security based upon our findings from the mobile and cryptography literature. The key recommendation is for authors to clearly define adversary goals, assumptions and capabilities.

Category / Keywords: applications / Adversary model, Mobile security, IoT security

Original Publication (in the same form): Computers & Security
DOI:
10.1016/j.cose.2018.12.002

Date: received 7 Dec 2018

Contact author: raymond choo at fulbrightmail org

Available format(s): PDF | BibTeX Citation

Version: 20181210:211849 (All versions of this report)

Short URL: ia.cr/2018/1189


[ Cryptology ePrint archive ]