> someone wrote: > > Hiya. > > Dumb question. Why is the bad guy called Mallory in > this thread? I always thought that traditionally the > two correspondents were called Alice and Bob and that > the bad guy was called Eve. (As in, short for eavesdropper?). > Intercepting the bits and sending them is precisely > the sort of thing that Eve does all the time.
Mallory is the Man-in-the-Middle. He is the one that inserts himself into a connection, in an active attack, and sends packets to both Alice and Bob. He can send one thing to Bob, and send another thing to Bob. In this way, he can insert himself into a Diffie-Hellman key exchange, and send completely separate numbers to both both parties. Eve is indeed the eavesdropper. She can only listen. (As a further point, there are other personas, being Trent, the trusted third party. Also, Victor, a verifier. In financial cryptography we use Ivan as an Issuer and sometimes Matilda as a merchant. Carol and Dave can assist Alice and Bob in more complex protocols.) > I would have said "Mallory is acting as Eve", not > "Eve is acting as Mallory". But then, I'm surprisingly > ignorant about all sorts of "obvious" things, Maybe > you could clear this up for me? Well, that's the question - is Eve allowed to forward packets, in the act of listening, or is that the Mallory's job? I don't know. Given the silence on the issue, and the differeng usages, I'd say we've reached an uncertainty in the definition. The question revolves around whether Eve's name derives from her eavesdropping, or whether she is passive, and can only do stuff that can be done by observation. If she is allowed to resend because she is eavesdropping then that's ok. But, if she must only passively listen - measure - and cannot resend, then what this Quantum stuff does is eliminate her from consideration because she will always give herself away. Hence, only Mallory, the MITM, can do the job. In effect, it is very close to Anon-DH - in that Eve cannot crack the crypto, but Mallory can. It's a minor point, it doesn't really change the crypto at all, but it can evoke different images in different people if they don't agree on which it is. So one has to be careful, as the essence of naming is, after all, efficient communication. iang --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]