Alice and Bob are fictional characters commonly used as placeholders in discussions about cryptographic systems and protocols, [1] and in other science and engineering literature where there are several participants in a thought experiment. The Alice and Bob characters were invented by Ron Rivest, Adi Shamir, and Leonard Adleman in their 1978 paper "A Method for Obtaining Digital Signatures and Public-key Cryptosystems". [2] Subsequently, they have become common archetypes in many scientific and engineering fields, such as quantum cryptography, game theory and physics. [3] As the use of Alice and Bob became more widespread, additional characters were added, sometimes each with a particular meaning. These characters do not have to refer to people; they refer to generic agents which might be different computers or even different programs running on a single computer.
Alice and Bob are the names of fictional characters used for convenience and to aid comprehension. For example, "How can Bob send a private message M to Alice in a public-key cryptosystem?" [2] is believed to be easier to describe and understand than if the hypothetical people were simply named A and B as in "How can B send a private message M to A in a public-key cryptosystem?"
The names are conventional, and where relevant may use an alliterative mnemonic such as "Mallory" for "malicious" to associate the name with the typical role of that person.
Scientific papers about thought experiments with several participants often used letters to identify them: A, B, C, etc.
The first mention of Alice and Bob in the context of cryptography was in Rivest, Shamir, and Adleman's 1978 article "A method for obtaining digital signatures and public-key cryptosystems." [2] They wrote, "For our scenarios we suppose that A and B (also known as Alice and Bob) are two users of a public-key cryptosystem". [2] : 121 Previous to this article, cryptographers typically referred to message senders and receivers as A and B, or other simple symbols. In fact, in the two previous articles by Rivest, Shamir, and Adleman, introducing the RSA cryptosystem, there is no mention of Alice and Bob. [4] [5] The choice of the first three names may have come from the film Bob & Carol & Ted & Alice . [6]
Within a few years, however, references to Alice and Bob in cryptological literature became a common trope. Cryptographers would often begin their academic papers with reference to Alice and Bob. For instance, Michael Rabin began his 1981 paper, "Bob and Alice each have a secret, SB and SA, respectively, which they want to exchange." [7] Early on, Alice and Bob were starting to appear in other domains, such as in Manuel Blum's 1981 article, "Coin Flipping by Telephone: A Protocol for Solving Impossible Problems," which begins, "Alice and Bob want to flip a coin by telephone." [8]
Although Alice and Bob were invented with no reference to their personality, authors soon began adding colorful descriptions. In 1983, Blum invented a backstory about a troubled relationship between Alice and Bob, writing, "Alice and Bob, recently divorced, mutually distrustful, still do business together. They live on opposite coasts, communicate mainly by telephone, and use their computers to transact business over the telephone." [9] In 1984, John Gordon delivered his famous [10] "After Dinner Speech" about Alice and Bob, which he imagines to be the first "definitive biography of Alice and Bob." [11]
In addition to adding backstories and personalities to Alice and Bob, authors soon added other characters, with their own personalities. The first to be added was Eve, the "eavesdropper." Eve was invented in 1988 by Charles Bennet, Gilles Brassard, and Jean-Marc Robert, in their paper, "Privacy Amplification by Public Discussion." [12] In Bruce Schneier's book Applied Cryptography, other characters are listed. [13]
This section needs additional citations for verification .(May 2023) |
The most common characters are Alice and Bob. Eve, Mallory, and Trent are also common names, and have fairly well-established "personalities" (or functions). The names often use alliterative mnemonics (for example, Eve, "eavesdropper"; Mallory, "malicious") where different players have different motives. Other names are much less common and more flexible in use. Sometimes the genders are alternated: Alice, Bob, Carol, Dave, Eve, etc. [14]
Alice and Bob | The original, generic characters. Generally, Alice and Bob want to exchange a message or cryptographic key. |
Carol, Carlos or Charlie | A generic third participant. |
Chuck or Chad | A third participant, usually of malicious intent. [15] |
Craig | A password cracker, often encountered in situations with stored passwords. |
Dan, Dave or David | A generic fourth participant. |
Erin | A generic fifth participant, but rarely used, as "E" is usually reserved for Eve. |
Eve or Yves | An eavesdropper , who is usually a passive attacker. While they can listen in on messages between Alice and Bob, they cannot modify them. In quantum cryptography, Eve may also represent the environment.[ clarification needed ] |
Faythe | A trusted advisor , courier or intermediary. Faythe is used infrequently, and is associated with faith and faithfulness. Faythe may be a repository of key service or courier of shared secrets.[ citation needed ] |
Frank | A generic sixth participant. |
Grace | A government representative. For example, Grace may try to force Alice or Bob to implement backdoors in their protocols. Grace may also deliberately weaken standards. [16] |
Heidi | A mischievous designer for cryptographic standards, but rarely used. [17] |
Ivan | An issuer, mentioned first by Ian Grigg in the context of Ricardian contracts. [18] |
Judy | A judge who may be called upon to resolve a potential dispute between participants. See Judge Judy. |
Mallory [19] [20] [21] or (less commonly) Mallet [22] [23] [24] [25] or Darth [26] | A malicious attacker. Associated with Trudy, an intruder. Unlike the passive Eve, Mallory is an active attacker (often used in man-in-the-middle attacks), who can modify messages, substitute messages, or replay old messages. The difficulty of securing a system against a Mallory is much greater than against an Eve. |
Michael or Mike | Used as an alternative to the eavesdropper Eve, from microphone . |
Niaj | Used as an alternative to the eavesdropper Eve in several South Asian nations. [27] |
Olivia | An oracle , who responds to queries from other participants. Olivia often acts as a "black box" with some concealed state or information, or as a random oracle. |
Oscar | An opponent, similar to Mallory, but not necessarily malicious. |
Peggy or Pat | A prover, who interacts with the verifier to show that the intended transaction has actually taken place. Peggy is often found in zero-knowledge proofs. |
Rupert | A repudiator who appears for interactions that desire non-repudiation. |
Sybil | A pseudonymous attacker, who usually uses a large number of identities. For example, Sybil may attempt to subvert a reputation system. See Sybil attack. |
Trent or Ted | A trusted arbitrator , who acts as a neutral third party. |
Trudy | An intruder. |
Victor [19] or Vanna [28] | A verifier, who requires proof from the prover. |
Walter | A warden , who may guard Alice and Bob. |
Wendy | A whistleblower , who is an insider with privileged access capable of divulging information. |
For interactive proof systems there are other characters:
Arthur and Merlin | Merlin provides answers, and Arthur asks questions. [29] Merlin has unbounded computational ability (like the wizard Merlin). In interactive proof systems, Merlin claims the truth of a statement, and Arthur (like King Arthur), questions him to verify the claim. |
Paul and Carole | Paul asks questions, and Carole provides answers. In the solution of the Twenty Questions problem, [30] Paul (standing in for Paul Erdős) asked questions and Carole (an anagram of "oracle") answered them. Paul and Carole were also used in combinatorial games, in the roles of pusher and chooser. [31] |
Arthur and Bertha | Arthur is the "left", "black", or "vertical" player, and Bertha is the "right", "white", or "horizontal" player in a combinatorial game. Additionally, Arthur, given the same outcome, prefers a game to take the fewest moves, while Bertha prefers a game to take the most moves. [32] |
The names Alice and Bob are often used to name the participants in thought experiments in physics. [33] [34] More alphabetical names, usually of alternating gender, are used as required, e.g. "Alice and Bob (and Carol and Dick and Eve)". [35]
In experiments involving robotic systems, the terms "Alice Robot" and "Bob Robot" refer to mobile platforms responsible for transmitting quantum information and receiving it with quantum detectors, respectively, within the context of the field of quantum robotics. [36] [37] [38] [39] [40] [41]
Diffie–Hellman (DH) key exchange is a mathematical method of securely generating a symmetric cryptographic key over a public channel and was one of the first public-key protocols as conceived by Ralph Merkle and named after Whitfield Diffie and Martin Hellman. DH is one of the earliest practical examples of public key exchange implemented within the field of cryptography. Published in 1976 by Diffie and Hellman, this is the earliest publicly known work that proposed the idea of a private key and a corresponding public key.
Elliptic-curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. ECC allows smaller keys to provide equivalent security, compared to cryptosystems based on modular exponentiation in Galois fields, such as the RSA cryptosystem and ElGamal cryptosystem.
Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic algorithms based on mathematical problems termed one-way functions. Security of public-key cryptography depends on keeping the private key secret; the public key can be openly distributed without compromising security.
RSA (Rivest–Shamir–Adleman) is a public-key cryptosystem, one of the oldest widely used for secure data transmission. The initialism "RSA" comes from the surnames of Ron Rivest, Adi Shamir and Leonard Adleman, who publicly described the algorithm in 1977. An equivalent system was developed secretly in 1973 at Government Communications Headquarters (GCHQ), the British signals intelligence agency, by the English mathematician Clifford Cocks. That system was declassified in 1997.
Quantum key distribution (QKD) is a secure communication method that implements a cryptographic protocol involving components of quantum mechanics. It enables two parties to produce a shared random secret key known only to them, which then can be used to encrypt and decrypt messages. The process of quantum key distribution is not to be confused with quantum cryptography, as it is the best-known example of a quantum-cryptographic task.
A key in cryptography is a piece of information, usually a string of numbers or letters that are stored in a file, which, when processed through a cryptographic algorithm, can encode or decode cryptographic data. Based on the used method, the key can be different sizes and varieties, but in all cases, the strength of the encryption relies on the security of the key being maintained. A key's security strength is dependent on its algorithm, the size of the key, the generation of the key, and the process of key exchange.
A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. A valid digital signature on a message gives a recipient confidence that the message came from a sender known to the recipient.
In cryptography, a key-agreement protocol is a protocol whereby two parties generate a cryptographic key as a function of information provided by each honest party so that no party can predetermine the resulting value. In particular, all honest participants influence the outcome. A key-agreement protocol is a specialisation of a key-exchange protocol.
Ronald Linn Rivest is an American cryptographer and computer scientist whose work has spanned the fields of algorithms and combinatorics, cryptography, machine learning, and election integrity. He is an Institute Professor at the Massachusetts Institute of Technology (MIT), and a member of MIT's Department of Electrical Engineering and Computer Science and its Computer Science and Artificial Intelligence Laboratory.
Articles related to cryptography include:
Key/Config-authentication is used to solve the problem of authenticating the keys of a person that some other person is talking to or trying to talk to. In other words, it is the process of assuring that the key of "person A", held by "person B", does in fact belong to "person A" and vice versa.
A cryptosystem is considered to have information-theoretic security if the system is secure against adversaries with unlimited computing resources and time. In contrast, a system which depends on the computational cost of cryptanalysis to be secure is called computationally, or conditionally, secure.
BB84 is a quantum key distribution scheme developed by Charles Bennett and Gilles Brassard in 1984. It is the first quantum cryptography protocol. The protocol is provably secure assuming a perfect implementation, relying on two conditions: (1) the quantum property that information gain is only possible at the expense of disturbing the signal if the two states one is trying to distinguish are not orthogonal ; and (2) the existence of an authenticated public classical channel. It is usually explained as a method of securely communicating a private key from one party to another for use in one-time pad encryption. The proof of BB84 depends on a perfect implementation. Side channel attacks exist, taking advantage of non-quantum sources of information. Since this information is non-quantum, it can be intercepted without measuring or cloning quantum particles.
Cryptography, or cryptology, is the practice and study of techniques for secure communication in the presence of adversarial behavior. More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, information security, electrical engineering, digital signal processing, physics, and others. Core concepts related to information security are also central to cryptography. Practical applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications.
The following outline is provided as an overview of and topical guide to cryptography:
Quantum cryptography is the science of exploiting quantum mechanical properties to perform cryptographic tasks. The best known example of quantum cryptography is quantum key distribution, which offers an information-theoretically secure solution to the key exchange problem. The advantage of quantum cryptography lies in the fact that it allows the completion of various cryptographic tasks that are proven or conjectured to be impossible using only classical communication. For example, it is impossible to copy data encoded in a quantum state. If one attempts to read the encoded data, the quantum state will be changed due to wave function collapse. This could be used to detect eavesdropping in quantum key distribution (QKD).
Knapsack cryptosystems are cryptosystems whose security is based on the hardness of solving the knapsack problem. They remain quite unpopular because simple versions of these algorithms have been broken for several decades. However, that type of cryptosystem is a good candidate for post-quantum cryptography.
Quantum secret sharing (QSS) is a quantum cryptographic scheme for secure communication that extends beyond simple quantum key distribution. It modifies the classical secret sharing (CSS) scheme by using quantum information and the no-cloning theorem to attain the ultimate security for communications.
Quantum robotics is an interdisciplinary field that investigates the intersection of robotics and quantum mechanics. This field, in particular, explores the applications of quantum phenomena such as quantum entanglement within the realm of robotics. Examples of its applications include quantum communication in multi-agent cooperative robotic scenarios, the use of quantum algorithms in performing robotics tasks, and the integration of quantum devices in robotic systems.
{{cite book}}
: CS1 maint: location missing publisher (link)Mallet can intercept Alice's database inquiry, and substitute his own public key for Alice's. He can do the same to Bob.
Mallet maintains the illusion that Alice and Bob are talking to each other rather than to him by intercepting the messages and retransmitting them.
Mallet represents an active adversary that not only listens to all communications between Alice and Bob but can also modify the contents of any communication he sees while it is in transit.
We model key choices of Alice, Bob and adversary Mallet as independent random variables A, B and M [...]
Suppose Alice and Bob wish to exchange keys, and Darth is the adversary.