1. Security Definitions

Your implementation competes against a single adversary. These sections describes the specific adversary definition (Threat Model) and the specific definitions of confidentiality and integrity that your system must adhere to.

Who is the adversary?

In the real world, this could take form in multiple ways. In the most extreme case, the adversary may be a malicious network attacker who also takes over control of the Dataserver, or a curious cloud storage provider who is interested in snooping on its clients’ data. A less-extreme case is to consider the backing storage of the Dataserver itself: data storage may degrade over time and so having some integrity verification mechanism on the data we store on the server is still useful. Finally, consider the liability issues from outsourcing a plaintext dataset to a third-party cloud storage provider (as discussed in the Cloud Security lecture).

• 1.1. Threat Model
• 1.2. Confidentiality
• 1.3. Integrity