Title :
Protocol failures in cryptosystems
Author_Institution :
Sandia Nat. Lab., Albuquerque, NM, USA
fDate :
5/1/1988 12:00:00 AM
Abstract :
When a cryptoalgorithm is used to solve data security or authentication problems, it is implemented within the context of a protocol that specifies the appropriate procedures for data handling. The purpose of the protocol is to ensure that when the cryptosystem is applied, the level of security or authentication required by the system is actually attained. The author surveys a collection of protocols in which this goal has not been met, not because of a failure of the cryptoalgorithm used, but rather because of shortcomings in the design of the protocol. Guidelines for the development of sound protocols are extracted from an analysis of these failures
Keywords :
cryptography; failure analysis; protocols; authentication problems; cryptoalgorithm; cryptosystems; data handling procedures; data security; failure analysis; protocols; Authentication; Cryptographic protocols; Cryptography; Data security; Databases; Electronic mail; Failure analysis; Guidelines; History; Protection;
Journal_Title :
Proceedings of the IEEE
