By Topic

Cryptographic design vulnerabilities

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
B. Schneier ; Counterpane Syst., USA

Strong cryptography is very powerful when it is done right, but it is not a panacea. Focusing on cryptographic algorithms while ignoring other aspects of security is like defending your house not by building a fence around it, but by putting an immense stake in the ground and hoping that your adversary runs right into it. Counterpane Systems has spent years designing, analyzing, and breaking cryptographic systems. While they do research on published algorithms and protocols, most of their work examines actual products. They've designed and analyzed systems that protect privacy, ensure confidentiality, provide fairness, and facilitate commerce. They've worked with software, stand-alone hardware, and everything in between. They've broken their share of algorithms, but they can almost always find attacks that bypass the algorithms altogether. Counterpane Systems don't have to try every possible key or even find flaws in the algorithms. They exploit errors in design, errors in implementation, and errors in installation. Sometimes they invent a new trick to break a system, but most of the time they exploit the same old mistakes that designers make over and over again. The article conveys some of the lessons this company has learned

Published in:

Computer  (Volume:31 ,  Issue: 9 )