Prudent engineering practice for cryptographic protocols

1 January 1996

journal article
Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Transactions on Software Engineering

Vol. 22 (1), 6-15
https://doi.org/10.1109/32.481513

Abstract

We present principles for designing cryptographic protocols. The principles are neither necessary nor sufficient for correctness. They are however helpful, in that adherence to them would have prevented a number of published errors.Our principles are informal guidelines; they complement formal methods, but do not assume them. In order to demonstrate the actual applicability of these guidelines, we discuss some instructive examples from the literature.

Keywords

This publication has 27 references indexed in Scilit:

Roles in cryptographic protocols
Published by Institute of Electrical and Electronics Engineers (IEEE) ,2003
An analysis of the proxy problem in distributed systems
Published by Institute of Electrical and Electronics Engineers (IEEE) ,2002
A security architecture for fault-tolerant systems
ACM Transactions on Computer Systems, 1994
A lesson on authentication protocol design
ACM SIGOPS Operating Systems Review, 1994
Authentication in the Taos operating system
ACM Transactions on Computer Systems, 1994
On key distribution protocols for repeated authentication
ACM SIGOPS Operating Systems Review, 1993
Authentication for distributed systems
Computer, 1992
Limitations of the Kerberos authentication system
ACM SIGCOMM Computer Communication Review, 1990
Security Mechanisms in High-Level Network Protocols
ACM Computing Surveys, 1983
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM, 1978

Cited by 268 articles