Why cryptosystems fail

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Why cryptosystems fail

Full text

Pdf (6.53 MB)

Source

Communications of the ACM archive
Volume 37 , Issue 11 (November 1994) table of contents

Pages: 32 - 40

Year of Publication: 1994

ISSN:0001-0782

Author

Ross J. Anderson

Cambridge Univ., Cambridge, UK

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 34, Downloads (12 Months): 103, Citation Count: 39

Additional Information:

references cited by index terms review collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/188280.188291 What is a DOI?

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Abadi M. and Needham R. M. Prudent Engineering Practice for Cryptographic Protocols. Tech Rep. 125, DEC SRC, June 1994.
	2	Ross J. Anderson, UEPS - A Second Generation Electronic Wallet, Proceedings of the Second European Symposium on Research in Computer Security, p.411-418, November 23-25, 1992
	3	Ross Anderson, Why cryptosystems fail, Proceedings of the 1st ACM conference on Computer and communications security, p.215-227, November 03-05, 1993, Fairfax, Virginia, United States [doi>10.1145/168588.168615]
	4	Anderson R. J. The classification of hash functions. IN proceedings of the 4th IMA conference in Cryptography and Coding (1993). To be published.
	5	Richard Baskerville, Information systems security design methods: implications for information systems development, ACM Computing Surveys (CSUR), v.25 n.4, p.375-414, Dec. 1993 [doi>10.1145/162124.162127]
	6	Boyd C., and Mao, W. B. Limitations of logical analysis of cryptographic prtocols. In Pre-proceedings of Eurocrypt 93, pp. T88-T96.
	7	Frederick P. Brooks, Jr., The Mythical Man-Month: Essays on Softw, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1978
	8	John A. Bull , Li Gong , Karen R. Sollins, Towards Security in an Open Systems Federation, Proceedings of the Second European Symposium on Research in Computer Security, p.3-20, November 23-25, 1992
	9	Burrows M., Abadi M., and Needham R. M. A logic of authentication. In proceedings of the Royal Scoiety of London A, vol. 426, 1989, pp. 233 - 271.
	10	Ricky W. Butler , George B. Finelli, The infeasibility of experimental quantification of life-critical software reliability, Proceedings of the conference on Software for citical systems, p.66-76, December 04-06, 1991, New Orleans, Louisiana, United States
	11	Faigin D.P., Donndelinger J. J. , and Jones J. R. A rigurous approach to determining objects. In Proceedings of the 9th Annual Commputer Security Applications Conference, IEEE, 1993, pp. 159-168.
	12	Gong L. Thoughts on Cryptographic protocols. In Proceedings of the 1993 Cambridge protocols Workshop. Lecture Notes in Computer Science. Springer-Verlag, NewYork. To be published.
	13	Harold Joseph Highland, Perspectives in Information Technology Security, Proceedings of the IFIP 12th World Computer Congress on Education and Society - Information Processing '92 - Volume 2, p.440-446, September 07-12, 1992
	14	Jack R. B. (chairman) Banking services: law and practice Review Committe, HMSO, London, 1989.
	15	Dorothy Judd v Citibank, in 435 NYS, 2d series, pp. 210-212, 107 Misc. 2d 526.
	16	Kahn D. The codebreakers. Macmillan, New York, 1967.
	17	Landwehr C.E. Bull, A.R. McDermott J. P. and Choi, W. S. A taxanomy of computer program security flaws, with examples. U.S. Naval Research Laboratory report NRL/FR/5542-93-9591.
	18	Lewis B. how tro rob a bank the cash card way, Thje Sunday Telegraph, 25 April 1993, p. 5.
	19	Macrae, N. Sir Humphrey fudges his half-reforms, The Sunday Times 17 July 1994, sec.4, p.4.
	20	McDermid, J.A. Issues in the development of safety critical systems. Public Lecture, Cambridge, 3 Feb. 1993.
	21	Meyer, C.H., and Matyas, S.M. Cryptography: A New Dimension in Computer Data Security, John Wiley & Sons, New York, 1982.
	22	Morris, R. In Proceedings of the 1993 Cambridge Protocols Workshop. Lecture Notes in Computer Science. Springer-Verlag, New York. To be published.
	23	U.S. Department of Defence, Trusted Computer System Evalution Criteria, 5200.28-STD, December 1985.
	24	Wiener, M.J. Efficient DES Jey Search, Technical Report TR-244, School of Computer Science, Carleton University, Ottawa, May 1994.
	25	Thomas Y. C. Woo , Simon S. Lam, A Semantic Model for Authentication Protocols, Proceedings of the 1993 IEEE Symposium on Security and Privacy, p.178, May 24-26, 1993

CITED BY 40

	Andreas Pfitzmann , Birgit Pfitzmann , Matthias Schunter , Michael Waidner, Trusting Mobile User Devices and Security Modules, Computer, v.30 n.2, p.61-68, February 1997
	Kok Ming Ang , William J. Caelli, Certificate based PKI and B2B E-commerce: suitable match or not?, Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge, June 11-13, 2001, Paris, France
	Ross J. Anderson , S. Johann Bezuidenhoudt, On the Reliability of Electronic Payment Systems, IEEE Transactions on Software Engineering, v.22 n.5, p.294-301, May 1996
	Five dimensions of information security awareness, ACM SIGCAS Computers and Society, v.31 n.2, p.24-29, June 2001
	Birgit Pfitzmann , Michael Waidner, Strong loss tolerance of electronic coin systems, ACM Transactions on Computer Systems (TOCS), v.15 n.2, p.194-213, May 1997
	John Kelsey , Bruce Schneier, Conditional purchase orders, Proceedings of the 4th ACM conference on Computer and communications security, p.117-124, April 01-04, 1997, Zurich, Switzerland
	N. Asokan , Phillipe A. Janson , Michael Steiner , Michael Waidner, The State of the Art in Electronic Payment Systems, Computer, v.30 n.9, p.28-35, September 1997
	Andrew S. Patrick , A. Chris Long , Scott Flinn, HCI and security systems, CHI '03 extended abstracts on Human factors in computing systems, April 05-10, 2003, Ft. Lauderdale, Florida, USA
	Mike Bond , Ross Anderson, API-Level Attacks on Embedded Systems, Computer, v.34 n.10, p.67-75, October 2001
	Computer Security in the Real World, Computer, v.37 n.6, p.37-46, June 2004
	Jan Jürjens, Modelling audit security for Smart-Card payment schemes with UML-SEC, Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge, June 11-13, 2001, Paris, France
	Erland Jonsson , Lars Strömberg , Stefan Lindskog, On the functional relation between security and dependability impairments, Proceedings of the 1999 workshop on New security paradigms, p.104-111, September 22-24, 1999, Caledon Hills, Ontario, Canada
	Patiwat Panurach, Money in electronic commerce: digital cash, electronic fund transfer, and Ecash, Communications of the ACM, v.39 n.6, p.45-50, June 1996
	Panagiotis Louridas, Some guidelines for non-repudiation protocols, ACM SIGCOMM Computer Communication Review, v.30 n.5, October 2000
	Trevor Pering , Murali Sundar , John Light , Roy Want, Photographic Authentication through Untrusted Terminals, IEEE Pervasive Computing, v.2 n.1, p.30-36, January 2003
	Bruce Schneier, Cryptographic Design Vulnerabilities, Computer, v.31 n.9, p.29-33, September 1998
	Taejoon Park , Kang G. Shin, Soft Tamper-Proofing via Program Integrity Verification in Wireless Sensor Networks, IEEE Transactions on Mobile Computing, v.4 n.3, p.297-309, May 2005
	Mikko T. Siponen, An analysis of the traditional IS security approaches: implications for research and practice, European Journal of Information Systems, v.14 n.3, p.303-315, September 2005
	Mikko T. Siponen, A paradigmatic analysis of conventional approaches for developing and managing secure IS, Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge, June 11-13, 2001, Paris, France
	Fabio Massacci , John Mylopoulos , Nicola Zannone, Computer-aided Support for Secure Tropos, Automated Software Engineering, v.14 n.3, p.341-364, September 2007
	Eva Rose, Lightweight Bytecode Verification, Journal of Automated Reasoning, v.31 n.3-4, p.303-334, 2003
	Furkan Tari , A. Ant Ozok , Stephen H. Holden, A comparison of perceived and real shoulder-surfing risks between alphanumeric and graphical passwords, Proceedings of the second symposium on Usable privacy and security, July 12-14, 2006, Pittsburgh, Pennsylvania
	Aydan R. Yumerefendi , Jeffrey S. Chase, Trust but verify: accountability for network services, Proceedings of the 11th workshop on ACM SIGOPS European workshop: beyond the PC, p.37-es, September 19-22, 2004, Leuven, Belgium
	Rachna Dhamija , Adrian Perrig, Déjà Vu: a user study using images for authentication, Proceedings of the 9th conference on USENIX Security Symposium, p.4-4, August 14-17, 2000, Denver, Colorado
	Alma Whitten , J. D. Tygar, Why Johnny can't encrypt: a usability evaluation of PGP 5.0, Proceedings of the 8th conference on USENIX Security Symposium, p.14-14, August 23-26, 1999, Washington, D.C.
	Peter Gutmann, Lessons Learned in Implementing and Deploying Crypto Software, Proceedings of the 11th USENIX Security Symposium, p.315-325, August 05-09, 2002
	Ross Anderson , Markus Kuhn, Tamper resistance: a cautionary note, Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce, p.1-1, November 18-21, 1996, Oakland, California
	John Kelsey , Bruce Schneier, Authenticating secure tokens using slow memory access, Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology, p.12-12, May 10-11, 1999, Chicago, Illinois
	Jong-Hyeon Lee, A resilient access control scheme for secure electronic transactions, Proceedings of the 3rd conference on USENIX Workshop on Electronic Commerce, p.7-7, August 31-September 03, 1998, Boston, Massachusetts
	Bruce Schneier , Adam Shostack, Breaking up is hard to do: modeling security threats for smart cards, Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology, p.19-19, May 10-11, 1999, Chicago, Illinois
	Mihir Bellare , Juan A. Garay , Ralf Hauser , Amir Herzberg , Hugo Krawczyk , Michael Steiner , Gene Tsudik , Michael Waidner, iKP: a family of secure electronic payment protocols, Proceedings of the 1st conference on USENIX Workshop on Electronic Commerce, p.7-7, July 11-12, 1995, New York, New York
	Aydan R. Yumerefendi , Jeffrey S. Chase, Strong accountability for network storage, ACM Transactions on Storage (TOS), v.3 n.3, p.11-es, October 2007
	Li Gong, Enclaves: enabling secure collaboration over the internet, Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography, p.15-15, July 22-25, 1996, San Jose, California
	Don Davis, Compliance defects in public-key cryptography, Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography, p.17-17, July 22-25, 1996, San Jose, California
	Giovanni Iachello , Jason Hong, End-user privacy in human-computer interaction, Foundations and Trends in Human-Computer Interaction, v.1 n.1, p.1-137, January 2007
	Ross Anderson , Cunsheng Ding , Tor Helleseth , Torleiv Klove, How to Build Robust Shared Control Systems, Designs, Codes and Cryptography, v.15 n.2, p.111-124, Nov. 1998
	Anthony J. Nicholson , Mark D. Corner , Brian D. Noble, Mobile Device Security Using Transient Authentication, IEEE Transactions on Mobile Computing, v.5 n.11, p.1489-1502, November 2006
	Yohei Hori , Hiroyuki Yokoyama , Hirofumi Sakane , Kenji Toda, A Secure Content Delivery System Based on a Partially Reconfigurable FPGA, IEICE - Transactions on Information and Systems, v.E91-D n.5, p.1398-1407, May 2008
	YuYue Du , ChangJun Jiang , MengChu Zhou, A Petri net-based model for verification of obligations and accountability in cooperative systems, IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans, v.39 n.2, p.299-308, March 2009
	Luca Compagna , Paul El Khoury , Alžbeta Krausová , Fabio Massacci , Nicola Zannone, How to integrate legal requirements into a requirements engineering methodology for the development of security and privacy patterns, Artificial Intelligence and Law, v.17 n.1, p.1-30, March 2009

INDEX TERMS

Primary Classification:
K. Computing Milieux
K.4 COMPUTERS AND SOCIETY
K.4.2 Social Issues
Subjects: Abuse and crime involving computers**

Additional Classification:
C. Computer Systems Organization
C.2 COMPUTER-COMMUNICATION NETWORKS
C.2.0 General
Subjects: Security and protection (e.g., firewalls)

D. Software
D.4 OPERATING SYSTEMS
D.4.6 Security and Protection
Subjects: Cryptographic controls

E. Data
E.3 DATA ENCRYPTION

K. Computing Milieux
K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS

General Terms:
Design, Human Factors, Management, Security

REVIEW

"Jonathan K. Millen : Reviewer"

The first part of this paper presents about 20 fascinating examples of security failures, from the author's experience as a security consultant for the banking industry in the UK. The stories suggest that it is not at all paranoid for me to hi more...

Collaborative Colleagues:

Ross J. Anderson: colleagues

Adobe Acrobat

QuickTime

Windows Media Player

Real Player