Part of the book series:Lecture Notes in Computer Science ((LNCS,volume 963))
Included in the following conference series:
2589Accesses
102Citations
Abstract
We present a number of attacks, some new, on public key protocols. We also advance a number of principles which may help designers avoid many of the pitfalls, and help attackers spot errors which can be exploited.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
RJ Anderson, “Attack on server-assisted authentication protocols”, inElectronics Letters v28 no 15 (16th July 1992) p 1473
RJ Anderson, “UEPS-A Second Generation Electronic Wallet”,Computer Security — ESORICS 92, Springer LNCS volume648 in 411–418
RJ Anderson, “A practical RSA trapdoor”, inElectronics Letters v29 no 11 (27th May 1993) p 995
RJ Anderson, “The Classification of Hash Functions”, inCodes and Ciphers (proceedings of fourth IMA Conference on Cryptography and Coding, December 1993), published by IMA (1995) pp 83–93
RJ Anderson, “Why Cryptosystems Fail”, inCommunications of the ACM v37 no 11 (November 1994) pp 32–40
RJ Anderson, “Liability and Computer Security — Nine Principles”, inComputer Security — ESORICS 94, Springer LNCS v875 pp 231–245
M Abadi, RM Needham, ‘Prudent Engineering Practice for Cryptographic Protocols’, DEC SRC Research Report125 (June 1 1994)
D Beaver, “How to Break a’ secure’ Oblivious Transfer Protocol”, inAdvances in Cryptology — EUROCRYPT’ 92, Springer LNCS v658 pp 284–296
M Burrows, M Abadi, RM Needham, “A Logic of Authentication”, inProceedings of the Royal Society of London A v426 (1989) pp 233–271; earlier version published as DEC SRC Research Report39
M Burmester, “On the Risk of Opening Distributed Keys”, inAdvances in Cryptology — CRYPTO’ 94, Springer LNCS v839 pp 308–317
D Coppersmith, “Analysis of ISO/CCITT Document X.509 Annex D”, submitted to ISO
D Coppersmith, “Attack on the Cryptographic Scheme NIKS-TAS”, inAdvances in Cryptology — CRYPTO’ 94, Springer LNCS v839 pp 294–307
CCITT X.509 and ISO 9594-8, “The Directory — Authentication Framework”, CCITT Blue Book, Geneva, March 1988
IB Damgård, “Collision free hash functions and public key signature schemes”, inAdvances in Cryptology — EUROCRYPT’ 87, Springer LNCS304 pp 203–216
C Dwork, “Distributed Computing Column”, ACM SIGACT News v 26 mo 1 (Mar 94) pp 17–19
Y Desmedt, M Burmester, “Towards Practical ‘Proven Secure’ Authenticated Key Distribution”, in1st ACM Conference on Computer and Communications Security (ACM November 1993) pp 228–231
W Diffie, ME Hellman, “New Directions in Cryptography”, inIEEE Transactions on Information Theory,IT-22 no 6 (November 1976) p 644–654
R DeMillo, M Merritt, “Protocols for Data Security”, inIEEE Computer v16 no 2 (Feb 1983) pp 39–50
T El-Gamal, “A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms”, inIEEE Transactions on Information TheoryIT-31 no 4 (July 1985) pp 469–472
A Fiat, A Shamir, “How To Prove Yourself: Practical Solutions to Identification and Signature Problems”, inAdvances in Cryptology — CRYPTO 86, Springer LNCS v263 pp 186–194
KC Goss, ‘cryptographic method and apparatus for public key exchange with/authentication’, US patent no. 4,956,863 (September 11, 1990)
ISO DIS 11770, ‘Information Technology — Security Techniques — Key Management — Part 3: Mechanisms using asymmetric techniques’, ISO IST/33/-/2:94/211
ISO 11166-1:1994, ‘Banking — Key management by means of asymmetric algorithms — Part 1: Principles, procedures and formats’, andPart 2: Approved algorithms using the RSA cryptosystem’, 15 November 1994
R Kailar, “Reasoning about Accountability in Protocols for Electronic Commerce”, accepted forOakland 95
B Kaliski, “Anderson’s RSA trapdoor can be broken”, inElectronics Letters v29 no 15 (22nd July 1993) pp 1387–1388
L Knudsen, “A Weakness in SAFER K-64”,this volume
R Kemmerer, C Meadows, J Millen, “Three Systems for Cryptographic Protocol Verification”, inJournal of Cryptology v7 no 2 (Spring 1994) pp 79–130
P Landrock, talk given at Combridge Protocols Workshop, 19–21 April 1995
“Anonymous Credit Cards”, SH Low, NF Maxemchuk, S Paul, inProceedings of 2nd ACM Conference on Computer and Communications Security (ACM, Nov 94) pp 108–117
K O’Toole, The Internet Billing Server — Transaction Protocol Alternatives”,Carnegie Mellon University report INI TR 1994-1 (April 26, 1994)
B Pfitzmann, M Waidner, “How to Break and repair a ‘Provable Secure’ Untraceable Payment System”, inAbstracts of Crypto’ 91 pp 8–14 to 8–19
B Pfitzmann, M Waidner, “How to Break Another ‘Provably Secure’ Payment System”,to appear in proceedings of Eurocrypt 95
RA Rueppel, AK Lenstra, ME Smid, KS McCurley, Y Desmedt, A Odlyzko, P Landrock, “The Eurocrypt’ 92 Controversial Issue — Trapdoor Primes and Moduli”, inAdvances in cryptology — EUROCRYPT’ 92, Springer LNCS v658 pp 194–199
RL Rivest, A Shamir, L Adleman, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems”, inCommunications of the ACM21 (1978) pp 120–126
CP Schnorr, “Efficient identification and signatures for smart cards”, inAdvances in Cryptology — CRYPTO’ 89, Springer LNCS435, pp 239–251
GJ Simmons, “Cryptanalysis and Protocol Failures”, inCommunications of the ACM v37 no 11 (November 1994) pp 56–65
GJ Simmons, “Subliminal Channels; Past and Present”, inEuropean Transactions on Telecommunications v5 no 4 (July/Aug 1994) pp 459–473
M Tatebayashi, N Matsuzaki, DB Newman, “Key distribution protocol for digital mobile communication systems”, inAdvance in Cryptology — CRYPTO’ 89, Springer LNCS435 pp 324–333
L Tang, D Tygar, “A fast off-line electronic currency protocol for smart cards”, inproceedings of the First Smart Card Research and Advanced Application Conference (University of Lille, Oct 94) pp 89–100
S Vaudenay, “On the need of multipermutations — Cryptanalysis of MD4 and SAFER”, in ‘Fast Software Encryption’, proceedings of KU Leuven workshop on cryptographic algorithms (Springer, to appear)
TYC Woo, SS Lam, “Authentication for Distributed Systems”, inIEEE Computer (January 1992) pp 39–52
Y Yacobi, “Efficient Electronic Money”, inPreproceedings of Asiacrypt 94 pp 131–140
Author information
Authors and Affiliations
Cambridge University Computer Laboratory, Pembroke Street, Cambridge, England, CB2 3QG
Ross Anderson & Roger Needham
- Ross Anderson
Search author on:PubMed Google Scholar
- Roger Needham
Search author on:PubMed Google Scholar
Editor information
Editors and Affiliations
IBM T.J. Watson Research Center, Mathematical Sciences 32-256, P.O.Box 218, Yorktown Heights, NY, 10598, USA
Don Coppersmith
Rights and permissions
Copyright information
© 1995 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Anderson, R., Needham, R. (1995). Robustness Principles for Public Key Protocols. In: Coppersmith, D. (eds) Advances in Cryptology — CRYPT0’ 95. CRYPTO 1995. Lecture Notes in Computer Science, vol 963. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44750-4_19
Download citation
Published:
Publisher Name:Springer, Berlin, Heidelberg
Print ISBN:978-3-540-60221-7
Online ISBN:978-3-540-44750-4
eBook Packages:Springer Book Archive
Share this paper
Anyone you share the following link with will be able to read this content:
Sorry, a shareable link is not currently available for this article.
Provided by the Springer Nature SharedIt content-sharing initiative