Abstract
We present a number of attacks, some new, on public key protocols. We also advance a number of principles which may help designers avoid many of the pitfalls, and help attackers spot errors which can be exploited.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
RJ Anderson, “Attack on server-assisted authentication protocols”, in Electronics Letters v 28 no 15 (16th July 1992) p 1473
RJ Anderson, “UEPS-A Second Generation Electronic Wallet”, Computer Security — ESORICS 92, Springer LNCS volume 648 in 411–418
RJ Anderson, “A practical RSA trapdoor”, in Electronics Letters v 29 no 11 (27th May 1993) p 995
RJ Anderson, “The Classification of Hash Functions”, in Codes and Ciphers (proceedings of fourth IMA Conference on Cryptography and Coding, December 1993), published by IMA (1995) pp 83–93
RJ Anderson, “Why Cryptosystems Fail”, in Communications of the ACM v 37 no 11 (November 1994) pp 32–40
RJ Anderson, “Liability and Computer Security — Nine Principles”, in Computer Security — ESORICS 94, Springer LNCS v 875 pp 231–245
M Abadi, RM Needham, ‘Prudent Engineering Practice for Cryptographic Protocols’, DEC SRC Research Report 125 (June 1 1994)
D Beaver, “How to Break a’ secure’ Oblivious Transfer Protocol”, in Advances in Cryptology — EUROCRYPT’ 92, Springer LNCS v 658 pp 284–296
M Burrows, M Abadi, RM Needham, “A Logic of Authentication”, in Proceedings of the Royal Society of London A v 426 (1989) pp 233–271; earlier version published as DEC SRC Research Report 39
M Burmester, “On the Risk of Opening Distributed Keys”, in Advances in Cryptology — CRYPTO’ 94, Springer LNCS v 839 pp 308–317
D Coppersmith, “Analysis of ISO/CCITT Document X.509 Annex D”, submitted to ISO
D Coppersmith, “Attack on the Cryptographic Scheme NIKS-TAS”, in Advances in Cryptology — CRYPTO’ 94, Springer LNCS v 839 pp 294–307
CCITT X.509 and ISO 9594-8, “The Directory — Authentication Framework”, CCITT Blue Book, Geneva, March 1988
IB Damgård, “Collision free hash functions and public key signature schemes”, in Advances in Cryptology — EUROCRYPT’ 87, Springer LNCS 304 pp 203–216
C Dwork, “Distributed Computing Column”, ACM SIGACT News v 26 mo 1 (Mar 94) pp 17–19
Y Desmedt, M Burmester, “Towards Practical ‘Proven Secure’ Authenticated Key Distribution”, in 1st ACM Conference on Computer and Communications Security (ACM November 1993) pp 228–231
W Diffie, ME Hellman, “New Directions in Cryptography”, in IEEE Transactions on Information Theory, IT-22 no 6 (November 1976) p 644–654
R DeMillo, M Merritt, “Protocols for Data Security”, in IEEE Computer v 16 no 2 (Feb 1983) pp 39–50
T El-Gamal, “A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms”, in IEEE Transactions on Information Theory IT-31 no 4 (July 1985) pp 469–472
A Fiat, A Shamir, “How To Prove Yourself: Practical Solutions to Identification and Signature Problems”, in Advances in Cryptology — CRYPTO 86, Springer LNCS v 263 pp 186–194
KC Goss, ‘cryptographic method and apparatus for public key exchange with/authentication’, US patent no. 4,956,863 (September 11, 1990)
ISO DIS 11770, ‘Information Technology — Security Techniques — Key Management — Part 3: Mechanisms using asymmetric techniques’, ISO IST/33/-/2:94/211
ISO 11166-1:1994, ‘Banking — Key management by means of asymmetric algorithms — Part 1: Principles, procedures and formats’, and Part 2: Approved algorithms using the RSA cryptosystem’, 15 November 1994
R Kailar, “Reasoning about Accountability in Protocols for Electronic Commerce”, accepted for Oakland 95
B Kaliski, “Anderson’s RSA trapdoor can be broken”, in Electronics Letters v 29 no 15 (22nd July 1993) pp 1387–1388
L Knudsen, “A Weakness in SAFER K-64”, this volume
R Kemmerer, C Meadows, J Millen, “Three Systems for Cryptographic Protocol Verification”, in Journal of Cryptology v 7 no 2 (Spring 1994) pp 79–130
P Landrock, talk given at Combridge Protocols Workshop, 19–21 April 1995
“Anonymous Credit Cards”, SH Low, NF Maxemchuk, S Paul, in Proceedings of 2nd ACM Conference on Computer and Communications Security (ACM, Nov 94) pp 108–117
K O’Toole, The Internet Billing Server — Transaction Protocol Alternatives”, Carnegie Mellon University report INI TR 1994-1 (April 26, 1994)
B Pfitzmann, M Waidner, “How to Break and repair a ‘Provable Secure’ Untraceable Payment System”, in Abstracts of Crypto’ 91 pp 8–14 to 8–19
B Pfitzmann, M Waidner, “How to Break Another ‘Provably Secure’ Payment System”, to appear in proceedings of Eurocrypt 95
RA Rueppel, AK Lenstra, ME Smid, KS McCurley, Y Desmedt, A Odlyzko, P Landrock, “The Eurocrypt’ 92 Controversial Issue — Trapdoor Primes and Moduli”, in Advances in cryptology — EUROCRYPT’ 92, Springer LNCS v 658 pp 194–199
RL Rivest, A Shamir, L Adleman, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems”, in Communications of the ACM 21 (1978) pp 120–126
CP Schnorr, “Efficient identification and signatures for smart cards”, in Advances in Cryptology — CRYPTO’ 89, Springer LNCS 435, pp 239–251
GJ Simmons, “Cryptanalysis and Protocol Failures”, in Communications of the ACM v 37 no 11 (November 1994) pp 56–65
GJ Simmons, “Subliminal Channels; Past and Present”, in European Transactions on Telecommunications v 5 no 4 (July/Aug 1994) pp 459–473
M Tatebayashi, N Matsuzaki, DB Newman, “Key distribution protocol for digital mobile communication systems”, in Advance in Cryptology — CRYPTO’ 89, Springer LNCS 435 pp 324–333
L Tang, D Tygar, “A fast off-line electronic currency protocol for smart cards”, in proceedings of the First Smart Card Research and Advanced Application Conference (University of Lille, Oct 94) pp 89–100
S Vaudenay, “On the need of multipermutations — Cryptanalysis of MD4 and SAFER”, in ‘Fast Software Encryption’, proceedings of KU Leuven workshop on cryptographic algorithms (Springer, to appear)
TYC Woo, SS Lam, “Authentication for Distributed Systems”, in IEEE Computer (January 1992) pp 39–52
Y Yacobi, “Efficient Electronic Money”, in Preproceedings of Asiacrypt 94 pp 131–140
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1995 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Anderson, R., Needham, R. (1995). Robustness Principles for Public Key Protocols. In: Coppersmith, D. (eds) Advances in Cryptology — CRYPT0’ 95. CRYPTO 1995. Lecture Notes in Computer Science, vol 963. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44750-4_19
Download citation
DOI: https://doi.org/10.1007/3-540-44750-4_19
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-60221-7
Online ISBN: 978-3-540-44750-4
eBook Packages: Springer Book Archive