Abstract
Cryptographic protocols are used in distributed systems to identify users and authenticate transactions. They may involve the exchange of about 2–5 messages, and one might think that a program of this size would be fairly easy to get right. However, this is absolutely not the case: bugs are routinely found in well known protocols, and years after they were first published. The problem is the presence of a hostile opponent, who can alter messages at will. In effect, our task is to program a computer which gives answers which are subtly and maliciously wrong at the most inconvenient possible moment. This is a fascinating problem; and we hope that the lessons learned from programming Satan's computer may be helpful in tackling the more common problem of programming Murphy's.
Preview
Unable to display preview. Download preview PDF.
References
R.J. Anderson, “UEPS — A Second Generation Electronic Wallet”, In: Y. Deswarte, G. Eizenberg, J.-J. Quiswater (Eds.) Computer Security — ESORICS 92, Lecture Notes In Computer Science, Vol. 648, Springer-Verlag, Berlin, 1992, pp. 411–418.
R.J. Anderson, “Why Cryptosystems Fail”, Communications of the ACM 37:11 (1994) 32–40.
R.J. Anderson, S.J. Bezuidenhout, “Cryptographic Credit Control in PrePayment Metering Systems”, in 1995 IEEE Symposium on Security and Privacy, pp. 15–23.
M. Abadi, R.M. Needham, “Prudent Engineering Practice for Cryptographic Protocols”, DEC SRC Research Report no 125, Digital Equipment Corp., June, 1994.
R.J. Anderson, R.M. Needham, “Robustness principles for public key protocols”, in: Advances in Cryptology — CRYPTO '95, (to appear).
M. Burrows, M. Abadi, R.M. Needham, “A Logic of Authentication”, in Proceedings of the Royal Society of London A 426 (1989) 233–271; earlier version published as DEC SRC Research Report no 39.
CCITT X.509 and ISO 9594-8, “The Directory — Authentication Frame-work”, CCITT Blue Book, Geneva, March 1988.
W. Diffie, M.E. Hellman, “New Directions in Cryptography”, in IEEE Transactions on Information Theory, IT-22:6 (1976) 644–654.
R. Kailar, “Reasoning about Accountability in Protocols for Electronic Commerce”, in 1995 IEEE Symposium on Security and Privacy, pp. 236–250.
M. Kuhn, private communication, 1995.
R. Kemmerer, C. Meadows, J. Millen, “Three Systems for Cryptographic Protocol Verification”, in Journal of Cryptology 7:2 (1994) 79–130.
B. Lewis, “How to rob a bank the cashcard way”, in: Sunday Telegraph, 25th April 1993, p 5.
G. Lowe, “An Attack on the Needham-Schroeder Public-Key Authentication Protocol”, preprint, May 1995.
J. McCormac, ‘The Black Book', Waterford University Press, 1993.
R.M. Needham, M. Schroeder, “Using encryption for authentication in large networks of computers”, Communications of the ACM 21:12 (1978) 993–999.
R.L. Rivest, A. Shamir, L. Adleman, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems”, Communications of the ACM 21:2 (1978) 120–126.
B. Schneier, Applied Cryptography, John Wiley & Sons, 1994.
G.J. Simmons, “Cryptanalysis and Protocol Failures”, Communications of the ACM 37:11 (1994) 56–65.
M. Tatebayashi, N. Matsuzaki, D.B. Newman, “Key distribution protocol for digital mobile communication systems”, in: G. Brassard (Ed.), Advance in Cryptology — CRYPTO '89, Lecture Note in Computer Science, Vol. 435, Springer-Verlag, Berlin, 1989, pp. 324–333.
T.Y.C. Woo, S.S. Lam, “Authentication for Distributed Systems”, in IEEE Computer (January 1992) pp 39–52.
G. Welchman, The Hut Six Story — Breaking the Enigma Codes, McGraw Hill, New York, 1982.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1995 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Anderson, R., Needham, R. (1995). Programming Satan's computer. In: van Leeuwen, J. (eds) Computer Science Today. Lecture Notes in Computer Science, vol 1000. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0015258
Download citation
DOI: https://doi.org/10.1007/BFb0015258
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-60105-0
Online ISBN: 978-3-540-49435-5
eBook Packages: Springer Book Archive