Skip to main content
SpringerLink
Log in

Programming Satan's computer

  • Chapter
  • First Online:
Computer Science Today

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1000))

Abstract

Cryptographic protocols are used in distributed systems to identify users and authenticate transactions. They may involve the exchange of about 2–5 messages, and one might think that a program of this size would be fairly easy to get right. However, this is absolutely not the case: bugs are routinely found in well known protocols, and years after they were first published. The problem is the presence of a hostile opponent, who can alter messages at will. In effect, our task is to program a computer which gives answers which are subtly and maliciously wrong at the most inconvenient possible moment. This is a fascinating problem; and we hope that the lessons learned from programming Satan's computer may be helpful in tackling the more common problem of programming Murphy's.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. R.J. Anderson, “UEPS — A Second Generation Electronic Wallet”, In: Y. Deswarte, G. Eizenberg, J.-J. Quiswater (Eds.) Computer Security — ESORICS 92, Lecture Notes In Computer Science, Vol. 648, Springer-Verlag, Berlin, 1992, pp. 411–418.

    Google Scholar 

  2. R.J. Anderson, “Why Cryptosystems Fail”, Communications of the ACM 37:11 (1994) 32–40.

    Article  Google Scholar 

  3. R.J. Anderson, S.J. Bezuidenhout, “Cryptographic Credit Control in PrePayment Metering Systems”, in 1995 IEEE Symposium on Security and Privacy, pp. 15–23.

    Google Scholar 

  4. M. Abadi, R.M. Needham, “Prudent Engineering Practice for Cryptographic Protocols”, DEC SRC Research Report no 125, Digital Equipment Corp., June, 1994.

    Google Scholar 

  5. R.J. Anderson, R.M. Needham, “Robustness principles for public key protocols”, in: Advances in Cryptology — CRYPTO '95, (to appear).

    Google Scholar 

  6. M. Burrows, M. Abadi, R.M. Needham, “A Logic of Authentication”, in Proceedings of the Royal Society of London A 426 (1989) 233–271; earlier version published as DEC SRC Research Report no 39.

    Google Scholar 

  7. CCITT X.509 and ISO 9594-8, “The Directory — Authentication Frame-work”, CCITT Blue Book, Geneva, March 1988.

    Google Scholar 

  8. W. Diffie, M.E. Hellman, “New Directions in Cryptography”, in IEEE Transactions on Information Theory, IT-22:6 (1976) 644–654.

    Article  Google Scholar 

  9. R. Kailar, “Reasoning about Accountability in Protocols for Electronic Commerce”, in 1995 IEEE Symposium on Security and Privacy, pp. 236–250.

    Google Scholar 

  10. M. Kuhn, private communication, 1995.

    Google Scholar 

  11. R. Kemmerer, C. Meadows, J. Millen, “Three Systems for Cryptographic Protocol Verification”, in Journal of Cryptology 7:2 (1994) 79–130.

    Article  Google Scholar 

  12. B. Lewis, “How to rob a bank the cashcard way”, in: Sunday Telegraph, 25th April 1993, p 5.

    Google Scholar 

  13. G. Lowe, “An Attack on the Needham-Schroeder Public-Key Authentication Protocol”, preprint, May 1995.

    Google Scholar 

  14. J. McCormac, ‘The Black Book', Waterford University Press, 1993.

    Google Scholar 

  15. R.M. Needham, M. Schroeder, “Using encryption for authentication in large networks of computers”, Communications of the ACM 21:12 (1978) 993–999.

    Article  Google Scholar 

  16. R.L. Rivest, A. Shamir, L. Adleman, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems”, Communications of the ACM 21:2 (1978) 120–126.

    Article  Google Scholar 

  17. B. Schneier, Applied Cryptography, John Wiley & Sons, 1994.

    Google Scholar 

  18. G.J. Simmons, “Cryptanalysis and Protocol Failures”, Communications of the ACM 37:11 (1994) 56–65.

    Article  Google Scholar 

  19. M. Tatebayashi, N. Matsuzaki, D.B. Newman, “Key distribution protocol for digital mobile communication systems”, in: G. Brassard (Ed.), Advance in Cryptology — CRYPTO '89, Lecture Note in Computer Science, Vol. 435, Springer-Verlag, Berlin, 1989, pp. 324–333.

    Google Scholar 

  20. T.Y.C. Woo, S.S. Lam, “Authentication for Distributed Systems”, in IEEE Computer (January 1992) pp 39–52.

    Google Scholar 

  21. G. Welchman, The Hut Six Story — Breaking the Enigma Codes, McGraw Hill, New York, 1982.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Cambridge University Computer Laboratory, Pembroke Street, CB2 3QG, Cambridge, England

    Ross Anderson & Roger Needham

Authors
  1. Ross Anderson
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Roger Needham
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Jan van Leeuwen

Rights and permissions

Reprints and permissions

Copyright information

© 1995 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Anderson, R., Needham, R. (1995). Programming Satan's computer. In: van Leeuwen, J. (eds) Computer Science Today. Lecture Notes in Computer Science, vol 1000. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0015258

Download citation

  • DOI: https://doi.org/10.1007/BFb0015258

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-60105-0

  • Online ISBN: 978-3-540-49435-5

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation