B. Schneier. (1997) Why cryptography is harder than it looks. Electronic article. [Online]. Available: http://www.schneier.com/essay-037.html Home/Search Document Not in Database Summary Related Articles Check |
This paper is cited in the following contexts:
SPEAR II - The Security Protocol Engineering and Analysis Resource - Hutchison (1999) (Correct)
....or more of these entities. In particular, cryptographic protocols make use of security techniques to achieve goals such as confidentiality, authentication, integrity and non repudiation. The fact that strong cryptographic algorithms exist does not guarantee the security of a communications system [26]. It is widely recognized that the engineering of security protocols is a very challenging task since protocols which appear secure can contain subtle flaws and vulnerabilities that attackers can exploit [2] The odds definitely favour the attacker since defenders have to protect a system against ....
B. Schneier. Why Cryptography is Harder than it Looks. 1997.
Capability-based Financial Instruments - Miller, Morningstar, Frantz (2000) (37 citations) (Correct)
....the connection has been authenticated and secured, VatB sends a deposit message to the object with the Swiss number of BobMainPurse passing 10 and the Swiss number of the purse he received from Alice. 4. 5 Generic Protocols, Reusable Security Cryptographic protocol design is hard and error prone [34]. When we can, we should design generic protocols that implement highly reusable security abstractions. The messages sent between the Alice, Bob, and the mint above are like those that might have been part of a simple cryptographic payment protocol. However, rather than having to design a ....
Bruce Schneier, "Why Cryptography Is Harder Than It Looks", Counterpane Systems, 1996, http://www.counterpane.com/whycrypto.html
No Silver Bullet : Inherent Limitations of.. - Humphries.. (2000) (Correct)
....system is easy to do badly, and very difficult to do well [7] because cryptographic system design is an art as well as a science. Those who design and implement these systems must strike a balance between security and convenience, anonymity and accountability, privacy and availability [13]. Smart attackers will just go around the cryptography and target weaker points in the system [12] The first problem with cryptography is that it lulls the user into a false sense of security. The cryptography now on the market doesn t usually provide the level of security it advertises. Most ....
.... techniques employed [10] Some people believe that longer keys will solve the problem, but using longer keys doesn t necessarily translate into better security [7, 12] In practice, most attackers rarely break cryptography through mathematics; other parts of the system are much easier to break [13]. Attackers can almost always find ways that bypass these algorithms by exploiting errors in design, implementation, and installation [7] The people who break into systems don t follow the rules. They often attack a system using methods the designers never considered [8] For example, key ....
[Article contains additional citation context not shown here]
B. Schneier, "Why Cryptography is Harder than it Looks," Information Security Bulletin, vol. 2, no. 2, 1997, pp. 3136.
Using Recommendations for Managing Trust in Distributed Systems - Stephen, Hailes (2 citations) (Correct)
.... argument [DoD85] as highlighted by panel discussions in [Zur97] and also the underlying message in Bruce Schneier s words: No amount of general beta testing will cryptography [RRJ96] 2 See [Abd97] reveal a security flaw, and there s no test possible that can prove the absence of flaws [Sch97]. If a secure system is desired, trust assumptions must be explicit. It is insufficient to say that Alice trusts Bob. More qualification is required: What does Alice trust Bob for, how much does Alice trust Bob and under what circumstances does that trust relationship hold or break 3.4 ....
Bruce Schneier. Why Cryptography Is Harder Than It Looks. Information Security Bulletin, Vol. 2 No. 2, March 1997, pp. 31-36.
A Distributed Trust Model - Abdul-Rahman, Halles (1997) (7 citations) (Correct)
....trust 3 . 3. 4 Transitivity A common assumption of most authentication protocols is that trust is transitive, i.e. the assumption that 2 In Bruce Schneier s words: No amount of general beta testing will reveal a security flaw, and there s no test possible that can prove the absence of flaws [Sch97]. 3 An interesting report on a conference panel regarding this subject can be found in [Zur97] Alice trusts Bob) Bob trusts Cathy) Alice trusts Cathy This is not generally true [Js96, CH96] We posit that transitivity may hold if certain conditions are met. We have termed this ....
Bruce Schneier. Why Cryptography Is Harder Than It Looks. Information Security Bulletin, Vol. 2 No. 2, March 1997, pp. 31-36. Available at http://www.counterpane.com.
Secure Videoconferencing - Honeyman, Adamson, Coffman.. (1 citation) (Correct)
....and are accessed through narrowly defined interfaces, we have confidence in the strength of the system s security. 1. Introduction Security and cryptography research and development are advancing at an accelerating rate, yet the payoff in secure distributed applications is not being realized [1, 2]. This failure is due in part to limitations in Internet infrastructure, such as secure naming and routing, which are not to be found except in isolated prototypes. Progress is being made in securing the essential fabric of the Internet [3, 4, 5] but even these efforts may fail to meet the ....
Bruce Schneier, Why cryptography is harder than it looks, http://www.counterpane.com/ whycrypto.html, December 23, 1996.
An Information Security Education Initiative for.. - Chin, Irvine, Frincke. (1997) (2 citations) (Correct)
....a small collection of books and papers and become a competent instructor in this area without an extensive apprenticeship in the field. We note that caution should be exercised when attempting to become a practitioner. The design of good protocols and cryptosystems requires significant expertise [1, 36, 38]. Despite its appeal, cryptography and its application is only one part of an overall approach to computer and network security; a program confined to cryptography and cryptographic protocols, will be insufficient to convey to students the foundational concepts and design principles that must be ....
Bruce Schneier. Why Cryptography Is Harder Than It Looks. URL http://www.counterpane.com/whycrypto.html.
CS555 Syllabus---Spring 1997 - Ted Faber (1997) (Correct)
....4 Naming Resource Discovery Class 8 (Feb. 6) Faber: Classic naming [23, 24, 25] Class 9 (Feb. 11) Faber: Naming extensions [26, 27, 28] Homework 1 due, homework 2 given out. Class 10 (Feb. 13) Faber: Internet naming [29, 30] 5 Security Class 11 (Feb. 18) Heidemann: Security overview [31, 32, 33], Text Chapter 16 (Security) Homework 1 returned. Class 12 (Feb. 20) Heidemann: Key distribution, confinement, logic [34, 35, 36] 6 File Systems Class 13 (Feb. 25) Faber: RAID and HSM [37, 39] Text Chapter 7 (File Service: A Model) Homework 2 due. Class 14 (Feb. 27) Faber: log structured ....
Bruce Schneier. Why cryptography is harder than it looks. Risks-Forum Digest (comp.risks), 18(61), 15 November 1996.
CS555 Syllabus---Spring 1998 - John Heidemann (1998) (Correct)
....4 given out. Paper proposal due. Spring break. Class 14 (Mar. 16) Distributed file systems II [36, 37] 5 Replication Class 15 (Mar. 18) Voting, Coda, Ficus [38, 39, 40] 6 Distributed state Class 16 (Mar. 23) Distributed state [41, 42] 7 Security Class 17 (Mar. 25) Security overview [43, 44, 45]. Optional: Text Chapter 16 (Security) Class 18 (Mar. 30) Key distribution, confinement, logic [46, 47, 48] Homework 4 due, homework 5 given out. 8 Databases Class 19 (Apr. 1) Databases and OS [49, 50] Optional: Text Chapter 12 (Shared Data and Transactions) 14 (Distributed ....
Bruce Schneier. Why cryptography is harder than it looks. Risks-Forum Digest (comp.risks), 18(61), 15 November 1996.
CS555 Syllabus-Spring 1998 - Heidemann (1998) (Correct)
....4 given out. Paper proposal due. Spring break. Class 14 (Mar. 16) Distributed file systems II [36, 37] 5 Replication Class 15 (Mar. 18) Voting, Coda, Ficus [38, 39, 40] 6 Distributed state Class 16 (Mar. 23) Distributed state [41, 42] 7 Security Class 17 (Mar. 25) Security overview [43, 44, 45]. Optional: Text Chapter 16 (Security) Class 18 (Mar. 30) Key distribution, confinement, logic [46, 47, 48] Homework 4 due, homework 5 given out. 8 Databases Class 19 (Apr. 1) Databases and OS [49, 50] Optional: Text Chapter 12 (Shared Data and Transactions) 14 (Distributed ....
Bruce Schneier. Why cryptography is harder than it looks. Risks-Forum Digest (comp.risks), 18(61), 15 November 1996.
Threat Modeling Networked And Data-Centric Systems - Myagmar (2005) (Correct)
No context found.
B. Schneier. (1997) Why cryptography is harder than it looks. Electronic article. [Online]. Available: http://www.schneier.com/essay-037.html
Threat Modeling as a Basis for Security Requirements - Myagmar, Lee, Yurcik (2005) (Correct)
No context found.
B. Schneier. Why Cryptography is Harder than it Looks. Electronic Article, 1997.
Daniel Adkins Karthik Lakshminarayanan Adrian Perrig Ion Stoica - Uc Berkeley Uc (Correct)
No context found.
B. Schneier. Why cryptography is harder than it looks. http://www.counterpane.com/whycrypto. html, 1997.
IP Multicast Applications: Challenges and Solutions - Quinn, Almeroth (2001) (16 citations) (Correct)
No context found.
B. Schneier, "Why Cryptography Is Harder Than It Looks", December 1996, http://www.counterpane.com/whycrypto.html
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC