Communications of the ACM
The risks of key recovery, key escrow, and trusted third-party encryption
World Wide Web Journal - Special issue: Web security: a matter of trust
Side Channel Cryptanalysis of Product Ciphers
ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
Protocol Interactions and the Chosen Protocol Attack
Proceedings of the 5th International Workshop on Security Protocols
Tamper resistance: a cautionary note
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
Software generation of practically strong random numbers
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Some guidelines for non-repudiation protocols
ACM SIGCOMM Computer Communication Review
Graphics and Security: Exploring Visual Biometrics
IEEE Computer Graphics and Applications
IWAN '00 Proceedings of the Second International Working Conference on Active Networks
Encyclopedia of Computer Science
Authenticating secure tokens using slow memory access
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
Breaking up is hard to do: modeling security threats for smart cards
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
AEE'06 Proceedings of the 5th WSEAS international conference on Applications of electrical engineering
Hi-index | 4.10 |
Popular magazines often describe cryptography products in terms of algorithms and key lengths. These security techniques make good headlines ("Triple DES is much stronger than single DES."). Unfortunately, cryptography isn't so simple: Longer keys do not guarantee more security. Compare a cryptographic algorithm to the lock on your front door. Improving the lock probably won't make your house more secure. Burglars don't try every possible key (the equivalent of a brute-force attack); most aren't clever enough to pick the lock (the equivalent of a cryptographic attack). No, burglars smash windows, kick in doors, disguise themselves as police, and rob key-holders at gunpoint. Strong cryptography is very powerful when it is done right, but it is not a panacea. Building a secure cryptographic system is easy to do badly and very difficult to do well. Unfortunately, most people can't tell the difference. In this article, the author conveys some of the lessons learned in designing, analyzing, and breaking cryptographic systems.