The 29th IPP Symposium

How to Build an Insecure System out of Perfectly Good Cryptography

Radia Perlman, Sun Labs

This talk starts with a tutorial on network security protocols, key distribution mechanisms, and PKI models. Then it discusses example mistakes people have made when designing or implementing network protocols. Examples include an e-mail standard that allowed forging of signatures, a public key scheme less secure than a secret key scheme, a system that thought encryption implied integrity protection, public key certification chain rules that are unworkable in practice, and some of the fundamental flaws with the IKE protocol (the key exchange protocol for IPsec). The talk ends with a list of reasons that security hasn't been deployed yet.