protocols Archives - Page 3 of 3 - Schneier on Security

Entries Tagged "protocols"

Page 3 of 3

The Security of the Fortuna PRNG

Providing random numbers on computers can be very difficult. Back in 2003, Niels Ferguson and I designed Fortuna as a secure PRNG. Particularly important is how it collects entropy from various processes on the computer and mixes them all together.

While Fortuna is widely used, there hadn’t been any real analysis of the system. This has now changed. A new paper by Yevgeniy Dodis, Adi Shamir, Noah Stephens-Davidowitz, and Daniel Wichs provides some theoretical modeling for entropy collection and PRNG. They analyze Fortuna and find it good but not optimal, and then provide their own optimal system.

Excellent, and long-needed, research.

Posted on March 11, 2014 at 6:28 AM • View Comments

Dispute Resolution Systems for Security Protocols

Interesting paper by Steven J. Murdoch and Ross Anderson in this year’s Financial Cryptography conference: “Security Protocols and Evidence: Where Many Payment Systems Fail.”

Abstract: As security protocols are used to authenticate more transactions, they end up being relied on in legal proceedings. Designers often fail to anticipate this. Here we show how the EMV protocol—the dominant card payment system worldwide—does not produce adequate evidence for resolving disputes. We propose five principles for designing systems to produce robust evidence. We apply these to other systems such as Bitcoin, electronic banking and phone payment apps. We finally propose specific modifications to EMV that could allow disputes to be resolved more efficiently and fairly.

Ross Anderson has a blog post on the paper.

Posted on February 6, 2014 at 6:05 AM • View Comments

Bitcoin Explanation

This is the best explanation of the Bitcoin protocol that I have read.

Posted on December 9, 2013 at 11:33 AM • View Comments

Rerouting Internet Traffic by Attacking BGP

Renesys is reporting that Internet traffic is being manipulatively rerouted, presumably for eavesdropping purposes. The attacks exploit flaws in the Border Gateway Protocol (BGP). Ars Technica has a good article explaining the details.

The odds that the NSA is not doing this sort of thing are basically zero, but I’m sure that their activities are going to be harder to discover.

Posted on November 21, 2013 at 1:42 PM • View Comments

Multiple Protocol Attacks

In 1997, I wrote about something called a chosen-protocol attack, where an attacker can use one protocol to break another. Here’s an example of the same thing in the real world: two different parking garages that mask different digits of credit cards on their receipts. Find two from the same car, and you can reconstruct the entire number.

I have to admit this puzzles me, because I thought there was a standard for masking credit card numbers. I only ever see all digits except the final four masked.

Posted on December 20, 2011 at 6:24 AM • View Comments

←Previous 1 2 3

Sidebar photo of Bruce Schneier by Joe MacInnis.