The INI has a new website!

This is a legacy webpage. Please visit the new site to ensure you are seeing up to date information.

Skip to content



Problems in Cryptographic Standards and Implementations

McGrew, D (Cisco)
Thursday 02 February 2012, 14:45-15:30

Seminar Room 1, Newton Institute


In theory, we understand how to provide security through cryptography, yet too often practice does not live up to this promise. In standards, cryptographic imperatives compete with other pragmatic needs. This work seeks to understand those non-cryptographic needs and shed light on how they impact cryptographic security. We survey security failures in cryptographic standards and implementations, and analyze common problems. For standards, we consider the example of problems with authentication and the slow but steady adoption of authenticated encryption. For implementations, we review reported vulnerabilities and assess typical misuses and failure modes. Lastly, we suggest some ways that the research and standards communities can collaborate.


[pdf ]


The video for this talk should appear here if JavaScript is enabled.
If it doesn't, something may have gone wrong with our embedded player.
We'll get it fixed as soon as possible.

Back to top ∧