Learning from the Past: Designing Secure Network Protocols

Book chapter (2018)

Authors

T. Fiebig

Franziska Lichtblau Max Planck Institut für Informatik

Florian Streibelt Max Planck Institut für Informatik

Thorben Krüger Max Planck Institut für Informatik

Pieter Lexis PowerDNS B.V.

Randy Bush Internet Initiative Japan research

Anja Feldmann Max Planck Institut für Informatik

To reference this document use:

http://resolver.tudelft.nl/uuid:6d0a7dad-bc74-4bd2-9297-a9abbbc5ca05

More Info

expand_more

Published Date

2018

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Abstract

Network protocols define how networked computer systems exchange data. As they define all aspects of this communication, the way they are designed is also security sensitive. If communication is supposed to be encrypted, this has to be outlined in the protocol’s specification. If services implementing the protocol should allow for authentication, this has to be defined in the protocol. Hence, the way a protocol is designed is elemental for the security of systems later implementing it. Security by design starts with the protocol definition. Especially in today’s fast-moving environment, with cloud services and the Internet of Things, engineers constantly have to develop new protocols. In this chapter, we derive guidelines for designing new protocols securely, as well as recommendations on how existing protocols can be adjusted to become more secure. We base these recommendations on our analysis of how – historical – protocols were designed and which underlying design decisions made their corresponding implementations susceptible to security issues.