Learning from the Past: Designing Secure Network Protocols

Tobias Fiebig, Franziska Lichtblau, Florian Streibelt, Thorben Krüger, Pieter Lexis, Randy Bush, Anja Feldmann

Research output: Chapter in Book/Conference proceedings/Edited volumeChapterProfessional

Abstract

Network protocols define how networked computer systems exchange data. As they define all aspects of this communication, the way they are designed is also security sensitive. If communication is supposed to be encrypted, this has to be outlined in the protocol’s specification. If services implementing the protocol should allow for authentication, this has to be defined in the protocol. Hence, the way a protocol is designed is elemental for the security of systems later implementing it. Security by design starts with the protocol definition. Especially in today’s fast-moving environment, with cloud services and the Internet of Things, engineers constantly have to develop new protocols. In this chapter, we derive guidelines for designing new protocols securely, as well as recommendations on how existing protocols can be adjusted to become more secure. We base these recommendations on our analysis of how – historical – protocols were designed and which underlying design decisions made their corresponding implementations susceptible to security issues.
Original languageEnglish
Title of host publicationCybersecurity Best Practices
PublisherSpringer
Pages585-613
ISBN (Electronic)978-3-658-21655-9
ISBN (Print)978-3-658-21654-2
DOIs
Publication statusPublished - 2018

Fingerprint

Dive into the research topics of 'Learning from the Past: Designing Secure Network Protocols'. Together they form a unique fingerprint.

Cite this