How to build an insecure system out of perfectly good cryptography

Radia Perlman

Sun Microsystems Distinguished Engineer

7 PM, Thursday, October 17, 2002

Room 2.01.14 BB

Abstract:

Problems in network security systems tend not to be subtle mathematical flaws in the cryptography, but instead broader system issues. This talk starts with a tutorial on network security protocols, key distribution mechanisms, and PKI models. Then it gives examples in which deployed systems and industry standards have made decisions that make things insecure, unscalable, or unmanageable. Examples include insecure PKI models, scary web security issues, and a public-key based security system that had no advantages over a secret-key based scheme. It also talks about problems with IKE, the key exchange protocol for IPsec. The talk ends with a list of reasons deployment of good systems has been so slow.

Bio:

Radia Perlman is a Distinguished Engineer at Sun Microsystems. She is known for her contributions to bridging (spanning tree algorithm) and routing (link state routing) as well as security (sabotage-proof networks). She is the author of "Interconnections: Bridges, Routers, Switches, and Internetworking Protocols", and co-author of "Network Security: Private Communication in a Public World", two of the top 10 Networking reference books, according to Network Magazine. She is one of the 25 people whose work has most influenced the networking industry, according to Data Communications Magazine. She has an S.B. and S.M in mathematics and a Ph.D. in computer science from MIT and about 50 issued patents. She was recently awarded an honorary doctorate from KTH, the Royal Institute of Technology in Sweden.