Security pitfalls in cryptographic design
Highlights the common security pitfalls in cryptographic design. States that even strong encryption algorithms can be circumvented by bypassing the algorithms altogether and exploiting errors in the design, implementation, or installation. Examines attacks against passwords, hardware, trust models, failure recovery systems and users. Discusses the importance of attack detection in addition to attack prevention. Concludes that eventually, every system may be successfully attacked so it is essential to limit the damage that can be done and to capture evidence in the form of an audit trail for later use in a prosecution.