Key points are not available for this paper at this time.
Designers of cryptographic systems are at a disadvantage compared with most other engineers, in that information on how these systems fail is hard to get: their major users have traditionally been government agencies, which are very secretive about their mistakes. We present the results of a survey of the failure modes of retail banking systems, which constitute the next largest application of cryptology. It turns out that the threat model commonly used by cryptosystem designers was wrong: most frauds were not caused by cryptanalysis or other technical attacks, but by implementation errors and management failures. This suggests that a paradigm shift is overdue in computer security; we look at some of the alternatives, and see some signs that this shift may be getting under way. 1 Introduction Cryptography, the science of code and cipher systems, is used by governments, banks and other organisations to keep information secure. It is a complex subject, and its national security overtone...
Ross Anderson (Tue,) studied this question.
Synapse has enriched 5 closely related papers on similar clinical questions. Consider them for comparative context: