The Library
Prudent practices in security standardization
Tools
Hao, Feng (2021) Prudent practices in security standardization. IEEE Communications Standards Magazine, 5 (3). pp. 40-47. doi:10.1109/MCOMSTD.121.2100005 ISSN 2471-2825.
|
PDF
WRAP-Prudent-practices-security-standardization-2021.pdf - Accepted Version - Requires a PDF viewer. Download (391Kb) | Preview |
Official URL: https://doi.org/10.1109/MCOMSTD.121.2100005
Abstract
From June 2019 to March 2020, IETF conducted a selection process to choose password authenticated key exchange (PAKE) protocols for standardization. Similar standardization efforts were conducted before by IEEE (P1362.2) and ISO/IEC (11770-4). An important hallmark for this IETF selection process is its openness: anyone can nominate any candidate; all reviews are public; all email discussions on the IETF mailing lists are archived and publicly readable. However, despite the openness, it is unclear whether this IETF selection process has presented a successful model. Several important questions that were raised during the selection process had remained unaddressed even after the two winners (CPace and OPAQUE) were announced. We
reflect on the IETF PAKE selection process as a case study, and
summarize lessons in a set of principles with the hope to improve
security standardization in the future.
Item Type: | Journal Article | ||||||||
---|---|---|---|---|---|---|---|---|---|
Subjects: | Q Science > QA Mathematics > QA76 Electronic computers. Computer science. Computer software T Technology > TK Electrical engineering. Electronics Nuclear engineering |
||||||||
Divisions: | Faculty of Science, Engineering and Medicine > Science > Computer Science | ||||||||
Library of Congress Subject Headings (LCSH): | Computer security, Computer network protocols, Computers -- Access control -- Passwords, Data encryption (Computer science), Authentication | ||||||||
Journal or Publication Title: | IEEE Communications Standards Magazine | ||||||||
Publisher: | IEEE | ||||||||
ISSN: | 2471-2825 | ||||||||
Official Date: | September 2021 | ||||||||
Dates: |
|
||||||||
Volume: | 5 | ||||||||
Number: | 3 | ||||||||
Page Range: | pp. 40-47 | ||||||||
DOI: | 10.1109/MCOMSTD.121.2100005 | ||||||||
Status: | Peer Reviewed | ||||||||
Publication Status: | Published | ||||||||
Reuse Statement (publisher, data, author rights): | © 2021 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. | ||||||||
Access rights to Published version: | Restricted or Subscription Access | ||||||||
Date of first compliant deposit: | 13 September 2021 | ||||||||
Date of first compliant Open Access: | 13 September 2021 | ||||||||
Related URLs: |
Request changes or add full text files to a record
Repository staff actions (login required)
View Item |
Downloads
Downloads per month over past year