| 翻訳と辞書 |
| Horton Principle : ウィキペディア英語版 |
Horton Principle
The Horton Principle is a design rule for cryptographic systems and can be expressed as "Authenticate what is being meant, not what is being said".〔Ferguson, N., Schneier, B. (2003). "Practical Cryptography" p. 109, Indianapolis, Indiana: Wiley Publishing, Inc.〕 The principle is named after the title character in the Dr. Seuss children's book ''Horton Hatches the Egg''〔〔Wagner, David; Schneier, Bruce (April 15, 1997). ("Analysis of the SSL 3.0 Protocol" ). schneier.com.〕
The Horton Principle becomes important when using Message Authentication Codes (or MACs) in a Cryptographic system. Suppose Alice wants to send a message to Bob, and she uses a MAC to authenticate a message ''m'' that was made by concatenating three data fields, where ''m'' := ''a'' || ''b'' || ''c''. Bob needs to know what rules Alice used to create the message in order to split ''m'' back into its components, but if he uses the wrong rules then he'll get the wrong values from an authenticated message.
The problem is that the MAC is only authenticating a string of bytes, while Alice and Bob need to authenticate the way the message was constructed as well. If not, then it may be possible for an attacker to substitute a message with a valid MAC but a different meaning.
Systems can manage this problem by adding metadata such as a protocol number or by formatting messages with an explicit structure, such as XML.
==References==
抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』
■ウィキペディアで「Horton Principle」の詳細全文を読む
スポンサード リンク
| 翻訳と辞書 : 翻訳のためのインターネットリソース |
Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.
|
|