论文信息 - Integrating Network Cryptography into the Operating System

Integrating Network Cryptography into the Operating System

Cryptography libraries are inflexible and difficult for developers to integrate with their applications. These difficulties may be contributing to applications, like PGP, that are non-intuitive for end-users and are often used improperly or not at all. In this paper we argue that the best place for cryptography to be implemented is at the Operating System level rather than the current application-layer approach. We introduce and define a new general-purpose network cryptography library that integrates directly with the Operating System. This capability is flexible and easy to adopt because it can be used with the sockets interface, which developers are already familiar with, in addition to creating a general cryptography library that can be used in non-network situations. This technology will allow developers to focus on application usability rather than struggle with the learning curve required to properly use a specific cryptography library as required by current practices.

Haim Levkowitz | Anthony Gabrielson

[1] Qing Miao,et al. Analysis of software vulnerability , 2006 .

[2] Jon Postel,et al. User Datagram Protocol , 1980, RFC.

[3] Vinton G. Cerf,et al. A protocol for packet network intercommunication , 1974, CCRV.

[4] H. Levkowitz,et al. Reducing User Error by Establishing Encryption Patterns , 2011 .

[5] Gordon Fyodor Lyon,et al. Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning , 2009 .

[6] W. Richard Stevens,et al. UNIX Network Programming: Networking APIs: Sockets and XTI , 1997 .

[7] Robert E. Kahn,et al. A Protocol for Packet Network Intercommunication , 1974 .

[8] J. Doug Tygar,et al. Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0 , 1999, USENIX Security Symposium.

[9] Dina Katabi,et al. Secure In-Band Wireless Pairing , 2011, USENIX Security Symposium.

[10] Stephen E. Deering,et al. Internet Protocol, Version 6 (IPv6) Specification , 1995, RFC.