Title: Report: Extensibility and implementation independence of the .NET cryptographic API
Authors: Philippaerts, Pieter
Boon, Cédric
Piessens, Frank
Issue Date: 2009
Publisher: Springer
Host Document: Lecture Notes in Computer Science vol:5429 pages:101-110
Conference: ESSoS edition:1 location:Leuven date:February 04-06, 2009
Abstract: When a vulnerability is discovered in a cryptographic algorithm, or in a specific implementation of that algorithm, it is important that software using that algorithm or implementation is upgraded quickly. Hence, modern cryptographic libraries such as the .NET crypto libraries are designed to be extensible with new algorithms. In addition, they also support algorithm and implementation independent use. Software written against these libraries can be implemented such that switching to a new crypto algorithm or implementation requires very little effort.

This paper reports on our experiences with the implementation of a number of extensions to the .NET cryptographic framework. The extensions we consider are smart card based implementations of existing algorithms. We evaluate the extensibility of the libraries, and the support for implementation independence. We identify several problems with the libraries that have a negative impact on these properties, and we propose solutions.

The main conclusion of the paper is that extensibility and implementation independence can be substantially improved with only minor changes. These changes maintain backwards compatibility for client code.
ISSN: 0302-9743
Publication status: published
KU Leuven publication type: IC
Appears in Collections:Informatics Section

Files in This Item:
File Description Status SizeFormat
54290101.pdfMain article Published 253KbAdobe PDFView/Open


All items in Lirias are protected by copyright, with all rights reserved.

© Web of science