Abstract
Designers of cryptographic systems are at a disadvantage compared with
most other engineers, in that information on how these systems fail is hard
to get: their major users have been traditionally governemtn agencies which
are very secretive about their mistakes.
We Presnt the results of a survey of the failure modes of retail banking
systems, which constitute the next largest application of cryptology. It
turns out that the threat model commonly used by crytosystem designers was
wrong: most frauds were not caused by cryptoanalysis or other technical
attacks, but by implemenation errors and management failures. This
suggests that a paradigm shift is overdue in computer security; we look at
some alternatives, and see some signs taht this shift may be under way.