Recent papers have taken a new look at cryptographic protocols from the perspective of proposing design principles. For years the main approach to cryptographic protocols has been logical, and a number of papers have examined the limitations of those logics. This paper takes a similar cautionary look at the design principal approach. Limitations and exceptions are offered on some of the previously given basic design principals. The focus is primarily on public key protocols, especially on the order of signature and encryption. But, other principles are discussed as well. Apparently secure protocols that fail to meet principles are presented. Also presented are new attacks on protocols as well as previously claimed attacks which are not. 1. Introduction Protocols employing cryptography for key distribution, authenticated and/or confidential data exchange, and a host of other applications have been around for a long time. And, analysis and modelling techniques for evaluating cryptograph...

We survey the variations on the choice and the usage of freshness identifiers, and the various forms of replay attack. Besides helping to clarify the important concepts of freshness and replay, this exercise demonstrates the potential complexity in devising formal methods to analyze cryptographic protocols.