Bellovin, Steven M.

RFCs Publications

Columbia University
1214 Amsterdam Avenue, MC 0401
New York, NY 10027
Voice:+1 212 939 7149
Fax:
Email: bellovin@acm.org
Web: www.research.att.com/~smb/

Security Area Director, IETF.

Chair, ipr, Intellectual Property Rights. IETF working group, General area.

Chair, ips, IP Storage. IETF working group, Transport area. Concluded November 2007.

Chair, itrace, ICMP Traceback. IETF working group, Internet area. Concluded September 2003.

Chair, pint, PSTN and Internet Internetworking. IETF working group, Transport area. Concluded February 2001.

Chair, spirits, Service in the PSTN/IN Requesting InTernet Service. IETF working group, Transport area. Concluded May 2005.

Chair, spki, Simple Public Key Infrastructure. IETF working group, Security area. Concluded February 2001.


RFCs:

[RFC 1579] Firewall-Friendly FTP.

[RFC 1675] Security Concerns for IPng.

[RFC 1681] On Many Addresses per Host.

[RFC 1948] Defending Against Sequence Number Attacks.

[RFC 2316] Report of the IAB Security Architecture Workshop.

[RFC 2458] Toward the PSTN/Internet Inter-Networking --Pre-PINT Implementations.

[RFC 3514] The Security Flag in the IPv4 Header.

[RFC 3554] On the Use of Stream Control Transmission Protocol (SCTP) with IPsec.

[RFC 3631] Security Mechanisms for the Internet.

[RFC 4107] Guidelines for Cryptographic Key Management.

[RFC 4278] Standards Maturity Variance Regarding the TCP MD5 Signature Option (RFC 2385) and the BGP-4 Specification.

[RFC 5406] Guidelines for Specifying the Use of IPsec Version 2.

[RFC 6528] Defending against Sequence Number Attacks.


Publications:

Bellovin, Steven M.
Cryptography and the Internet.
August 1988. Proceedings of CRYPTO '98.

Bellovin, Steven M.
Security Problems in the TCP/IP Protocol Suite.
March 1989. ACM Computer Communications Review, 19(2).

Bellovin, Steven M., Merritt, M.
Limitations of the Kerberos Authentication System.
October 1990. Computer Communications Review, Vol. 20(5), pp. 119 - 132.

Bellovin, Steven M., Merritt, M.
Encrypted Key Exchange: Password-based Protocols Secure against Dictionary Attacks.
1992. Proceedings of the IEEE Symposium on Security and Privacy, IEEE Computer Society.

Bellovin, Steven M., Merritt, M.
Augmented Encrypted Key Exchange: A Password-based Protocol Secure against Dictionary Attacks and Password File Compromise.
1993. Proceedings of the 1st ACM Conference on Computer and Communication Security, ACM Press.

Bellovin, Steven M.
Using the Domain Name System for System Break-Ins.
June 1995. Proceedings of the Fifth Usenix Unix Security Symposium.

Bellovin, Steven M.; Blumenthal, Uri.
A Better Key Schedule for DES-Like Ciphers.
1996. Proceedings of PRAGOCRYPT '96.

Bellovin, Steven M.
Problem Areas for the IP Security Protocols.
July 1996. Proceedings of the Sixth Usenix Unix Security Symposium, San Jose, CA. pp. 1 - 16.

Bellovin, Steven M.; Rekhter, Yakov; Resnick, Peter W.
Financial Incentives for Route Aggregation and Efficient Address Utilization in the Internet.
1997. in "Coordination the Internet", MIT Press.

Bellovin, Steven M.
Probable Plaintext Cryptanalysis of the IP Security Protocols.
February 1997. Proceedings of the Symposium on Network and Distributed System Security, San Diego, CA, pp. 155 - 160.

Bellovin, Steven M.; Blaze, Matt.
Cryptographic Modes of Operation for the Internet.
August 2001. 2nd NIST Workshop on Modes of Operation.

Bellovin, Steven M.; Floyd, Sally; Ioannidis, John; Mahajan, Ratul; Paxson, Vern; Shenker, Scott.
Controlling High Bandwidth Aggregates in the Network.
July 2002. ACM Computer Communications Review, Vol. 32, No. 3.


RFCs Publications