Cryptographic Message Syntax
Encyclopedia
The Cryptographic Message Syntax (CMS) is the IETF's standard for cryptographically
protected messages. It can be used to digitally sign
, digest
, authenticate
or encrypt
any form of digital data.
CMS is based on the syntax of PKCS
#7, which in turn is based on the Privacy-Enhanced Mail
standard. The newest version of CMS is specified in RFC 5652 (but see also RFC 5911 for updated ASN.1 modules conforming to ASN.1 2002).
The architecture of CMS is built around certificate-based
key management, such as the profile defined by the PKIX working group
.
CMS is used as the key cryptographic component of many other cryptographic standards, such as S/MIME
, PKCS
#12 and the RFC 3161 Digital timestamping protocol.
OpenSSL
is an open source
software that can encrypt, decrypt, sign and verify, compress and uncompress CMS documents.
Cryptography
Cryptography is the practice and study of techniques for secure communication in the presence of third parties...
protected messages. It can be used to digitally sign
Digital signature
A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, and that it was not altered in transit...
, digest
Cryptographic hash function
A cryptographic hash function is a deterministic procedure that takes an arbitrary block of data and returns a fixed-size bit string, the hash value, such that an accidental or intentional change to the data will change the hash value...
, authenticate
Message authentication code
In cryptography, a message authentication code is a short piece of information used to authenticate a message.A MAC algorithm, sometimes called a keyed hash function, accepts as input a secret key and an arbitrary-length message to be authenticated, and outputs a MAC...
or encrypt
Encryption
In cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...
any form of digital data.
CMS is based on the syntax of PKCS
PKCS
In cryptography, PKCS refers to a group of public-key cryptography standards devised and published by RSA Security.RSA Data Security Inc was assigned the licensing rights for the patent on the RSA asymmetric key algorithm and acquired the licensing rights to several other key patents as well...
#7, which in turn is based on the Privacy-Enhanced Mail
Privacy-enhanced Electronic Mail
Privacy Enhanced Mail , is a 1993 IETF proposal for securing email using public-key cryptography. Although PEM became an IETF proposed standard it was never widely deployed or used....
standard. The newest version of CMS is specified in RFC 5652 (but see also RFC 5911 for updated ASN.1 modules conforming to ASN.1 2002).
The architecture of CMS is built around certificate-based
X.509
In cryptography, X.509 is an ITU-T standard for a public key infrastructure and Privilege Management Infrastructure . X.509 specifies, amongst other things, standard formats for public key certificates, certificate revocation lists, attribute certificates, and a certification path validation...
key management, such as the profile defined by the PKIX working group
Working group
A working group is an interdisciplinary collaboration of researchers working on new research activities that would be difficult to develop under traditional funding mechanisms . The lifespan of the WG can last anywhere between a few months and several years...
.
CMS is used as the key cryptographic component of many other cryptographic standards, such as S/MIME
S/MIME
S/MIME is a standard for public key encryption and signing of MIME data. S/MIME is on an IETF standards track and defined in a number of documents, most importantly RFCs. S/MIME was originally developed by RSA Data Security Inc...
, PKCS
PKCS
In cryptography, PKCS refers to a group of public-key cryptography standards devised and published by RSA Security.RSA Data Security Inc was assigned the licensing rights for the patent on the RSA asymmetric key algorithm and acquired the licensing rights to several other key patents as well...
#12 and the RFC 3161 Digital timestamping protocol.
OpenSSL
OpenSSL
OpenSSL is an open source implementation of the SSL and TLS protocols. The core library implements the basic cryptographic functions and provides various utility functions...
is an open source
Open source
The term open source describes practices in production and development that promote access to the end product's source materials. Some consider open source a philosophy, others consider it a pragmatic methodology...
software that can encrypt, decrypt, sign and verify, compress and uncompress CMS documents.
See also
- CAdES - CMS Advanced Electronic SignaturesCAdES (computing)CAdES is a set of extensions to Cryptographic Message Syntax signed data making it suitable for advanced electronic signature.-Description:...
- S/MIMES/MIMES/MIME is a standard for public key encryption and signing of MIME data. S/MIME is on an IETF standards track and defined in a number of documents, most importantly RFCs. S/MIME was originally developed by RSA Data Security Inc...
- PKCSPKCSIn cryptography, PKCS refers to a group of public-key cryptography standards devised and published by RSA Security.RSA Data Security Inc was assigned the licensing rights for the patent on the RSA asymmetric key algorithm and acquired the licensing rights to several other key patents as well...
#7