Cryptographic protocol
Encyclopedia
A security protocol is an abstract or concrete protocol that performs a security
-related function and applies cryptographic methods.
A protocol describes how the algorithm
s should be used. A sufficiently detailed protocol includes details about data structures and representations, at which point it can be used to implement multiple, interoperable versions of a program.
Cryptographic protocols are widely used for secure application-level data transport. A cryptographic protocol usually incorporates at least some of these aspects:
For example, Transport Layer Security
(TLS) is a cryptographic protocol that is used to secure web (HTTP) connections. It has an entity authentication mechanism, based on the X.509
system; a key setup phase, where a symmetric encryption key is formed by employing public-key cryptography; and an application-level data transport function. These three aspects have important interconnections. Standard TLS does not have non-repudiation support.
There are other types of cryptographic protocols as well, and even the term itself has various readings; Cryptographic application protocols often use one or more underlying key agreement methods, which are also sometimes themselves referred to as "cryptographic protocols". For instance, TLS employs what is known as the Diffie-Hellman key exchange
, which although it is only a part of TLS per se, Diffie-Hellman may be seen as a complete cryptographic protocol in itself for other applications.
Cryptographic protocols can sometimes be verified formally
on an abstract level. When it is done, there is a necessity to formalize then environment in which the protocol operate in order to identify treats. This is frequently done through the Dolev-Yao model
s can be used for digital cash
and digital credential
s to prove that a person holds an attribute or right without revealing that person's identity or the identities of parties that person transacted with. Secure digital time-stamping
can be used to prove that data (even if confidential) existed at a certain time. Secure multiparty computation
can be used to compute answers (such as determining the highest bid in an auction) based on confidential data (such as private bids), so that when the protocol is complete the participants know only their own input and the answer. Undeniable signature
s include interactive protocols that allow the signer to prove a forgery and limit who can verify the signature. Deniable encryption
augments standard encryption by making it impossible for an attacker to mathematically prove the existence of a plaintext message. Digital mixes
create hard-to-trace communications.
Information security
Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction....
-related function and applies cryptographic methods.
A protocol describes how the algorithm
Algorithm
In mathematics and computer science, an algorithm is an effective method expressed as a finite list of well-defined instructions for calculating a function. Algorithms are used for calculation, data processing, and automated reasoning...
s should be used. A sufficiently detailed protocol includes details about data structures and representations, at which point it can be used to implement multiple, interoperable versions of a program.
Cryptographic protocols are widely used for secure application-level data transport. A cryptographic protocol usually incorporates at least some of these aspects:
- Key agreement or establishment
- Entity authenticationAuthenticationAuthentication is the act of confirming the truth of an attribute of a datum or entity...
- Symmetric encryptionEncryptionIn cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...
and message authenticationKey (cryptography)In cryptography, a key is a piece of information that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would produce no useful result. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa...
material construction - Secured application-level data transport
- Non-repudiationNon-repudiationNon-repudiation refers to a state of affairs where the purported maker of a statement will not be able to successfully challenge the validity of the statement or contract. The term is often seen in a legal setting wherein the authenticity of a signature is being challenged...
methods
For example, Transport Layer Security
Transport Layer Security
Transport Layer Security and its predecessor, Secure Sockets Layer , are cryptographic protocols that provide communication security over the Internet...
(TLS) is a cryptographic protocol that is used to secure web (HTTP) connections. It has an entity authentication mechanism, based on the X.509
X.509
In cryptography, X.509 is an ITU-T standard for a public key infrastructure and Privilege Management Infrastructure . X.509 specifies, amongst other things, standard formats for public key certificates, certificate revocation lists, attribute certificates, and a certification path validation...
system; a key setup phase, where a symmetric encryption key is formed by employing public-key cryptography; and an application-level data transport function. These three aspects have important interconnections. Standard TLS does not have non-repudiation support.
There are other types of cryptographic protocols as well, and even the term itself has various readings; Cryptographic application protocols often use one or more underlying key agreement methods, which are also sometimes themselves referred to as "cryptographic protocols". For instance, TLS employs what is known as the Diffie-Hellman key exchange
Diffie-Hellman key exchange
Diffie–Hellman key exchange Synonyms of Diffie–Hellman key exchange include:*Diffie–Hellman key agreement*Diffie–Hellman key establishment*Diffie–Hellman key negotiation...
, which although it is only a part of TLS per se, Diffie-Hellman may be seen as a complete cryptographic protocol in itself for other applications.
Cryptographic protocols can sometimes be verified formally
Formal verification
In the context of hardware and software systems, formal verification is the act of proving or disproving the correctness of intended algorithms underlying a system with respect to a certain formal specification or property, using formal methods of mathematics .- Usage :Formal verification can be...
on an abstract level. When it is done, there is a necessity to formalize then environment in which the protocol operate in order to identify treats. This is frequently done through the Dolev-Yao model
Advanced cryptographic protocols
A wide variety of cryptographic protocols go beyond the traditional goals of data confidentiality, integrity, and authentication to also secure a variety of other desired characteristics of computer-mediated collaboration. Blind signatureBlind signature
In cryptography a blind signature as introduced by David Chaum is a form of digital signature in which the content of a message is disguised before it is signed. The resulting blind signature can be publicly verified against the original, unblinded message in the manner of a regular digital...
s can be used for digital cash
Ecash
Using cryptography, ecash was introduced by David Chaum as an anonymous electronic cash system. He used blind signatures to achieve unlinkability between withdrawal and spend transactions. Depending on the properties of the payment transactions, one distinguishes between on-line and off-line...
and digital credential
Digital credential
Digital credentials are the digital equivalent of paper-based credentials. Just as a paper-based credential could be a passport, a Driver's license, a membership certificate or some kind of ticket to obtain some service, such as a cinema ticket or a public transport ticket, a digital credential is...
s to prove that a person holds an attribute or right without revealing that person's identity or the identities of parties that person transacted with. Secure digital time-stamping
Trusted timestamping
Trusted timestamping is the process of securelykeeping track of the creation and modification time of a document. Securityhere means that no one — not even the owner of the document — should be able to change it once it has been recorded provided that the timestamper's integrity is never...
can be used to prove that data (even if confidential) existed at a certain time. Secure multiparty computation
Secure multiparty computation
Secure multi-party computation is a sub field of cryptography. The goal of methods for secure multi-party computation is to enable parties to jointly compute a function over their inputs, while at the same time keeping these inputs private...
can be used to compute answers (such as determining the highest bid in an auction) based on confidential data (such as private bids), so that when the protocol is complete the participants know only their own input and the answer. Undeniable signature
Undeniable signature
Undeniable signatures are a form of digital signature invented by David Chaum and Hans van Antwerpen in 1989. They have two distinctive features,# The verification process is interactive, so that the signatory can limit who can verify the signature....
s include interactive protocols that allow the signer to prove a forgery and limit who can verify the signature. Deniable encryption
Deniable encryption
In cryptography and steganography, deniable encryption is encryption that allows its users to convincingly deny that the data is encrypted, or that they are able to decrypt it. Such convincing denials may or may not be genuine. For example, although suspicions might exist that the data is...
augments standard encryption by making it impossible for an attacker to mathematically prove the existence of a plaintext message. Digital mixes
Anonymous remailer
An anonymous remailer is a server computer which receives messages with embedded instructions on where to send them next, and which forwards them without revealing where they originally came from...
create hard-to-trace communications.
Examples
- Internet Key ExchangeInternet key exchangeInternet Key Exchange is the protocol used to set up a security association in the IPsec protocol suite. IKE builds upon the Oakley protocol and ISAKMP...
- IPsecIPsecInternet Protocol Security is a protocol suite for securing Internet Protocol communications by authenticating and encrypting each IP packet of a communication session...
- Kerberos
- Point to Point Protocol
- Transport Layer SecurityTransport Layer SecurityTransport Layer Security and its predecessor, Secure Sockets Layer , are cryptographic protocols that provide communication security over the Internet...