FromWikipedia,thefreeencyclopedia
Asecurityprotocol(cryptographicprotocolorencryptionprotocol)isanabstractorconcreteprotocol
thatperformsasecurityrelatedfunctionandappliescryptographicmethods,oftenassequencesof
cryptographicprimitives.Aprotocoldescribeshowthealgorithmsshouldbeused.Asufficientlydetailed
protocolincludesdetailsaboutdatastructuresandrepresentations,atwhichpointitcanbeusedtoimplement
multiple,interoperableversionsofaprogram.[1]
Cryptographicprotocolsarewidelyusedforsecureapplicationleveldatatransport.Acryptographicprotocol
usuallyincorporatesatleastsomeoftheseaspects:
Keyagreementorestablishment
Entityauthentication
Symmetricencryptionandmessageauthenticationmaterialconstruction
Securedapplicationleveldatatransport
Nonrepudiationmethods
Secretsharingmethods
Securemultipartycomputation
Forexample,TransportLayerSecurity(TLS)isacryptographicprotocolthatisusedtosecureweb
(HTTP/HTTPS)connections.Ithasanentityauthenticationmechanism,basedontheX.509systemakey
setupphase,whereasymmetricencryptionkeyisformedbyemployingpublickeycryptographyandan
applicationleveldatatransportfunction.Thesethreeaspectshaveimportantinterconnections.StandardTLS
doesnothavenonrepudiationsupport.
Thereareothertypesofcryptographicprotocolsaswell,andeventhetermitselfhasvariousreadings
Cryptographicapplicationprotocolsoftenuseoneormoreunderlyingkeyagreementmethods,whicharealso
sometimesthemselvesreferredtoas"cryptographicprotocols".Forinstance,TLSemployswhatisknownas
theDiffieHellmankeyexchange,whichalthoughitisonlyapartofTLSperse,DiffieHellmanmaybeseenas
acompletecryptographicprotocolinitselfforotherapplications.
Cryptographicprotocolscansometimesbeverifiedformallyonanabstractlevel.Whenitisdone,thereisa
necessitytoformalizetheenvironmentinwhichtheprotocoloperateinordertoidentifythreats.Thisis
frequentlydonethroughtheDolevYaomodel.
Contents
1
2
3
4
5
Advancedcryptographicprotocols
Examples
Seealso
References
Externallinks
Advancedcryptographicprotocols
Awidevarietyofcryptographicprotocolsgobeyondthetraditionalgoalsofdataconfidentiality,integrity,and
authenticationtoalsosecureavarietyofotherdesiredcharacteristicsofcomputermediatedcollaboration.Blind
signaturescanbeusedfordigitalcashanddigitalcredentialstoprovethatapersonholdsanattributeorright
withoutrevealingthatperson'sidentityortheidentitiesofpartiesthatpersontransactedwith.Securedigital
timestampingcanbeusedtoprovethatdata(evenifconfidential)existedatacertaintime.Securemultiparty
computationcanbeusedtocomputeanswers(suchasdeterminingthehighestbidinanauction)basedon
confidentialdata(suchasprivatebids),sothatwhentheprotocoliscompletetheparticipantsknowonlytheir
owninputandtheanswer.Endtoendauditablevotingsystemsprovidesetsofdesirableprivacyand
auditabilitypropertiesforconductingevoting.Undeniablesignaturesincludeinteractiveprotocolsthatallowthe
signertoproveaforgeryandlimitwhocanverifythesignature.Deniableencryptionaugmentsstandard
encryptionbymakingitimpossibleforanattackertomathematicallyprovetheexistenceofaplaintextmessage.
Digitalmixescreatehardtotracecommunications.
Examples
InternetKeyExchange
IPsec
Kerberos
PointtoPointProtocol
OfftheRecordMessaging
TransportLayerSecurity
ZRTP
Seealso
Securechannel
SecurityProtocolsOpenRepository
References
1."CryptographicProtocolOverview"(pdf).20151023.
Externallinks
Secureprotocolsopenrepository(http://www.lsv.enscachan.fr/spore/)
Retrievedfrom"https://en.wikipedia.org/w/index.php?title=Cryptographic_protocol&oldid=692292315"
Categories: Cryptographicprotocols
Thispagewaslastmodifiedon24November2015,at18:28.
TextisavailableundertheCreativeCommonsAttributionShareAlikeLicenseadditionaltermsmay
apply.Byusingthissite,youagreetotheTermsofUseandPrivacyPolicy.Wikipediaisaregistered
trademarkoftheWikimediaFoundation,Inc.,anonprofitorganization.