Cryptographic protocol

1356: 269: 206: 158:

can be used to compute answers (such as determining the highest bid in an auction) based on confidential data (such as private bids), so that when the protocol is complete the participants know only their own input and the answer.

137:

A wide variety of cryptographic protocols go beyond the traditional goals of data confidentiality, integrity, and authentication to also secure a variety of other desired characteristics of computer-mediated collaboration.

109:

key is formed by employing public-key cryptography; and an application-level data transport function. These three aspects have important interconnections. Standard TLS does not have non-repudiation support.

419: 191:

on an abstract level. When it is done, there is a necessity to formalize the environment in which the protocol operates in order to identify threats. This is frequently done through the

617: 43:

should be used and includes details about data structures and representations, at which point it can be used to implement multiple, interoperable versions of a program.

518: 46:

Cryptographic protocols are widely used for secure application-level data transport. A cryptographic protocol usually incorporates at least some of these aspects:

485: 465: 445: 1336: 1166: 176: 769:

Armando, A.; Arsac, W; Avanesov, T.; Barletta, M.; Calvi, A.; Cappai, A.; Carbone, R.; Chevalier, Y.; +12 more (2012). Flanagan, C.; König, B. (eds.).

150:

to prove that a person holds an attribute or right without revealing that person's identity or the identities of parties that person transacted with.

729: 801: 1019: 175:

augments standard encryption by making it impossible for an attacker to mathematically prove the existence of a plain text message.

624: 121:, which are also sometimes themselves referred to as "cryptographic protocols". For instance, TLS employs what is known as the 984: 815: 597: 276: 213: 898: 237: 160: 592: 113:

There are other types of cryptographic protocols as well, and even the term itself has various readings; Cryptographic

1012: 366: 1384: 122: 171:

include interactive protocols that allow the signer to prove a forgery and limit who can verify the signature.

1215: 300:

Automated Validation of Internet Security Protocols and Applications (AVISPA) and follow-up project AVANTSSAR.

87: 155: 747: 1005: 772:

The AVANTSSAR Platform for the Automated Validation of Trust and Security of Service-Oriented Architectures

1331: 1286: 1099: 851: 698: 648:

Chen, Shan; Jero, Samuel; Jagielski, Matthew; Boldyreva, Alexandra; Nita-Rotaru, Cristina (2021-07-01).

1210: 357: 351: 252: 875: 1326: 129:, Diffie–Hellman may be seen as a complete cryptographic protocol in itself for other applications. 1316: 1306: 1161: 565: 544: 94: 1311: 1301: 1104: 1064: 1057: 1047: 1042: 770: 714: 549: 36: 24: 280: 217: 1359: 1205: 1151: 582: 529: 490: 1321: 1245: 852:"SAT-based Model-Checker for Security Protocols and Security-sensitive Application (SATMC)" 168: 151: 106: 28: 8: 1084: 539: 242: 188: 172: 922: 1190: 1174: 1121: 795: 679: 470: 450: 430: 147: 67: 961: 933: 650:"Secure Communication Channel Establishment: TLS 1.3 (over TCP Fast Open) versus QUIC" 1250: 1240: 1111: 980: 723: 683: 671: 1185: 972: 776: 661: 154:

can be used to prove that data (even if confidential) existed at a certain time.

976: 780: 560: 139: 75: 819: 261:

Research projects and tools used for formal verification of security protocols:

1260: 1180: 1141: 1089: 1074: 744:"Automated Validation of Internet Security Protocols and Applications (AVISPA)" 666: 649: 587: 339: 81: 57: 902: 198:

Logics, concepts and calculi used for formal reasoning of security protocols:

1378: 1341: 1296: 1255: 1235: 1131: 1094: 1069: 675: 425: 163:

provide sets of desirable privacy and auditability properties for conducting

118: 50: 32: 247: 1291: 1136: 1126: 1116: 1079: 1028: 886: 768: 554: 1270: 317: 356:

To formally verify a protocol it is often abstracted and modelled using

1230: 1200: 1195: 1156: 960:

Ermoshina, Ksenia; Musiani, Francesca; Halpin, Harry (September 2016).

715:

Fábrega, F. Javier Thayer, Jonathan C. Herzog, and Joshua D. Guttman.,

101:) connections. It has an entity authentication mechanism, based on the 63: 1220: 839: 192: 40: 944: 1265: 1225: 331: 164: 1146: 855: 97:(TLS) is a cryptographic protocol that is used to secure web ( 743: 534: 143: 102: 98: 971:. INSCI 2016. Florence, Italy: Springer. pp. 244–254. 570: 647: 876:

Casper: A Compiler for the Analysis of Security Protocols

962:"End-to-End Encrypted Messaging Protocols: An Overview" 1167:

Cryptographically secure pseudorandom number generator

959: 493: 473: 453: 433: 369: 993: 132: 816:"Constraint Logic-based Attack Searcher (Cl-AtSe)" 717:Strand Spaces: Why is a Security Protocol Correct? 512: 479: 459: 439: 413: 1376: 303:Constraint Logic-based Attack Searcher (CL-AtSe) 887:cpsa: Symbolic cryptographic protocol analyzer 696: 414:{\displaystyle A\rightarrow B:\{X\}_{K_{A,B}}} 345: 1013: 322:Cryptographic Protocol Shapes Analyzer (CPSA) 840:Open-Source Fixed-Point Model-Checker (OFMC) 728:: CS1 maint: multiple names: authors list ( 389: 382: 306:Open-Source Fixed-Point Model-Checker (OFMC) 800:: CS1 maint: numeric names: authors list ( 775:. Vol. 7214. LNTCS. pp. 267–282. 117:protocols often use one or more underlying 1020: 1006: 967:. In Bagnoli, Franco; et al. (eds.). 125:, which although it is only a part of TLS 665: 187:Cryptographic protocols can sometimes be 899:"Knowledge In Security protocolS (KISS)" 72:Secured application-level data transport 923:Maude-NRL Protocol Analyzer (Maude-NPA) 699:"Lecture Notes Cryptographic Protocols" 328:Maude-NRL Protocol Analyzer (Maude-NPA) 238:Burrows–Abadi–Needham logic (BAN logic) 1377: 750:from the original on 22 September 2016 325:Knowledge In Security protocolS (KISS) 182: 1001: 360:. A simple example is the following: 179:create hard-to-trace communications. 762: 598:Comparison of cryptography libraries 263: 200: 161:End-to-end auditable voting systems 105:system; a key setup phase, where a 13: 953: 593:Security Protocols Open Repository 14: 1396: 618:"Cryptographic Protocol Overview" 1355: 1354: 1027: 267: 253:Protocol composition logic (PCL) 204: 133:Advanced cryptographic protocols 938: 927: 916: 891: 880: 869: 309:SAT-based Model-Checker (SATMC) 39:. A protocol describes how the 35:methods, often as sequences of 1216:Information-theoretic security 844: 833: 808: 736: 708: 690: 641: 610: 373: 88:Secure multi-party computation 31:-related function and applies 1: 603: 156:Secure multiparty computation 977:10.1007/978-3-319-45982-0_22 781:10.1007/978-3-642-28756-5_19 623:. 2015-10-23. Archived from 7: 1332:Message authentication code 1287:Cryptographic hash function 1100:Cryptographic hash function 576: 523: 487:encrypted under shared key 346:Notion of abstract protocol 152:Secure digital timestamping 123:Diffie–Hellman key exchange 66:and message authentication 23:is an abstract or concrete 10: 1401: 1211:Harvest now, decrypt later 667:10.1007/s00145-021-09389-w 447:intends a message for Bob 352:Security protocol notation 349: 1350: 1327:Post-quantum cryptography 1279: 1035: 997: 1317:Quantum key distribution 1307:Authenticated encryption 1162:Random number generation 566:Transport Layer Security 545:Off-the-Record Messaging 467:consisting of a message 358:Alice & Bob notation 95:Transport Layer Security 37:cryptographic primitives 1385:Cryptographic protocols 1312:Public-key cryptography 1302:Symmetric-key algorithm 1105:Key derivation function 1065:Cryptographic primitive 1058:Authentication protocol 1048:Outline of cryptography 1043:History of cryptography 550:Point to Point Protocol 513:{\displaystyle K_{A,B}} 1053:Cryptographic protocol 514: 481: 461: 441: 415: 21:cryptographic protocol 16:Aspect of cryptography 1206:End-to-end encryption 1152:Cryptojacking malware 654:Journal of Cryptology 583:List of cryptosystems 530:Internet Key Exchange 515: 482: 462: 442: 416: 169:Undeniable signatures 119:key agreement methods 69:material construction 1322:Quantum cryptography 1246:Trusted timestamping 697:Berry Schoenmakers. 491: 471: 451: 431: 367: 281:adding missing items 218:adding missing items 107:symmetric encryption 1085:Cryptographic nonce 183:Formal verification 173:Deniable encryption 148:digital credentials 1191:Subliminal channel 1175:Pseudorandom noise 1122:Key (cryptography) 510: 477: 457: 437: 411: 279:; you can help by 216:; you can help by 1372: 1371: 1368: 1367: 1251:Key-based routing 1241:Trapdoor function 1112:Digital signature 986:978-3-319-45982-0 480:{\displaystyle X} 460:{\displaystyle B} 440:{\displaystyle A} 424:This states that 297: 296: 234: 233: 189:verified formally 1392: 1358: 1357: 1186:Insecure channel 1022: 1015: 1008: 999: 998: 995: 994: 990: 969:Internet Science 966: 947: 942: 936: 931: 925: 920: 914: 913: 911: 910: 901:. Archived from 895: 889: 884: 878: 873: 867: 866: 864: 863: 854:. Archived from 848: 842: 837: 831: 830: 828: 827: 818:. Archived from 812: 806: 805: 799: 791: 789: 787: 766: 760: 759: 757: 755: 740: 734: 733: 727: 719: 712: 706: 705: 703: 694: 688: 687: 669: 645: 639: 638: 636: 635: 629: 622: 614: 519: 517: 516: 511: 509: 508: 486: 484: 483: 478: 466: 464: 463: 458: 446: 444: 443: 438: 420: 418: 417: 412: 410: 409: 408: 407: 292: 289: 271: 270: 264: 229: 226: 208: 207: 201: 142:can be used for 140:Blind signatures 53:or establishment 27:that performs a 1400: 1399: 1395: 1394: 1393: 1391: 1390: 1389: 1375: 1374: 1373: 1364: 1346: 1275: 1031: 1026: 987: 964: 956: 954:Further reading 951: 950: 943: 939: 932: 928: 921: 917: 908: 906: 897: 896: 892: 885: 881: 874: 870: 861: 859: 850: 849: 845: 838: 834: 825: 823: 814: 813: 809: 793: 792: 785: 783: 767: 763: 753: 751: 742: 741: 737: 721: 720: 713: 709: 701: 695: 691: 646: 642: 633: 631: 627: 620: 616: 615: 611: 606: 579: 561:Signal Protocol 526: 498: 494: 492: 489: 488: 472: 469: 468: 452: 449: 448: 432: 429: 428: 397: 393: 392: 388: 368: 365: 364: 354: 348: 293: 287: 284: 268: 243:Dolev–Yao model 230: 224: 221: 205: 185: 135: 76:Non-repudiation 17: 12: 11: 5: 1398: 1388: 1387: 1370: 1369: 1366: 1365: 1363: 1362: 1351: 1348: 1347: 1345: 1344: 1339: 1337:Random numbers 1334: 1329: 1324: 1319: 1314: 1309: 1304: 1299: 1294: 1289: 1283: 1281: 1277: 1276: 1274: 1273: 1268: 1263: 1261:Garlic routing 1258: 1253: 1248: 1243: 1238: 1233: 1228: 1223: 1218: 1213: 1208: 1203: 1198: 1193: 1188: 1183: 1181:Secure channel 1178: 1172: 1171: 1170: 1159: 1154: 1149: 1144: 1142:Key stretching 1139: 1134: 1129: 1124: 1119: 1114: 1109: 1108: 1107: 1102: 1092: 1090:Cryptovirology 1087: 1082: 1077: 1075:Cryptocurrency 1072: 1067: 1062: 1061: 1060: 1050: 1045: 1039: 1037: 1033: 1032: 1025: 1024: 1017: 1010: 1002: 992: 991: 985: 955: 952: 949: 948: 945:Tamarin Prover 937: 926: 915: 890: 879: 868: 843: 832: 807: 761: 735: 707: 689: 640: 608: 607: 605: 602: 601: 600: 595: 590: 588:Secure channel 585: 578: 575: 574: 573: 568: 563: 558: 552: 547: 542: 537: 532: 525: 522: 507: 504: 501: 497: 476: 456: 436: 422: 421: 406: 403: 400: 396: 391: 387: 384: 381: 378: 375: 372: 350:Main article: 347: 344: 343: 342: 340:Tamarin Prover 337: 334: 329: 326: 323: 320: 315: 312: 311: 310: 307: 304: 295: 294: 274: 272: 259: 258: 255: 250: 245: 240: 232: 231: 211: 209: 184: 181: 134: 131: 91: 90: 85: 82:Secret sharing 79: 73: 70: 60: 58:authentication 54: 15: 9: 6: 4: 3: 2: 1397: 1386: 1383: 1382: 1380: 1361: 1353: 1352: 1349: 1343: 1342:Steganography 1340: 1338: 1335: 1333: 1330: 1328: 1325: 1323: 1320: 1318: 1315: 1313: 1310: 1308: 1305: 1303: 1300: 1298: 1297:Stream cipher 1295: 1293: 1290: 1288: 1285: 1284: 1282: 1278: 1272: 1269: 1267: 1264: 1262: 1259: 1257: 1256:Onion routing 1254: 1252: 1249: 1247: 1244: 1242: 1239: 1237: 1236:Shared secret 1234: 1232: 1229: 1227: 1224: 1222: 1219: 1217: 1214: 1212: 1209: 1207: 1204: 1202: 1199: 1197: 1194: 1192: 1189: 1187: 1184: 1182: 1179: 1176: 1173: 1168: 1165: 1164: 1163: 1160: 1158: 1155: 1153: 1150: 1148: 1145: 1143: 1140: 1138: 1135: 1133: 1132:Key generator 1130: 1128: 1125: 1123: 1120: 1118: 1115: 1113: 1110: 1106: 1103: 1101: 1098: 1097: 1096: 1095:Hash function 1093: 1091: 1088: 1086: 1083: 1081: 1078: 1076: 1073: 1071: 1070:Cryptanalysis 1068: 1066: 1063: 1059: 1056: 1055: 1054: 1051: 1049: 1046: 1044: 1041: 1040: 1038: 1034: 1030: 1023: 1018: 1016: 1011: 1009: 1004: 1003: 1000: 996: 988: 982: 978: 974: 970: 963: 958: 957: 946: 941: 935: 930: 924: 919: 905:on 2016-10-10 904: 900: 894: 888: 883: 877: 872: 858:on 2015-10-03 857: 853: 847: 841: 836: 822:on 2017-02-08 821: 817: 811: 803: 797: 782: 778: 774: 773: 765: 749: 745: 739: 731: 725: 718: 711: 700: 693: 685: 681: 677: 673: 668: 663: 659: 655: 651: 644: 630:on 2017-08-29 626: 619: 613: 609: 599: 596: 594: 591: 589: 586: 584: 581: 580: 572: 569: 567: 564: 562: 559: 556: 553: 551: 548: 546: 543: 541: 538: 536: 533: 531: 528: 527: 521: 505: 502: 499: 495: 474: 454: 434: 427: 404: 401: 398: 394: 385: 379: 376: 370: 363: 362: 361: 359: 353: 341: 338: 335: 333: 330: 327: 324: 321: 319: 316: 313: 308: 305: 302: 301: 299: 298: 291: 282: 278: 275:This list is 273: 266: 265: 262: 256: 254: 251: 249: 246: 244: 241: 239: 236: 235: 228: 219: 215: 212:This list is 210: 203: 202: 199: 196: 194: 190: 180: 178: 177:Digital mixes 174: 170: 166: 162: 157: 153: 149: 145: 141: 130: 128: 124: 120: 116: 111: 108: 104: 100: 96: 93:For example, 89: 86: 83: 80: 77: 74: 71: 68: 65: 61: 59: 55: 52: 51:Key agreement 49: 48: 47: 44: 42: 38: 34: 33:cryptographic 30: 26: 22: 1292:Block cipher 1137:Key schedule 1127:Key exchange 1117:Kleptography 1080:Cryptosystem 1052: 1029:Cryptography 968: 940: 929: 918: 907:. Retrieved 903:the original 893: 882: 871: 860:. Retrieved 856:the original 846: 835: 824:. Retrieved 820:the original 810: 784:. Retrieved 771: 764: 752:. Retrieved 738: 716: 710: 692: 657: 653: 643: 632:. Retrieved 625:the original 612: 555:Secure Shell 423: 355: 288:October 2016 285: 260: 257:Strand space 225:October 2016 222: 197: 186: 144:digital cash 136: 126: 114: 112: 92: 45: 20: 18: 1280:Mathematics 1271:Mix network 786:14 February 754:14 February 318:CryptoVerif 115:application 1231:Ciphertext 1201:Decryption 1196:Encryption 1157:Ransomware 909:2016-10-07 862:2016-10-17 826:2016-10-17 634:2015-10-23 604:References 277:incomplete 248:π-calculus 214:incomplete 64:encryption 62:Symmetric 41:algorithms 1221:Plaintext 796:cite book 684:235174220 676:0933-2790 660:(3): 26. 374:→ 193:Dolev-Yao 1379:Category 1360:Category 1266:Kademlia 1226:Codetext 1169:(CSPRNG) 748:Archived 724:citation 577:See also 540:Kerberos 524:Examples 332:ProVerif 165:e-voting 29:security 25:protocol 1036:General 934:Scyther 336:Scyther 195:model. 84:methods 78:methods 56:Entity 1147:Keygen 983: 682: 674: 314:Casper 127:per se 1177:(PRN) 965:(PDF) 702:(PDF) 680:S2CID 628:(PDF) 621:(PDF) 557:(SSH) 535:IPsec 426:Alice 103:X.509 99:HTTPS 981:ISBN 802:link 788:2024 756:2024 730:link 672:ISSN 571:ZRTP 146:and 973:doi 777:doi 662:doi 283:. 220:. 167:. 1381:: 979:. 798:}} 794:{{ 746:. 726:}} 722:{{ 678:. 670:. 658:34 656:. 652:. 520:. 19:A 1021:e 1014:t 1007:v 989:. 975:: 912:. 865:. 829:. 804:) 790:. 779:: 758:. 732:) 704:. 686:. 664:: 637:. 506:B 503:, 500:A 496:K 475:X 455:B 435:A 405:B 402:, 399:A 395:K 390:} 386:X 383:{ 380:: 377:B 371:A 290:) 286:( 227:) 223:(

Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.

Index