1356:
269:
206:
158:
can be used to compute answers (such as determining the highest bid in an auction) based on confidential data (such as private bids), so that when the protocol is complete the participants know only their own input and the answer.
137:
A wide variety of cryptographic protocols go beyond the traditional goals of data confidentiality, integrity, and authentication to also secure a variety of other desired characteristics of computer-mediated collaboration.
109:
key is formed by employing public-key cryptography; and an application-level data transport function. These three aspects have important interconnections. Standard TLS does not have non-repudiation support.
419:
191:
on an abstract level. When it is done, there is a necessity to formalize the environment in which the protocol operates in order to identify threats. This is frequently done through the
617:
43:
should be used and includes details about data structures and representations, at which point it can be used to implement multiple, interoperable versions of a program.
518:
46:
Cryptographic protocols are widely used for secure application-level data transport. A cryptographic protocol usually incorporates at least some of these aspects:
485:
465:
445:
1336:
1166:
176:
769:
Armando, A.; Arsac, W; Avanesov, T.; Barletta, M.; Calvi, A.; Cappai, A.; Carbone, R.; Chevalier, Y.; +12 more (2012). Flanagan, C.; König, B. (eds.).
150:
to prove that a person holds an attribute or right without revealing that person's identity or the identities of parties that person transacted with.
729:
801:
1019:
175:
augments standard encryption by making it impossible for an attacker to mathematically prove the existence of a plain text message.
624:
121:, which are also sometimes themselves referred to as "cryptographic protocols". For instance, TLS employs what is known as the
984:
815:
597:
276:
213:
898:
237:
160:
592:
113:
There are other types of cryptographic protocols as well, and even the term itself has various readings; Cryptographic
1012:
366:
1384:
122:
171:
include interactive protocols that allow the signer to prove a forgery and limit who can verify the signature.
1215:
300:
Automated
Validation of Internet Security Protocols and Applications (AVISPA) and follow-up project AVANTSSAR.
87:
155:
747:
1005:
772:
The AVANTSSAR Platform for the
Automated Validation of Trust and Security of Service-Oriented Architectures
1331:
1286:
1099:
851:
698:
648:
Chen, Shan; Jero, Samuel; Jagielski, Matthew; Boldyreva, Alexandra; Nita-Rotaru, Cristina (2021-07-01).
1210:
357:
351:
252:
875:
1326:
129:, Diffie–Hellman may be seen as a complete cryptographic protocol in itself for other applications.
1316:
1306:
1161:
565:
544:
94:
1311:
1301:
1104:
1064:
1057:
1047:
1042:
770:
714:
549:
36:
24:
280:
217:
1359:
1205:
1151:
582:
529:
490:
1321:
1245:
852:"SAT-based Model-Checker for Security Protocols and Security-sensitive Application (SATMC)"
168:
151:
106:
28:
8:
1084:
539:
242:
188:
172:
922:
1190:
1174:
1121:
795:
679:
470:
450:
430:
147:
67:
961:
933:
650:"Secure Communication Channel Establishment: TLS 1.3 (over TCP Fast Open) versus QUIC"
1250:
1240:
1111:
980:
723:
683:
671:
1185:
972:
776:
661:
154:
can be used to prove that data (even if confidential) existed at a certain time.
976:
780:
560:
139:
75:
819:
261:
Research projects and tools used for formal verification of security protocols:
1260:
1180:
1141:
1089:
1074:
744:"Automated Validation of Internet Security Protocols and Applications (AVISPA)"
666:
649:
587:
339:
81:
57:
902:
198:
Logics, concepts and calculi used for formal reasoning of security protocols:
1378:
1341:
1296:
1255:
1235:
1131:
1094:
1069:
675:
425:
163:
provide sets of desirable privacy and auditability properties for conducting
118:
50:
32:
247:
1291:
1136:
1126:
1116:
1079:
1028:
886:
768:
554:
1270:
317:
356:
To formally verify a protocol it is often abstracted and modelled using
1230:
1200:
1195:
1156:
960:
Ermoshina, Ksenia; Musiani, Francesca; Halpin, Harry (September 2016).
715:
Fábrega, F. Javier Thayer, Jonathan C. Herzog, and Joshua D. Guttman.,
101:) connections. It has an entity authentication mechanism, based on the
63:
1220:
839:
192:
40:
944:
1265:
1225:
331:
164:
1146:
855:
97:(TLS) is a cryptographic protocol that is used to secure web (
743:
534:
143:
102:
98:
971:. INSCI 2016. Florence, Italy: Springer. pp. 244–254.
570:
647:
876:
Casper: A Compiler for the
Analysis of Security Protocols
962:"End-to-End Encrypted Messaging Protocols: An Overview"
1167:
Cryptographically secure pseudorandom number generator
959:
493:
473:
453:
433:
369:
993:
132:
816:"Constraint Logic-based Attack Searcher (Cl-AtSe)"
717:Strand Spaces: Why is a Security Protocol Correct?
512:
479:
459:
439:
413:
1376:
303:Constraint Logic-based Attack Searcher (CL-AtSe)
887:cpsa: Symbolic cryptographic protocol analyzer
696:
414:{\displaystyle A\rightarrow B:\{X\}_{K_{A,B}}}
345:
1013:
322:Cryptographic Protocol Shapes Analyzer (CPSA)
840:Open-Source Fixed-Point Model-Checker (OFMC)
728:: CS1 maint: multiple names: authors list (
389:
382:
306:Open-Source Fixed-Point Model-Checker (OFMC)
800:: CS1 maint: numeric names: authors list (
775:. Vol. 7214. LNTCS. pp. 267–282.
117:protocols often use one or more underlying
1020:
1006:
967:. In Bagnoli, Franco; et al. (eds.).
125:, which although it is only a part of TLS
665:
187:Cryptographic protocols can sometimes be
899:"Knowledge In Security protocolS (KISS)"
72:Secured application-level data transport
923:Maude-NRL Protocol Analyzer (Maude-NPA)
699:"Lecture Notes Cryptographic Protocols"
328:Maude-NRL Protocol Analyzer (Maude-NPA)
238:Burrows–Abadi–Needham logic (BAN logic)
1377:
750:from the original on 22 September 2016
325:Knowledge In Security protocolS (KISS)
182:
1001:
360:. A simple example is the following:
179:create hard-to-trace communications.
762:
598:Comparison of cryptography libraries
263:
200:
161:End-to-end auditable voting systems
105:system; a key setup phase, where a
13:
953:
593:Security Protocols Open Repository
14:
1396:
618:"Cryptographic Protocol Overview"
1355:
1354:
1027:
267:
253:Protocol composition logic (PCL)
204:
133:Advanced cryptographic protocols
938:
927:
916:
891:
880:
869:
309:SAT-based Model-Checker (SATMC)
39:. A protocol describes how the
35:methods, often as sequences of
1216:Information-theoretic security
844:
833:
808:
736:
708:
690:
641:
610:
373:
88:Secure multi-party computation
31:-related function and applies
1:
603:
156:Secure multiparty computation
977:10.1007/978-3-319-45982-0_22
781:10.1007/978-3-642-28756-5_19
623:. 2015-10-23. Archived from
7:
1332:Message authentication code
1287:Cryptographic hash function
1100:Cryptographic hash function
576:
523:
487:encrypted under shared key
346:Notion of abstract protocol
152:Secure digital timestamping
123:Diffie–Hellman key exchange
66:and message authentication
23:is an abstract or concrete
10:
1401:
1211:Harvest now, decrypt later
667:10.1007/s00145-021-09389-w
447:intends a message for Bob
352:Security protocol notation
349:
1350:
1327:Post-quantum cryptography
1279:
1035:
997:
1317:Quantum key distribution
1307:Authenticated encryption
1162:Random number generation
566:Transport Layer Security
545:Off-the-Record Messaging
467:consisting of a message
358:Alice & Bob notation
95:Transport Layer Security
37:cryptographic primitives
1385:Cryptographic protocols
1312:Public-key cryptography
1302:Symmetric-key algorithm
1105:Key derivation function
1065:Cryptographic primitive
1058:Authentication protocol
1048:Outline of cryptography
1043:History of cryptography
550:Point to Point Protocol
513:{\displaystyle K_{A,B}}
1053:Cryptographic protocol
514:
481:
461:
441:
415:
21:cryptographic protocol
16:Aspect of cryptography
1206:End-to-end encryption
1152:Cryptojacking malware
654:Journal of Cryptology
583:List of cryptosystems
530:Internet Key Exchange
515:
482:
462:
442:
416:
169:Undeniable signatures
119:key agreement methods
69:material construction
1322:Quantum cryptography
1246:Trusted timestamping
697:Berry Schoenmakers.
491:
471:
451:
431:
367:
281:adding missing items
218:adding missing items
107:symmetric encryption
1085:Cryptographic nonce
183:Formal verification
173:Deniable encryption
148:digital credentials
1191:Subliminal channel
1175:Pseudorandom noise
1122:Key (cryptography)
510:
477:
457:
437:
411:
279:; you can help by
216:; you can help by
1372:
1371:
1368:
1367:
1251:Key-based routing
1241:Trapdoor function
1112:Digital signature
986:978-3-319-45982-0
480:{\displaystyle X}
460:{\displaystyle B}
440:{\displaystyle A}
424:This states that
297:
296:
234:
233:
189:verified formally
1392:
1358:
1357:
1186:Insecure channel
1022:
1015:
1008:
999:
998:
995:
994:
990:
969:Internet Science
966:
947:
942:
936:
931:
925:
920:
914:
913:
911:
910:
901:. Archived from
895:
889:
884:
878:
873:
867:
866:
864:
863:
854:. Archived from
848:
842:
837:
831:
830:
828:
827:
818:. Archived from
812:
806:
805:
799:
791:
789:
787:
766:
760:
759:
757:
755:
740:
734:
733:
727:
719:
712:
706:
705:
703:
694:
688:
687:
669:
645:
639:
638:
636:
635:
629:
622:
614:
519:
517:
516:
511:
509:
508:
486:
484:
483:
478:
466:
464:
463:
458:
446:
444:
443:
438:
420:
418:
417:
412:
410:
409:
408:
407:
292:
289:
271:
270:
264:
229:
226:
208:
207:
201:
142:can be used for
140:Blind signatures
53:or establishment
27:that performs a
1400:
1399:
1395:
1394:
1393:
1391:
1390:
1389:
1375:
1374:
1373:
1364:
1346:
1275:
1031:
1026:
987:
964:
956:
954:Further reading
951:
950:
943:
939:
932:
928:
921:
917:
908:
906:
897:
896:
892:
885:
881:
874:
870:
861:
859:
850:
849:
845:
838:
834:
825:
823:
814:
813:
809:
793:
792:
785:
783:
767:
763:
753:
751:
742:
741:
737:
721:
720:
713:
709:
701:
695:
691:
646:
642:
633:
631:
627:
620:
616:
615:
611:
606:
579:
561:Signal Protocol
526:
498:
494:
492:
489:
488:
472:
469:
468:
452:
449:
448:
432:
429:
428:
397:
393:
392:
388:
368:
365:
364:
354:
348:
293:
287:
284:
268:
243:Dolev–Yao model
230:
224:
221:
205:
185:
135:
76:Non-repudiation
17:
12:
11:
5:
1398:
1388:
1387:
1370:
1369:
1366:
1365:
1363:
1362:
1351:
1348:
1347:
1345:
1344:
1339:
1337:Random numbers
1334:
1329:
1324:
1319:
1314:
1309:
1304:
1299:
1294:
1289:
1283:
1281:
1277:
1276:
1274:
1273:
1268:
1263:
1261:Garlic routing
1258:
1253:
1248:
1243:
1238:
1233:
1228:
1223:
1218:
1213:
1208:
1203:
1198:
1193:
1188:
1183:
1181:Secure channel
1178:
1172:
1171:
1170:
1159:
1154:
1149:
1144:
1142:Key stretching
1139:
1134:
1129:
1124:
1119:
1114:
1109:
1108:
1107:
1102:
1092:
1090:Cryptovirology
1087:
1082:
1077:
1075:Cryptocurrency
1072:
1067:
1062:
1061:
1060:
1050:
1045:
1039:
1037:
1033:
1032:
1025:
1024:
1017:
1010:
1002:
992:
991:
985:
955:
952:
949:
948:
945:Tamarin Prover
937:
926:
915:
890:
879:
868:
843:
832:
807:
761:
735:
707:
689:
640:
608:
607:
605:
602:
601:
600:
595:
590:
588:Secure channel
585:
578:
575:
574:
573:
568:
563:
558:
552:
547:
542:
537:
532:
525:
522:
507:
504:
501:
497:
476:
456:
436:
422:
421:
406:
403:
400:
396:
391:
387:
384:
381:
378:
375:
372:
350:Main article:
347:
344:
343:
342:
340:Tamarin Prover
337:
334:
329:
326:
323:
320:
315:
312:
311:
310:
307:
304:
295:
294:
274:
272:
259:
258:
255:
250:
245:
240:
232:
231:
211:
209:
184:
181:
134:
131:
91:
90:
85:
82:Secret sharing
79:
73:
70:
60:
58:authentication
54:
15:
9:
6:
4:
3:
2:
1397:
1386:
1383:
1382:
1380:
1361:
1353:
1352:
1349:
1343:
1342:Steganography
1340:
1338:
1335:
1333:
1330:
1328:
1325:
1323:
1320:
1318:
1315:
1313:
1310:
1308:
1305:
1303:
1300:
1298:
1297:Stream cipher
1295:
1293:
1290:
1288:
1285:
1284:
1282:
1278:
1272:
1269:
1267:
1264:
1262:
1259:
1257:
1256:Onion routing
1254:
1252:
1249:
1247:
1244:
1242:
1239:
1237:
1236:Shared secret
1234:
1232:
1229:
1227:
1224:
1222:
1219:
1217:
1214:
1212:
1209:
1207:
1204:
1202:
1199:
1197:
1194:
1192:
1189:
1187:
1184:
1182:
1179:
1176:
1173:
1168:
1165:
1164:
1163:
1160:
1158:
1155:
1153:
1150:
1148:
1145:
1143:
1140:
1138:
1135:
1133:
1132:Key generator
1130:
1128:
1125:
1123:
1120:
1118:
1115:
1113:
1110:
1106:
1103:
1101:
1098:
1097:
1096:
1095:Hash function
1093:
1091:
1088:
1086:
1083:
1081:
1078:
1076:
1073:
1071:
1070:Cryptanalysis
1068:
1066:
1063:
1059:
1056:
1055:
1054:
1051:
1049:
1046:
1044:
1041:
1040:
1038:
1034:
1030:
1023:
1018:
1016:
1011:
1009:
1004:
1003:
1000:
996:
988:
982:
978:
974:
970:
963:
958:
957:
946:
941:
935:
930:
924:
919:
905:on 2016-10-10
904:
900:
894:
888:
883:
877:
872:
858:on 2015-10-03
857:
853:
847:
841:
836:
822:on 2017-02-08
821:
817:
811:
803:
797:
782:
778:
774:
773:
765:
749:
745:
739:
731:
725:
718:
711:
700:
693:
685:
681:
677:
673:
668:
663:
659:
655:
651:
644:
630:on 2017-08-29
626:
619:
613:
609:
599:
596:
594:
591:
589:
586:
584:
581:
580:
572:
569:
567:
564:
562:
559:
556:
553:
551:
548:
546:
543:
541:
538:
536:
533:
531:
528:
527:
521:
505:
502:
499:
495:
474:
454:
434:
427:
404:
401:
398:
394:
385:
379:
376:
370:
363:
362:
361:
359:
353:
341:
338:
335:
333:
330:
327:
324:
321:
319:
316:
313:
308:
305:
302:
301:
299:
298:
291:
282:
278:
275:This list is
273:
266:
265:
262:
256:
254:
251:
249:
246:
244:
241:
239:
236:
235:
228:
219:
215:
212:This list is
210:
203:
202:
199:
196:
194:
190:
180:
178:
177:Digital mixes
174:
170:
166:
162:
157:
153:
149:
145:
141:
130:
128:
124:
120:
116:
111:
108:
104:
100:
96:
93:For example,
89:
86:
83:
80:
77:
74:
71:
68:
65:
61:
59:
55:
52:
51:Key agreement
49:
48:
47:
44:
42:
38:
34:
33:cryptographic
30:
26:
22:
1292:Block cipher
1137:Key schedule
1127:Key exchange
1117:Kleptography
1080:Cryptosystem
1052:
1029:Cryptography
968:
940:
929:
918:
907:. Retrieved
903:the original
893:
882:
871:
860:. Retrieved
856:the original
846:
835:
824:. Retrieved
820:the original
810:
784:. Retrieved
771:
764:
752:. Retrieved
738:
716:
710:
692:
657:
653:
643:
632:. Retrieved
625:the original
612:
555:Secure Shell
423:
355:
288:October 2016
285:
260:
257:Strand space
225:October 2016
222:
197:
186:
144:digital cash
136:
126:
114:
112:
92:
45:
20:
18:
1280:Mathematics
1271:Mix network
786:14 February
754:14 February
318:CryptoVerif
115:application
1231:Ciphertext
1201:Decryption
1196:Encryption
1157:Ransomware
909:2016-10-07
862:2016-10-17
826:2016-10-17
634:2015-10-23
604:References
277:incomplete
248:Ď€-calculus
214:incomplete
64:encryption
62:Symmetric
41:algorithms
1221:Plaintext
796:cite book
684:235174220
676:0933-2790
660:(3): 26.
374:→
193:Dolev-Yao
1379:Category
1360:Category
1266:Kademlia
1226:Codetext
1169:(CSPRNG)
748:Archived
724:citation
577:See also
540:Kerberos
524:Examples
332:ProVerif
165:e-voting
29:security
25:protocol
1036:General
934:Scyther
336:Scyther
195:model.
84:methods
78:methods
56:Entity
1147:Keygen
983:
682:
674:
314:Casper
127:per se
1177:(PRN)
965:(PDF)
702:(PDF)
680:S2CID
628:(PDF)
621:(PDF)
557:(SSH)
535:IPsec
426:Alice
103:X.509
99:HTTPS
981:ISBN
802:link
788:2024
756:2024
730:link
672:ISSN
571:ZRTP
146:and
973:doi
777:doi
662:doi
283:.
220:.
167:.
1381::
979:.
798:}}
794:{{
746:.
726:}}
722:{{
678:.
670:.
658:34
656:.
652:.
520:.
19:A
1021:e
1014:t
1007:v
989:.
975::
912:.
865:.
829:.
804:)
790:.
779::
758:.
732:)
704:.
686:.
664::
637:.
506:B
503:,
500:A
496:K
475:X
455:B
435:A
405:B
402:,
399:A
395:K
390:}
386:X
383:{
380::
377:B
371:A
290:)
286:(
227:)
223:(
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.