Cryptographic protocol

A security protocol (cryptographic protocol or encryption protocol) is an abstract or concrete protocol that performs a security-related function and applies cryptographic methods, often as sequences of cryptographic primitives. A protocol describes how the algorithms should be used. A sufficiently detailed protocol includes details about data structures and representations, at which point it can be used to implement multiple, interoperable versions of a program.[1]

Cryptographic protocols are widely used for secure application-level data transport. A cryptographic protocol usually incorporates at least some of these aspects:

For example, Transport Layer Security (TLS) is a cryptographic protocol that is used to secure web (HTTPS) connections. It has an entity authentication mechanism, based on the X.509 system; a key setup phase, where a symmetric encryption key is formed by employing public-key cryptography; and an application-level data transport function. These three aspects have important interconnections. Standard TLS does not have non-repudiation support.

There are other types of cryptographic protocols as well, and even the term itself has various readings; Cryptographic application protocols often use one or more underlying key agreement methods, which are also sometimes themselves referred to as "cryptographic protocols". For instance, TLS employs what is known as the Diffie–Hellman key exchange, which although it is only a part of TLS per se, Diffie–Hellman may be seen as a complete cryptographic protocol in itself for other applications.

Advanced cryptographic protocols

A wide variety of cryptographic protocols go beyond the traditional goals of data confidentiality, integrity, and authentication to also secure a variety of other desired characteristics of computer-mediated collaboration.[2] Blind signatures can be used for digital cash and digital credentials to prove that a person holds an attribute or right without revealing that person's identity or the identities of parties that person transacted with. Secure digital timestamping can be used to prove that data (even if confidential) existed at a certain time. Secure multiparty computation can be used to compute answers (such as determining the highest bid in an auction) based on confidential data (such as private bids), so that when the protocol is complete the participants know only their own input and the answer. End-to-end auditable voting systems provide sets of desirable privacy and auditability properties for conducting e-voting. Undeniable signatures include interactive protocols that allow the signer to prove a forgery and limit who can verify the signature. Deniable encryption augments standard encryption by making it impossible for an attacker to mathematically prove the existence of a plain text message. Digital mixes create hard-to-trace communications.

Formal verification

Cryptographic protocols can sometimes be verified formally on an abstract level. When it is done, there is a necessity to formalize the environment in which the protocol operates in order to identify threats. This is frequently done through the Dolev-Yao model.

Logics, concepts and calculi used for formal reasoning of security protocols:

This list is incomplete; you can help by expanding it.

Research projects and tools used for formal verification of security protocols:

This list is incomplete; you can help by expanding it.
  • Automated Validation of Internet Security Protocols and Applications (AVISPA)[4] and follow-up project AVANTSSAR[5]
    • Constraint Logic-based Attack Searcher (CL-AtSe)[6]
    • Open-Source Fixed-Point Model-Checker (OFMC)[7]
    • SAT-based Model-Checker (SATMC)[8]
  • Casper[9]
  • CryptoVerif
  • Cryptographic Protocol Shapes Analyzer (CPSA)[10]
  • Knowledge In Security protocolS (KISS)[11]
  • Maude-NRL Protocol Analyzer (Maude-NPA)[12]
  • ProVerif
  • Scyther[13]
  • Tamarin Prover[14]

Notion of abstract protocol
Main article: Security protocol notation

To formally verify a protocol it is often abstracted and modelled using Alice & Bob notation. A simple example is the following:

This states that Alice intends a message for Bob consisting of a message encrypted under shared key .

Examples
gollark: Many computer users run a modified version of the GNU system every day, without realizing it. Through a peculiar turn of events, the version of GNU which is widely used today is often called Wrong, and many of its users are not aware that it is basically the GNU system, developed by the GNU Project.
gollark: I'd just like to interject for moment. What you're refering to as Wrong, is in fact, GNU/Wrong, or as I've recently taken to calling it, GNU plus Wrong. Wrong is not an operating system unto itself, but rather another free component of a fully functioning GNU system made useful by the GNU corelibs, shell utilities and vital system components comprising a full OS as defined by POSIX.
gollark: What the 🖕🏻 did ➡️👤 just 👉🏻️👌🏻 💬 about 👤⬅️, ➡️👤 little 🐩👩🏻? I'll have ➡️👤 💡 I 👨🏻‍🎓️ 🔝 of my class in the Navy Seals, ➕ I've been involved in numerous secret raids on Al-Quaeda, ➕ I have over 3️⃣0️⃣0️⃣ confirmed kills. I am 🚋 in 🦍 warfare ➕ I'm the 🔝 sniper in the entire 👥⬅️ armed forces. ➡️👤 are nothing to 👤⬅️ but just another 🎯. I will wipe ➡️👤 the 🖕🏻 out with precision the likes of which has never been 👀 before on this 🌐, ❣️ my 👉🏻️👌🏻 words. ➡️👤 💭 ➡️👤 🥫 get away with 💬 that 💩 to 👤⬅️ over the Internet? 💭 🔂, fucker. As 👥⬅️ 🗣️ I am contacting my secret network of 🕵🏻️‍♂️ across the 🇺🇸 ➕ your IP is being traced ➡️ now so ➡️👤 better prepare for the storm, maggot. The storm that wipes out the pathetic little thing ➡️👤 📞 your 🧬. You're 👉🏻️👌🏻 ☠️, kid. I 🥫 be anywhere, anytime, ➕ I 🥫 kill ➡️👤 in over 7️⃣ 💯 ways, ➕ that's just with my bare ✋🏻. ❌ only am I extensively 🚋 in unarmed combat, but I have ♿️ to the entire arsenal of the United States Marine Corps ➕ I will use it to its 🌝 extent to wipe your miserable 🍑 off the 😀 of the continent, ➡️👤 little 💩. If only ➡️👤 could have 💡 what unholy retribution your little "clever" comment was about to bring 👇🏻️ upon ➡️👤, maybe ➡️👤 would have held your 👉🏻️👌🏻 👅. But ➡️👤 couldn't, ➡️👤 didn't, ➕ now you're 💰️➡️ the price, ➡️👤 goddamn idiot. I will 💩 fury all over ➡️👤 ➕ ➡️👤 will drown in it. You're 👉🏻️👌🏻 ☠️, kiddo.
gollark: Can I be a bot and <@509849474647064576> a human?
gollark: Perfect.

See also

References
  1. "Cryptographic Protocol Overview" (PDF). 2015-10-23. Archived from the original (PDF) on 2017-08-29. Retrieved 2015-10-23.
  2. Berry Schoenmakers. "Lecture Notes Cryptographic Protocols" (PDF).
  3. Fábrega, F. Javier Thayer, Jonathan C. Herzog, and Joshua D. Guttman., Strand Spaces: Why is a Security Protocol Correct?CS1 maint: multiple names: authors list (link)
  4. "Automated Validation of Internet Security Protocols and Applications (AVISPA)". Archived from the original on 2016-09-22. Retrieved 2016-10-07.
  5. AVANTSSAR
  6. Constraint Logic-based Attack Searcher (Cl-AtSe)
  7. Open-Source Fixed-Point Model-Checker (OFMC)
  8. "SAT-based Model-Checker for Security Protocols and Security-sensitive Application (SATMC)". Archived from the original on 2015-10-03. Retrieved 2016-10-17.
  9. Casper: A Compiler for the Analysis of Security Protocols
  10. cpsa: Symbolic cryptographic protocol analyzer
  11. "Knowledge In Security protocolS (KISS)". Archived from the original on 2016-10-10. Retrieved 2016-10-07.
  12. Maude-NRL Protocol Analyzer (Maude-NPA)
  13. Scyther
  14. Tamarin Prover

Further reading
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.