Cryptographic protocols
A cryptographic protocol is an interaction between one or more entities to achieve a certain goal. In fact, encryption and digital signatures can be seen as a special case of cryptographic protocols.
While a huge number of protocols have been developed, we will restrict this section to two types of protocols: protocols for user authentication and protocols for key management.
User authentication protocols
The design of cryptographic protocols for user authentication is very complex. A large number of protocols have been presented in the available literature, many of which exhibit some weaknesses. The simplest protocol providing unilateral authentication consist of sending a password.
More complex challenge-response protocols can be designed in which the user does not transmit his secret information. They are based on an encryption algorithm, a MAC or a digital signature and the use, in addition, of so called nonces (never used more than once) : random numbers, sequence numbers or time stamps. More complex protocols are required to achieve mutual authentication.
KeyManagement Protocols
On e of the main links in the cryptographic keychain is the key management protocol: every cryptographic service will make use of cryptographic keying material, whose confidentiality and/or integrity has to be protected. For the distribution of this keying material, one can use a new cryptographic primitive, and ultimately, a physical channel.
A cryptographic protocol is an interaction between one or more entities to achieve a certain goal. In fact, encryption and digital signatures can be seen as a special case of cryptographic protocols.
While a huge number of protocols have been developed, we will restrict this section to two types of protocols: protocols for user authentication and protocols for key management.
User authentication protocols
The design of cryptographic protocols for user authentication is very complex. A large number of protocols have been presented in the available literature, many of which exhibit some weaknesses. The simplest protocol providing unilateral authentication consist of sending a password.
More complex challenge-response protocols can be designed in which the user does not transmit his secret information. They are based on an encryption algorithm, a MAC or a digital signature and the use, in addition, of so called nonces (never used more than once) : random numbers, sequence numbers or time stamps. More complex protocols are required to achieve mutual authentication.
KeyManagement Protocols
On e of the main links in the cryptographic keychain is the key management protocol: every cryptographic service will make use of cryptographic keying material, whose confidentiality and/or integrity has to be protected. For the distribution of this keying material, one can use a new cryptographic primitive, and ultimately, a physical channel.