Cryptography Reference
In-Depth Information
9.1.1
Operational motivation for protocols
It is rare to deploy a cryptographic primitive in isolation to provide a single
security service for a single piece of data. There are several reasons for this. Many
applications:
Have complex security requirements
. For example, if we wish to transmit
some sensitive information across an insecure network then it is likely that
we will want confidentiality
and
data origin authentication guarantees (see
Section 6.3.6 and Section 7.4.2).
Involve different data items with different security requirements
. Most
applications involve different pieces of data, each of which may have
different security requirements. For example, an application processing an
online transaction may require the purchase details (product, cost) to be
authenticated, but not encrypted, so that this information is widely available.
However, the payment details (card number, expiry date) are likely to be
required to be kept confidential. It is also possible that different requirements
of this type arise for efficiency reasons, since all cryptographic computations
(particularly public-key computations) have an associated efficiency cost. It can
thus be desirable to apply cryptographic primitives only to those data items
that strictly require a particular type of protection.
Involve information flowing between more than one entity
. It is rare for a
cryptographic application to involve just one entity, such as when a user
encrypts a file for storage on their local machine. Most applications involve
at least two entities exchanging data. For example, a card payment scheme
may involve a client, a merchant, the client's bank and the merchant's bank
(and possibly other entities).
Consist of a sequence of logical (conditional) events
. Real applications normally
involve multiple operations that need to be conducted in a specific order, each
of which may have its own security requirements. For example, it does not
make any sense to provide confidentiality protection for the deduction of a
sum from a client's account and issue some money from a cash machine until
entity authentication of the client has been conducted.
We thus require a process for specifying precisely how to apply cryptographic
primitives during the exchange of data between entities in such a way that the
necessary security goals are met.
9.1.2
Environmental motivation for protocols
An alternative motivation for cryptographic protocols comes from the environ-
ments in which they are likely to be deployed.
The idea of a
protocol
should be quite familiar. We engage in protocols inmany
aspects of daily life. For example, most cultures have established protocols that run
