Cryptography Reference
In-Depth Information
when two people who have not met before are introduced to one another (such as
smile, shake hands, then exchange business cards). Diplomatic protocols are an
example of a more formally documented class of protocols. These are procedures
designed to achieve diplomatic goals, independent of the culture and language of
the participating countries and diplomats. Indeed, it is for the very reason that
countries, languages and diplomats are all
different
that diplomatic protocols are
necessary. A potentially more familiar example of a protocol is the sequence of
procedural and legal processes involved in sale or purchase of a property within a
particular legal jurisdiction.
For similar reasons, protocols are important for electronic communications.
Different computing devices run on different hardware platforms, using different
software, and communicate in different languages. When considering environ-
ments such as the Internet, it at first seems incredible that this diversity of
devices can communicate with one another at all. The secret is protocols, in this
case communication protocols. The communication protocol TCP/IP enables
any device connected to the Internet to talk to any other device connected to
the Internet. TCP/IP provides a common process for breaking data into small
packets, addressing them, routing them through a network, reassembling them,
and finally checking that they have arrived correctly. They can then be interpreted
and processed by the receiving device.
In a similar way, a cryptographic protocol provides a common process that
allows security goals to be achieved between a number of devices, regardless of
the nature of the devices involved.
9.1.3
Components of a cryptographic protocol
A
cryptographic protocol
is a specification of all the events that need to take place
in order to achieve some required security goals. In particular, a cryptographic
protocol needs to specify:
The protocol assumptions
- any prerequisite assumptions concerning the
environment in which the protocol will be run. While this in practice
involves assumptions about the entire environment (including, for example,
security of devices used in the protocol), we will generally restrict our
attention to clarifying the cryptographic assumptions, such as the strength
of cryptographic primitives used and the possession of cryptographic keys by
the participating entities.
What needs to have happened before the protocol
is run
?
The protocol flow
- the sequence of communications that need to take place
between the entities involved in the protocol. Each message is often referred to
as being a
step
or
pass
of the protocol.
Who sends a message to whom, and in
which order
?
The protocol messages
- the content of each message that is exchanged between
two entities in the protocol.
What information is exchanged at each step
?
