Cryptography Reference
In-Depth Information
The protocol actions
- the details of any actions (operations) that an entity needs
to perform after receiving, or before sending, a protocol message.
What needs
to be done between steps
?
If a cryptographic protocol is followed correctly, in other words all protocol
messages are well formed and occur in the correct order, and all actions complete
successfully, then hopefully the security goals will be met. If at some stage a
protocol message is not received correctly, or an action fails, then the protocol
itself is said to
fail
and none of the security goals can be safely considered to
have been met. It is wise to have pre-specified rules for deciding how to proceed
following a protocol failure. In the simplest case this might involve a rerun of the
protocol.
Even in simple applications, such as sending an integrity protected message
from one entity to another, we still need to spell out the precise steps that need
to be taken in order to achieve the required security goal. Cryptography is thus
always used within a cryptographic protocol of some sort, albeit sometimes a
rather simple one.
However, most cryptographic protocols are complicated to design and analyse.
It is failures in the design and implementation of cryptographic protocols that
lead to many security weaknesses in real cryptographic applications. In this
chapter we will explain some of the subtleties involved in protocol design and
demonstrate some of the basic skills required to 'make sense' of a cryptographic
protocol.
The design of a cryptographic protocol is a process that commences with a real
security problem that needs to be solved and ends with the specification of a
cryptographic protocol.
9.2.1
Stages of protocol design
There are three main stages to the process of designing a cryptographic protocol:
Defining the objectives
. This is the problem statement, which identifies what
the problem is that the protocol is intended to solve. While we will focus on
security objectives, it is important to realise that there may be other objectives
that are also important, particularly performance-related objectives.
Determining the protocol goals
. This stage translates the objectives into a set of
clear cryptographic requirements. The protocol goals are typically statements
of the form
at the end of the protocol, entity X will be assured of security
service Y
. We will see some examples shortly.
