Cryptography Reference
In-Depth Information
Alice
Bob
Sig
Alice
(contract)
Figure 9.1.
A simple cryptographic protocol providing non-repudiation
Specifying the protocol
. This takes the protocol goals as input and involves
determining some cryptographic primitives, message flow and actions that
achieve these goals.
A very simple example of these stages would be the following:
Defining the objectives
. Merchant Bob wants to make sure that a contract that
he will receive from Alice cannot later be denied.
Determining the protocol goals
. At the end of the protocol Bob requires non-
repudiation of the contract received from Alice.
Specifying the protocol
. A protocol to achieve this simple goal is given in
Figure 9.1. In this protocol there is only one message, which is sent from
Alice to Bob. This message consists of the contract, digitally signed by Alice.
The notation
Sig
Alice
represents a generic digital signature algorithm. We do
not specify
which
algorithm is to be used. Nor do we specify whether the digital
signature scheme is with appendix or message recovery (see Section 7.3.3). We
assume that if a digital signature scheme with appendix is used then part of
Sig
Alice
(contract) is a plaintext version of the contract.
9.2.2
Challenges of the stages of protocol design
The very simple example that we have just discussed is so elementary that it hides
the complexity that is normally involved with each design stage of a cryptographic
protocol. While we will shortly examine a slightly more complex protocol, it is
important to note that most applications have much more sophisticated security
requirements. This introduces complexity throughout the design process.
DEFINING THE OBJECTIVES
It can be very difficult to determine in advance exactly what security requirements
a particular application has. Failure to get this correct from the outset is likely
to have serious consequences. Thus great care needs to be taken to conduct
a sufficiently rigorous risk analysis exercise in advance, so that the security
objectives that are defined are complete.
DETERMINING THE PROTOCOL GOALS
The translation of the security goals into cryptographic requirements is, in theory,
the most straightforward of the design stages. However, just like any translation
exercise, this needs to be done by someone sufficiently expert that the conversion
process is accurately conducted.
