Cryptography Reference
In-Depth Information
Chapter 6
Cryptographic Protocols
According to Schneier, a protocol serves to 'run a certain task and consists
of a series of actions in which two or more parties participate' [SchnCr, 2.1].
Cryptographic protocols are aimed at securing secrecy or preventing fraud or
sabotage. Such protocols sort of mediate the use of cryptographic algorithms
in practice once they have been designed and implementation issues have been
clarified. Exactly like algorithms, protocols can be broken by discovering a
possibility for fraud that was unconsidered in the design. You can find a good
example in Section 6.4.2. There are cryptanalyses for cryptographic protocols,
too, but their formalization is not yet on the same level as with algorithms.
You already know a few cryptographic protocols. The distribution of a secret
key over several channels (Figure 4.13), for example, is a simple protocol,
and so is the key distribution by means of hybrid methods (Figure 4.14). The
interlock protocol (Figure 4.15) is a bit more sophisticated. And the password
check under UNIX (Section 3.3) is a cryptographic protocol, too.
Cryptographic protocols are primarily intended to map processes or objects
related to processes from the real world to the digital world and protect them.
Examples include
•
signatures;
•
non-repudiable agreements;
•
personal identifications;
