A cryptographic protocol is an abstract or concrete protocol that performs a security-related function and applies cryptographic methods. The most widely used cryptographic protocols are protocols for secure application-level data transport. A cryptographic protocol of this kind usually incorporates at least some of these aspects:
Symmetric encryption and message authentication material construction
Secured application-level data transport
Non-repudiation methods
For example, Transport Layer Security (TLS) is a cryptographic protocol that is used to secure web (HTTP) connections. It has an entity authentication mechanism, based on the X.509 system; a key setup phase, where a symmetric encryption key is formed by employing public-key cryptography; and an application-level data transport function. These three aspects have important interconnections. Standard TLS does not have non-repudiation support.
There are other types of cryptographic protocols as well, and even the term itself has various different readings. For instance, TLS employs what is known as the Diffie-Hellman key exchange, an although only a part of TLS per se, it can be also seen as a complete cryptographic protocol of its own right.
Cryptographic protocols can sometimes be verified formally on an abstract level.
Unlike traditional cryptography, which employs various mathematical techniques to restrict eavesdroppers from learning the contents of encrypted messages, quantum cryptography is based on the physics of information.
Whereas classical public-key cryptography relies on the computational difficulty of certain hard mathematical problems (such as integer factorisation) for key distribution, quantum cryptography relies on the laws of quantum mechanics.
Quantum cryptography is still vulnerable to a type of MITM where the interceptor (Eve) establishes herself as "Alice" to Bob, and as "Bob" to Alice.
Feeds |
Contact