What are Cryptographic Protocols? – Types, and More
Cryptographic protocols are those that, to carry out this interaction, use cryptographic functions to ensure the security requirements in communications between the users involved in the exchange confidentiality, integrity, authenticity, and non-repudiation.
We are going to find examples of the use of cryptographic protocols in fields as diverse as in electronic commerce, where share signatures have to be use; insecure email, were more than just an acknowledgement of receipt will be needed; in the complementation of electronic payment systems with the use of blind signatures or in electronic voting systems. In many cases, the arbitration of a trusted third party will also be needed to guarantee all the security requirements in these electronic transactions.
Types of Cryptographic Protocols
Key Establishment Protocols
A key establishment protocol (key establishment protocols), also called vital exchange protocols, is a cryptographic protocol in which a sequence of steps is establish between two or more participants. First, the participants agree on the value of shared secret information. Shared private information is often called a key because that information is often used as the key for some cryptographic algorithm.
An identification protocol, also called a user authentication protocol, is an interactive protocol that allows one party to prove its identity to another party (authenticate itself). The party that verifies the essence is called a verifier. The part that is identified is called a tester.
They can be of two types: cryptographic or non-cryptographic
Examples of identification protocols
- Challenge-response protocols
- Schnarr identification algorithm
- Okamoto identification scheme
- Guillou-Quisquater identification scheme
- Identity-based identification schemes
- Feig–Fiat–Shamir identification scheme
Message Authentication Protocols
An authentication protocol is a cryptographic type that can authenticate securely entities that wish to communicate. Authentication protocols are negotiated immediately after link quality is determine and before the network layer is arrange. Some authentication protocols are:
PAP (Password Authentication Protocol), CHAP (Challenge Handshake Authentication Protocol), SPAP (Shiva Password Authentication Protocol), MS-CHAP and MS-CHAP v2, EAP (Extensible Authentication Protocol), Kerberos.
Secret Sharing Protocols
It is a protocol that allows obtaining a series of data or shadows from a secret so that it is possible to recover the original secret from only some of those shadows. These schemes were propose to safeguard cryptographic keys from possible deterioration, theft, or loss.
These protocols are also known as secret sharing protocols and, in general, personal sharing. In particular, it is possible to protect secret keys, private keys, documents, etc.
They currently have applications in
- Access control,
- The opening of safe deposit boxes,
- The initialization of military devices, etc.
Unconscious Transfer Protocols
The oblivious transfer protocol is known as a method use to transfer a secret from a user to a user } and that A does not know if B could see the secret (the probability of for this to happen is 1/2), hence the term “unconscious.” This protocol gives rise to other protocols such as Bit Compromise and Proof of Null Knowledge.
Zero-Knowledge Proof Protocols
A zero-knowledge protocol or null knowledge proof, also known by the acronym ZKP, is a cryptographic protocol that establishes a method for one party to prove to another that a (usually mathematical) statement is true. True, without revealing everything other than the truth of the information.
Bit commitment protocols are of great importance in the field of cryptographic protocols. The objective of these protocols is to get the point A to commit to maintaining the value of a bit or group of bits unalterable against another point B so that A cannot alter the value of said bit or group of bits. B cannot know its value until A “opens the commitment.” They help solve specific problems that we usually encounter. An example of this problem is the throw of a die. One of these problems would be the Coin Toss Problem, which consists of trying to allow two users to act with a 50% probability, ensuring that neither cheats.
Backfilling with Straw and Winnowing Protocols
A cryptographic protocol is a chaffing and winnowing protocol when it uses the chaffing and winnowing technique. This technique is derive from agriculture: When the cereal is collect, a compound is obtain in which the straw (useless) and the grain (proper) are mix. Then, the compost is thrown into the air to separate the grain from the chaff, and the wind carries the straw away from the grain. This process is call winnowing.
Cryptographic Protocols and Standards
Cryptography works on several levels. Algorithms such as symmetric block cyphers and public key algorithms are at one level. Building on these gives you protocols, and building on the protocols gives you afflictions (or other protocols).
It is not enough to study the security of the base algorithms alone, nor can weaknesses in a higher-level protocol or application translate into how insecure an application is or how good the base cryptographic algorithm is. Protocol analysis is tricky because applications that implement such protocols can lead to additional problems.
A modest example is a protocol that leaks data about the key to encrypt a communications channel. Regardless of how good the encryption algorithms are, they become insecure if the upper layer protocol shows information about the keys used in the encryption. Therefore, a suitable protocol is not enough; it must have an exemplary and robust implementation.
Several well-known protocols are mention below
Domain Name Server Security (DNSSEC)
is the protocol for secure name distribution facilities. It is definite in RFC 3007 and RFC 3008.
Generic Safety Services API (GSSAPI):
GSSAPI affords authentication, key exchange, and encryption interface for different encryption algorithms and schemes. It is evident in RFC 2743.
Secure Socket Layer (SSL) / Transportation Layer Security (TLS)
SSL is one of two protocols for secure WWW connections (the other is SHTTP). WWW security has become necessary with the increase in sensitive information, such as credit card numbers, being transmit over the Internet. Netscape originally developed SSL in 1994 as a free standard protocol. In 1996, the development of SSL became the responsibility of the Internet Engineering Task Force ( IETF ) and was rename TSL (Transport Layer Security). Anyway, TLS 1.0 differs very little from SSL 3.0. The differences are describe in RFC 3546.
Secure Hypertext Transfer Protocol (SHTTP)
Secure Hypertext Transfer Protocol is another one that provides more security to WWW transactions. SHTTP is define in RFC 2660. It is much more flexible than SSL, but Netscape’s dominant position in the SSL/TSL market is in a powerful job.
Email Security and related services
Open PGP is the standardization of what Phil Zimmermann’s PGP did for many years. But now this is the standard, and different implementations exist at http://www.pgpi.org/
Public Key Cryptographic Standard Specifications
A public essential cryptographic standard (preceding). It consists of various public critical algorithms for encryption and digital signing. In addition, it has an annexes that goes into all the details necessary for its implementation. More information on their website.
Publius Censor-Resistant Publishing Protocol
it is a very advance system that allows a group of authors and readers to share documents on a series of web servers in such a way that none of them needs to reveal their identity, the origin is certify of the papers according to their author, the documents cannot be delete or modify (censor) unless many of the servers involve are compromise.
The SSH version 2 protocol is develop by the IETF SecSh Working Group. It is a versatile protocol for Internet needs and is use in the SSH Tecta software. In addition, it is use to secure Terminal sessions and arbitrary TCP connections. It is based on its predecessor, SSH v. one developed by Tutu Yonne. Protocol specifications also found on the IETF website.
While the above protocols operate at the application layer of the Internet, allowing communications over secure channels over an insecure network, IPSec attempts to make the Internet a secure network at its core, the Internet Protocol (IP). The IPSec protocol is define in RFC 2401.
A security protocol is an abstract or concrete protocol that performs a security-related function and applies cryptographic methods, often as sequences of cryptographic primitives.