Skip to main content
SpringerLink
Log in

Cryptographic Protocols

  • Chapter
  • First Online:
Guide to Internet Cryptography

Part of the book series: Information Security and Cryptography ((ISC))

  • 1287 Accesses

Abstract

This chapter deals with cryptographic protocols. Each protocol is defined by a sequence of messages exchanged between two or more parties to achieve a specific security goal. Two important goals are key agreement, where the parties want to agree on a secret value by exchanging publicly visible messages, and entity authentication, where one partywants to convince the other of its identity. In practice, both goals are combined as authenticated key agreement.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 49.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 64.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 99.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Dictionary assassin v.2.0. http://biggestpasswordlist.com/

  2. List of rainbow tables. https://project-rainbowcrack.com/table.htm. URL https://project-rainbowcrack.com/table.htm

  3. Openwall wordlists collection. https://www.openwall.com/wordlists/

  4. Adams, A., Sasse, M.A.: Users are not the enemy. Communications of the ACM 42(12), 40–46 (1999)

    Google Scholar 

  5. Balcazar, J.L., Diaz, J., Gabarro, J.: Structural Complexity I, EATCS Monographs on Theoretical Computer Science, vol. 11. Springer (1990)

    Google Scholar 

  6. Bellare, M., Rogaway, P.: Entity authentication and key distribution (1994)

    Google Scholar 

  7. Burrows, M., Abadi, M., Needham, R.M.: A logic of authentication. ACM Trans. Comput. Syst. 8(1), 18–36 (1990). DOI https://doi.org/10.1145/77648.77649. URL https://doi.org/10.1145/77648.77649

  8. Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: B. Pfitzmann (ed.) Advances in Cryptology – EUROCRYPT 2001, Lecture Notes in Computer Science, vol. 2045, pp. 453–474. Springer, Heidelberg, Germany, Innsbruck, Austria (2001). DOI https://doi.org/10.1007/3-540-44987-6_28

  9. Comodo CA Ltd.: Comodo Report of Incident - Comodo detected and thwarted an intrusion on 26-MAR-2011. Tech. rep. (2011)

    Google Scholar 

  10. Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., Polk, W.: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 5280 (Proposed Standard) (2008). DOI https://doi.org/10.17487/RFC5280. URL https://www.rfc-editor.org/rfc/rfc5280.txt. Updated by RFCs 6818, 8398, 8399

  11. Dolev, D., Yao, A.C.C.: On the security of public key protocols (extended abstract). In: 22nd Annual Symposium on Foundations of Computer Science, pp. 350–357. IEEE Computer Society Press, Nashville, TN, USA (1981). DOI https://doi.org/10.1109/SFCS.1981.324.6 Certificates 83

  12. Fox-IT: Black Tulip - Report of the investigation into the DigiNotar Certificate Authority breach. http://www.rijksoverheid.nl/bestanden/documenten-en-publicaties/rapporten/2011/09/05/diginotar-public-report-version-1/rapport-fox-it-operation-black-tulip-v1-0.pdf (2012)

  13. Georgiev, M., Iyengar, S., Jana, S., Anubhai, R., Boneh, D., Shmatikov, V.: The most dangerous code in the world: validating SSL certificates in non-browser software. In: T. Yu, G. Danezis, V.D. Gligor (eds.) ACM CCS 2012: 19th Conference on Computer and Communications Security, pp. 38–49. ACM Press, Raleigh, NC, USA (2012). DOI https://doi.org/10.1145/2382196.2382204

  14. Golla, M., Durmuth, M.: On the accuracy of password strength meters. In: D. Lie, M. Mannan, M. Backes, X. Wang (eds.) ACM CCS 2018: 25th Conference on Computer and Communications Security, pp. 1567–1582. ACM Press, Toronto, ON, Canada (2018). DOI https://doi.org/10.1145/3243734.3243769

  15. Kalenderi, M., Pnevmatikatos, D., Papaefstathiou, I., Manifavas, C.: Breaking the gsm a5/1 cryptography algorithm with rainbow tables and high-end fpgas. In: 22nd International conference on field programmable logic and applications (FPL), pp. 747–753. IEEE (2012)

    Google Scholar 

  16. Krawczyk, H.: HMQV: A high-performance secure Diffie-Hellman protocol. In: V. Shoup (ed.) Advances in Cryptology – CRYPTO 2005, Lecture Notes in Computer Science, vol. 3621, pp. 546–566. Springer, Heidelberg, Germany, Santa Barbara, CA, USA (2005). DOI https://doi.org/10.1007/11535218_33

  17. Kumar, H., Kumar, S., Joseph, R., Kumar, D., Singh, S.K.S., Kumar, A., Kumar, P.: Rainbow table to crack password using md5 hashing algorithm. In: 2013 IEEE Conference on Information & Communication Technologies, pp. 433–439. IEEE (2013)

    Google Scholar 

  18. LaMacchia, B.A., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In: W. Susilo, J.K. Liu, Y. Mu (eds.) ProvSec 2007: 1st International Conference on Provable Security, Lecture Notes in Computer Science, vol. 4784, pp. 1–16. Springer, Heidelberg, Germany, Wollongong, Australia (2007)

    Google Scholar 

  19. M’Raihi, D., Machani, S., Pei, M., Rydell, J.: TOTP: Time-Based One-Time Password Algorithm. RFC 6238 (Informational) (2011). DOI https://doi.org/10.17487/RFC6238. URL https: //www.rfc-editor.org/rfc/rfc6238.txt

  20. Oechslin, P.: Making a faster cryptanalytic time-memory trade-off. In: D. Boneh (ed.) Advances in Cryptology – CRYPTO 2003, Lecture Notes in Computer Science, vol. 2729, pp. 617–630. Springer, Heidelberg, Germany, Santa Barbara, CA, USA (2003). DOI https://doi.org/10.1007/978-3-540-45146-4_36

  21. Rescorla, E.: HTTP Over TLS. RFC 2818 (Informational) (2000). DOI https://doi.org/10.17487/RFC2818. URL https://www.rfc-editor.org/rfc/rfc2818.txt. Obsoleted by RFC 9110, updated by RFCs 5785, 7230

  22. Ristic, I.: Bulletproof SSL and TLS:Understanding and Deploying SSL/TLS and PKI to Secure Servers and Web Applications. Feisty Duck (2013)

    Google Scholar 

  23. Santesson, S., Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP. RFC 6960 (Proposed Standard) (2013). DOI https://doi.org/10.17487/RFC6960. URL https://www.rfc-editor.org/rfc/rfc6960.txt. Updated by RFC 8954

  24. Stevens, M., Lenstra, A.K., de Weger, B.: Chosen-prefix collisions for MD5 and colliding X.509 certificates for different identities. In: M. Naor (ed.) Advances in Cryptology – EUROCRYPT 2007, Lecture Notes in Computer Science, vol. 4515, pp. 1–22. Springer, Heidelberg, Germany, Barcelona, Spain (2007). DOI https://doi.org/10.1007/978-3-540-72540-4

Download references

Author information

Authors and Affiliations

  1. Chair for Network and Data Security, Ruhr University Bochum, Bochum, Germany

    Jörg Schwenk

Authors
  1. Jörg Schwenk
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jörg Schwenk .

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Schwenk, J. (2022). Cryptographic Protocols. In: Guide to Internet Cryptography. Information Security and Cryptography. Springer, Cham. https://doi.org/10.1007/978-3-031-19439-9_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-19439-9_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-19438-2

  • Online ISBN: 978-3-031-19439-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation