Abstract
This chapter deals with cryptographic protocols. Each protocol is defined by a sequence of messages exchanged between two or more parties to achieve a specific security goal. Two important goals are key agreement, where the parties want to agree on a secret value by exchanging publicly visible messages, and entity authentication, where one partywants to convince the other of its identity. In practice, both goals are combined as authenticated key agreement.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Dictionary assassin v.2.0. http://biggestpasswordlist.com/
List of rainbow tables. https://project-rainbowcrack.com/table.htm. URL https://project-rainbowcrack.com/table.htm
Openwall wordlists collection. https://www.openwall.com/wordlists/
Adams, A., Sasse, M.A.: Users are not the enemy. Communications of the ACM 42(12), 40–46 (1999)
Balcazar, J.L., Diaz, J., Gabarro, J.: Structural Complexity I, EATCS Monographs on Theoretical Computer Science, vol. 11. Springer (1990)
Bellare, M., Rogaway, P.: Entity authentication and key distribution (1994)
Burrows, M., Abadi, M., Needham, R.M.: A logic of authentication. ACM Trans. Comput. Syst. 8(1), 18–36 (1990). DOI https://doi.org/10.1145/77648.77649. URL https://doi.org/10.1145/77648.77649
Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: B. Pfitzmann (ed.) Advances in Cryptology – EUROCRYPT 2001, Lecture Notes in Computer Science, vol. 2045, pp. 453–474. Springer, Heidelberg, Germany, Innsbruck, Austria (2001). DOI https://doi.org/10.1007/3-540-44987-6_28
Comodo CA Ltd.: Comodo Report of Incident - Comodo detected and thwarted an intrusion on 26-MAR-2011. Tech. rep. (2011)
Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., Polk, W.: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 5280 (Proposed Standard) (2008). DOI https://doi.org/10.17487/RFC5280. URL https://www.rfc-editor.org/rfc/rfc5280.txt. Updated by RFCs 6818, 8398, 8399
Dolev, D., Yao, A.C.C.: On the security of public key protocols (extended abstract). In: 22nd Annual Symposium on Foundations of Computer Science, pp. 350–357. IEEE Computer Society Press, Nashville, TN, USA (1981). DOI https://doi.org/10.1109/SFCS.1981.324.6 Certificates 83
Fox-IT: Black Tulip - Report of the investigation into the DigiNotar Certificate Authority breach. http://www.rijksoverheid.nl/bestanden/documenten-en-publicaties/rapporten/2011/09/05/diginotar-public-report-version-1/rapport-fox-it-operation-black-tulip-v1-0.pdf (2012)
Georgiev, M., Iyengar, S., Jana, S., Anubhai, R., Boneh, D., Shmatikov, V.: The most dangerous code in the world: validating SSL certificates in non-browser software. In: T. Yu, G. Danezis, V.D. Gligor (eds.) ACM CCS 2012: 19th Conference on Computer and Communications Security, pp. 38–49. ACM Press, Raleigh, NC, USA (2012). DOI https://doi.org/10.1145/2382196.2382204
Golla, M., Durmuth, M.: On the accuracy of password strength meters. In: D. Lie, M. Mannan, M. Backes, X. Wang (eds.) ACM CCS 2018: 25th Conference on Computer and Communications Security, pp. 1567–1582. ACM Press, Toronto, ON, Canada (2018). DOI https://doi.org/10.1145/3243734.3243769
Kalenderi, M., Pnevmatikatos, D., Papaefstathiou, I., Manifavas, C.: Breaking the gsm a5/1 cryptography algorithm with rainbow tables and high-end fpgas. In: 22nd International conference on field programmable logic and applications (FPL), pp. 747–753. IEEE (2012)
Krawczyk, H.: HMQV: A high-performance secure Diffie-Hellman protocol. In: V. Shoup (ed.) Advances in Cryptology – CRYPTO 2005, Lecture Notes in Computer Science, vol. 3621, pp. 546–566. Springer, Heidelberg, Germany, Santa Barbara, CA, USA (2005). DOI https://doi.org/10.1007/11535218_33
Kumar, H., Kumar, S., Joseph, R., Kumar, D., Singh, S.K.S., Kumar, A., Kumar, P.: Rainbow table to crack password using md5 hashing algorithm. In: 2013 IEEE Conference on Information & Communication Technologies, pp. 433–439. IEEE (2013)
LaMacchia, B.A., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In: W. Susilo, J.K. Liu, Y. Mu (eds.) ProvSec 2007: 1st International Conference on Provable Security, Lecture Notes in Computer Science, vol. 4784, pp. 1–16. Springer, Heidelberg, Germany, Wollongong, Australia (2007)
M’Raihi, D., Machani, S., Pei, M., Rydell, J.: TOTP: Time-Based One-Time Password Algorithm. RFC 6238 (Informational) (2011). DOI https://doi.org/10.17487/RFC6238. URL https: //www.rfc-editor.org/rfc/rfc6238.txt
Oechslin, P.: Making a faster cryptanalytic time-memory trade-off. In: D. Boneh (ed.) Advances in Cryptology – CRYPTO 2003, Lecture Notes in Computer Science, vol. 2729, pp. 617–630. Springer, Heidelberg, Germany, Santa Barbara, CA, USA (2003). DOI https://doi.org/10.1007/978-3-540-45146-4_36
Rescorla, E.: HTTP Over TLS. RFC 2818 (Informational) (2000). DOI https://doi.org/10.17487/RFC2818. URL https://www.rfc-editor.org/rfc/rfc2818.txt. Obsoleted by RFC 9110, updated by RFCs 5785, 7230
Ristic, I.: Bulletproof SSL and TLS:Understanding and Deploying SSL/TLS and PKI to Secure Servers and Web Applications. Feisty Duck (2013)
Santesson, S., Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP. RFC 6960 (Proposed Standard) (2013). DOI https://doi.org/10.17487/RFC6960. URL https://www.rfc-editor.org/rfc/rfc6960.txt. Updated by RFC 8954
Stevens, M., Lenstra, A.K., de Weger, B.: Chosen-prefix collisions for MD5 and colliding X.509 certificates for different identities. In: M. Naor (ed.) Advances in Cryptology – EUROCRYPT 2007, Lecture Notes in Computer Science, vol. 4515, pp. 1–22. Springer, Heidelberg, Germany, Barcelona, Spain (2007). DOI https://doi.org/10.1007/978-3-540-72540-4
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Schwenk, J. (2022). Cryptographic Protocols. In: Guide to Internet Cryptography. Information Security and Cryptography. Springer, Cham. https://doi.org/10.1007/978-3-031-19439-9_4
Download citation
DOI: https://doi.org/10.1007/978-3-031-19439-9_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-19438-2
Online ISBN: 978-3-031-19439-9
eBook Packages: Computer ScienceComputer Science (R0)