|
|
|
|
This page describes software protocols
used in various applications. These protocols are built on lower
level cryptographic algorithms, as described in the algorithms
page.
Cryptography works on many levels. On one level
you have algorithms, such as block ciphers and public key
cryptosystems. Building upon these you obtain protocols, and
building upon protocols you find applications (or other protocols).
It is not sufficient to study the security of the underlying
algorithms alone, as a weakness on a higher-level protocol (or
application) can render the application insecure regardless of how
good the underlying cryptographic algorithms are. A simple example
is a protocol that leaks information about the key being used to
encrypt the communication channel. Irrespective of how good the
encryption algorithms are, they are rendered insecure if the
overlying protocol reveals information on the keys used in
encryption.
The analysis of protocols is often difficult
because the applications that implement such protocols may lead to
further problems. Thus a good protocol is not enough, you must also
have a good and robust implementation.
In the following,
several well-known protocols and standards are mentioned.
- Domain Name Server Security
(DNSSEC).
This is a protocol for secure distributed
name services. It is currently available as an Internet
Draft.
- Generic Security Services API
(GSSAPI)
GSSAPI provides an authentication, key
exchange, and encryption interface to different cryptographic
algorithms and systems. [RFC1508]
- Secure Socket Layer (SSL)
SSL
is one of the two protocols for secure WWW connections (the other
is SHTTP).
WWW security has become important as increasing amounts of
sensitive information, such as credit card numbers, are being
transmitted over the Internet.
SSL was originally
developed by Netscape as an open protocol standard. openssl.org contains some
documents and provides an open source implementation.
- Secure Hypertext Transfer Protocol
(SHTTP)
This is another protocol for providing more
security for WWW transactions. In many ways it is more flexible
than SSL, but due to Netscape's original dominance in the
marketplace SSL is in a very strong position. [RFC2660]
- E-Mail security and related
services
- OpenPGP is a standardization of what Phil Zimmermann's PGP
already did for many years. But now that it is a standard, different implementations come
into existence.
- Secure-MIME (S/MIME) is an alternative for the OpenPGP
standard maintained by the IETF working group S/MIME.
- Public Key Encryption Standards(PKCS)
These standards are developed at RSA Data Security and
define safe ways to use RSA. Some documents published by RSA
Laboratories are available at their ftp site.
- IEEE P1363: Standard Specifications for
Public-Key Cryptography
A (upcoming) standard for
public key cryptography. Consists of several public key algorithms
for encryption and digital signatures. Has a very thorough annex
that goes through all necessary implementation details. See more
at their homepage.
- Publius Censor-Resistent Publishing
Protocol
This is a very advanced system allowing a
group of authors and readers to share documents on a set of web
servers so that (1) no author or reader has to reveal his/her
identity, (2) documents are certified to come from a certain
(pseudonymous) author, (3) documents cannot be removed or modified
(censored) unless a large amount of the involved web servers are
compromised. Technical reports, software and links to related
projects can be found on the homepage.
- SSH2 Protocol
SSH2 is
developed by the IETF working group SecSH.
This protocol is versatile for the needs of the internet, and is
currently used in the SSH2
software. The protocol is used to secure terminal sessions and
arbitrary TCP connections. The SSH2 protocol is based on its
predecessor SSH1 developed by Tatu Ylönen. Protocol specifications
(drafts) can be found from the IETF.
- IPSec
While all the above
protocols operate on the application layer of the internet,
allowing particular programs to communicate on a secure channel in
an inherently insecure network, IPSec attempts to make the
internet secure in its essence, the internet protocol (IP). A
full-scale implementation can be found at the SSH site.
| |
|