Crypto U9, Cryptographic Protocols

Description

IYM002 (Unit 9 - cryptographic protocols) Mind Map on Crypto U9, Cryptographic Protocols, created by jjanesko on 24/04/2013.
jjanesko
Mind Map by jjanesko, updated more than 1 year ago
jjanesko
Created by jjanesko over 11 years ago
134
10

Resource summary

Crypto U9, Cryptographic Protocols
  1. specification of all events needed in order to achieve a requried security goal
    1. specifies 4 things
      1. protocol assumptions
        1. protocol flow
          1. communication steps in protocol
          2. protocol messages
            1. kind of content in messages
            2. protocol actions
              1. any action an entity needs to perform before sending or after receiving a message
          3. stages of protocol design
            1. 1. define protocol objectives
              1. Identify the problem trying to be solved.
              2. 2. define protocol goals
                1. translate objectives into concrete security goals
                2. 3. specify protocol
                  1. take goals as input and determine
                    1. cryptographic primitives
                      1. flow
                        1. actions
                    2. design challenges
                      1. it's hard to get the right objectives
                        1. it is not always straightforward to identify the right security goals for identified objectives
                          1. deviating from standard protocols can lead to insecure protocols
                            1. complicated design goals may not fit existing, standard protocols
                              1. modifying a standard protocol even slightly may have insecure impacts
                                1. hire professionals to do protocol design
                                2. protocol examples
                                  1. PKCS
                                    1. specifies suite of protocols for public key cryptography
                                    2. ISO / IEC 117700
                                      1. specifies suite of protocols for mutual entity authentication
                                      2. SSL/TLS
                                        1. specifies protocol for setting up a secure communication channel
                                      3. attacks on protocols
                                        1. reflection
                                          1. http://en.wikipedia.org/wiki/Reflection_attack
                                          2. man in the middle
                                            1. http://en.wikipedia.org/wiki/Man-in-the-middle_attack
                                            2. interleaving
                                              1. type of man in the middle attack
                                            Show full summary Hide full summary

                                            Similar

                                            Crypto U9 protocols (key establishment), Authentication and Key Establishment (AKE)
                                            jjanesko
                                            Crypto U4, Block Cipher, Cipher Feedback Mode (CFB)
                                            jjanesko
                                            Crypto U4, Block Cipher, Cipher Block Chaining Mode (CBC)
                                            jjanesko
                                            Crypto U1, Basic Principles
                                            jjanesko
                                            Crypto U3, Theoretical vs. Practical Security
                                            jjanesko
                                            Crypto U4, Stream Cipher
                                            jjanesko
                                            Crypto U4, Block Cipher, Electronic Codebook Mode (ECB)
                                            jjanesko
                                            Crypto U4, Block Cipher, Counter Mode
                                            jjanesko
                                            Crypto U2, Crypto design principles
                                            jjanesko
                                            Crypto U8, example dynamic password scheme
                                            jjanesko
                                            Crypto U10 (part 1), Key Management & Lifecycle
                                            jjanesko