The first time you sign into developerWorks, a profile is created for you. Select information in your profile (name, country/region, and company) is displayed to the public and will accompany any content you post. You may update your IBM account at any time.

All information submitted is secure.

The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerworks.

All information submitted is secure.

Introduction to cryptology, Part 3: Cryptographic protocols

David Mertz is a writer, a programmer, and a teacher, who always endeavors to improve his communication with readers. He welcomes any comments; please direct them to mertz@gnosis.cx.

Summary:  Discover ways fundamental algorithms can be combined to achieve a number of cryptographic goals as well as some limitations and pitfalls that broad cryptographic goals are subject to.

View more content in this series

Date:  28 Mar 2001
Level:  Introductory PDF:  A4 and Letter (74 KB | 21 pages)Get Adobe® Reader®

Activity:  8577 views

Introduction to the tutorial

Is this tutorial right for you?

This tutorial builds on the foundation provided by the two introductory tutorials on general cryptology concepts (Part 1 and Part 2). You don't necessarily need to have completed the introductory tutorials, but you should be familiar with general cryptology concepts, such as symmetric encryption algorithms, asymmetric encryption algorithms, cryptanalysis, attacks, Alice and Bob, messages, hashes, cipher text, and key length.

If you feel comfortable with these concepts, you should not have difficulty understanding this tutorial. If answers to those questions are unclear, take a quick look at Parts 1 and 2 of this tutorial series. (The section below, "Background and reminders," includes a brief overview of important concepts.)

In general, this tutorial is aimed at programmers who wish to become familiar with cryptology, its techniques, its mathematical and conceptual basis, and its lingo. Most users will have encountered various descriptions of cryptographic systems and general claims about the security or insecurity of particular software and systems, but without entirely understanding the background of these descriptions and claims. Additionally, many users will be programmers and systems analysts whose employers have plans to develop or implement cryptographic systems and protocols (perhaps assigning such obligations to the very people who will benefit from this tutorial).

What does this tutorial cover?

This intermediate tutorial introduces users to a variety of protocols that are useful for accomplishing specific and specialized tasks. Algorithms as such are not covered here, but are treated as building blocks for larger protocols. For example, a protocol discussed here might, as a general assumption, state something like: "Assume E() is a strong symmetric encryption algorithm with key length of 256 bits." It is up to tutorial users to know what this statement means; and it is up to protocol implementers to actually choose an appropriate algorithmic building block. However, the "Resources" section provides information on a number of common building blocks (so that might be a good place to start).

The number of things you can accomplish with cryptographic protocols is quite astonishing! Many readers will be surprised that some of the matters discussed here are possible at all. The author certainly was when he first encountered many of them. Moreover, this fairly brief tutorial is unable to address every protocol and goal cryptologists have developed. If something is not covered here, please do not assume that means its goal cannot be accomplished cryptographically. It likely means the tutorial author simply did not include it (either because of limits of space or limits of his knowledge). Then again, there are certain goals that are easy to state -- and that you might find discussed and requested repeatedly in discussion forums -- that simply bump up against mathematical impossibility. The difference is not always obvious. You might need to think about the issues at some length, and ask questions of folks with some experience.

Contact

David Mertz is a writer, a programmer, and a teacher who always endeavors to improve his communication with readers (and tutorial takers). He welcomes any comments; please direct them to mertz@gnosis.cx.

1 of 6 | Next

static.content.url=http://www.ibm.com/developerworks/js/artrating/
SITE_ID=1
Zone=Tivoli
ArticleID=136036
TutorialTitle=Introduction to cryptology, Part 3: Cryptographic protocols
publish-date=03282001
author1-email=mertz@gnosis.cx
author1-email-cc=

IBM SmartCloud trial. No charge.

Unleash the power of hybrid cloud computing today!