Introduction to the tutorial
This tutorial builds on the foundation provided by the two introductory tutorials on general cryptology concepts (Part 1 and Part 2). You don't necessarily need to have completed the introductory tutorials, but you should be familiar with general cryptology concepts, such as symmetric encryption algorithms, asymmetric encryption algorithms, cryptanalysis, attacks, Alice and Bob, messages, hashes, cipher text, and key length.
If you feel comfortable with these concepts, you should not have difficulty understanding this tutorial. If answers to those questions are unclear, take a quick look at Parts 1 and 2 of this tutorial series. (The section below, "Background and reminders," includes a brief overview of important concepts.)
In general, this tutorial is aimed at programmers who wish to become familiar with cryptology, its techniques, its mathematical and conceptual basis, and its lingo. Most users will have encountered various descriptions of cryptographic systems and general claims about the security or insecurity of particular software and systems, but without entirely understanding the background of these descriptions and claims. Additionally, many users will be programmers and systems analysts whose employers have plans to develop or implement cryptographic systems and protocols (perhaps assigning such obligations to the very people who will benefit from this tutorial).
This intermediate tutorial introduces users to a variety of protocols that are useful for accomplishing specific and specialized tasks. Algorithms as such are not covered here, but are treated as building blocks for larger protocols. For example, a protocol discussed here might, as a general assumption, state something like: "Assume E() is a strong symmetric encryption algorithm with key length of 256 bits." It is up to tutorial users to know what this statement means; and it is up to protocol implementers to actually choose an appropriate algorithmic building block. However, the "Resources" section provides information on a number of common building blocks (so that might be a good place to start).
The number of things you can accomplish with cryptographic protocols is quite astonishing! Many readers will be surprised that some of the matters discussed here are possible at all. The author certainly was when he first encountered many of them. Moreover, this fairly brief tutorial is unable to address every protocol and goal cryptologists have developed. If something is not covered here, please do not assume that means its goal cannot be accomplished cryptographically. It likely means the tutorial author simply did not include it (either because of limits of space or limits of his knowledge). Then again, there are certain goals that are easy to state -- and that you might find discussed and requested repeatedly in discussion forums -- that simply bump up against mathematical impossibility. The difference is not always obvious. You might need to think about the issues at some length, and ask questions of folks with some experience.
David Mertz is a writer, a programmer, and a teacher who always endeavors to improve his communication with readers (and tutorial takers). He welcomes any comments; please direct them to firstname.lastname@example.org.