Cryptographic Protocols

Markus Jakobsson, Indiana University, Bloomington

Introduction: What Is a Protocol?

Classifying Protocols with Respect to the Adversary

Understanding the Adversary

What Are the Goals of the Adversary?

What Can the Adversary Do—And Not Do?

What Should a Protocol Do—And Not Do?

Common Building Blocks

Proving Without Leaking: The Zero-Knowledge Protocol

Proving Correct Exponentiation

Proving Correct Encryption/Reencryption

Proving Equivalence

Secret Sharing and Proactive Secret Sharing

Hash Functions, Signatures, and Message Authentication Codes

Some Cryptographic Protocols

Payments, Micropayments, and Applications

Achieving Privacy and Privacy Control

Fair Exchange

Broadcast Authentication


Cross References


Further Reading


Here is a protocol we have all known since we were children: two children get one cake and need to share it in a way that they both agree to. It would easily create unfairness if one of them cuts the cake and then selects a piece. Instead, one child cuts the cake, then the other one gets to select a piece, and then the child who cut the cake gets the remaining piece.

One can think of a protocol as a step-by-step recipe for one or more chefs to cook a particular dish and make sure that nobody makes a mistake. More generally, a protocol is a sequence of steps taken by one or more participants wanting to achieve some goal. Often, and as above, it is important to construct the protocol in ...

Get Handbook of Information Security: Information Warfare, Social, Legal, and International Issues and Security Foundations, Volume 2 now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.