In cryptography, a key-agreement protocol is a protocol whereby two or more parties can agree on a cryptographic key in such a way that both influence the outcome. If properly done, this precludes undesired third parties from forcing a key choice on the agreeing parties. Protocols that are useful in practice also do not reveal to any eavesdropping party what key has been agreed upon.
Many key exchange systems have one party generate the key, and simply send that key to the other party—the other party has no influence on the key.
Using a key-agreement protocol avoids some of the key distribution problems associated with such systems.
Protocols where both parties influence the final derived key are the only way to implement perfect forward secrecy.
The first publicly known public-key agreement protocol that meets the above criteria was the Diffie–Hellman key exchange, in which two parties jointly exponentiate a generator with random numbers, in such a way that an eavesdropper cannot feasibly determine what the resultant value used to produce a shared key is.
Exponential key exchange in and of itself does not specify any prior agreement or subsequent authentication between the participants. It has thus been described as an anonymous key agreement protocol.
Authenticated key agreement
Anonymous key exchange, like Diffie–Hellman, does not provide authentication of the parties, and is thus vulnerable to man-in-the-middle attacks.
A wide variety of cryptographic authentication schemes and protocols have been developed to provide authenticated key agreement to prevent man-in-the-middle and related attacks. These methods generally mathematically bind the agreed key to other agreed-upon data, such as the following:
Public/private key pairs
Shared secret keys
Passwords
A widely used mechanism for defeating such attacks is the use of digitally signed keys that must be integrity-assured: if Bob's key is signed by a trusted third party vouching for his identity, Alice can have considerable confidence that a signed key she receives is not an attempt to intercept by Eve.
Cette page est générée automatiquement et peut contenir des informations qui ne sont pas correctes, complètes, à jour ou pertinentes par rapport à votre recherche. Il en va de même pour toutes les autres pages de ce site. Veillez à vérifier les informations auprès des sources officielles de l'EPFL.
This course introduces the basics of cryptography. We review several types of cryptographic primitives, when it is safe to use them and how to select the appropriate security parameters. We detail how
The goal of the course is to introduce basic notions from public key cryptography (PKC) as well as basic number-theoretic methods and algorithms for cryptanalysis of protocols and schemes based on PKC
The course presents the main classes of photopolymers and key factors which control photopolymerization. It explains how to select the right formulation and optimize processes for a given application.
La Transport Layer Security (TLS) ou « Sécurité de la couche de transport », et son prédécesseur la Secure Sockets Layer (SSL) ou « Couche de sockets sécurisée », sont des protocoles de sécurisation des échanges par réseau informatique, notamment par Internet. Le protocole SSL a été développé à l'origine par Netscape Communications Corporation pour son navigateur Web. L'organisme de normalisation Internet Engineering Task Force (IETF) en a poursuivi le développement en le rebaptisant Transport Layer Security (TLS).
Le protocole Secure Remote Password ou SRP est un protocole utilisé en cryptographie. Parmi ses avantages, il permet de se passer d'une tierce partie de confiance, à l'opposé de Kerberos, pour réaliser une authentification asymétrique à l'aide de mots de passe. Ce protocole est résistant aux attaques par dictionnaire, et est publié sous la licence libre BSD, ce qui permet d'éviter les problèmes liés aux brevets. Ce protocole est notamment utilisé par : La bibliothèque Javascript Crypto, sous licence libre AGPL, utilisée par l'application web clipperz.
Un protocole de sécurité (protocole cryptographique ou protocole de chiffrement) est un protocole abstrait ou concret qui remplit une fonction liée à la sécurité et applique des méthodes cryptographiques, souvent sous forme de séquences de primitives cryptographiques. Un protocole décrit comment les algorithmes doivent être utilisés et inclut des détails sur les structures de données et les représentations, à quel point il peut être utilisé pour implémenter plusieurs versions interopérables d'un programme.
Explore de briser l'indissociabilité des e-passports en utilisant la Bisimilarity et le calcul T, mettant en évidence les vulnérabilités et la nécessité de nouveaux protocoles.
Since the advent of internet and mass communication, two public-key cryptographic algorithms have shared the monopoly of data encryption and authentication: Diffie-Hellman and RSA. However, in the last few years, progress made in quantum physics -- and mor ...
EPFL2024
, , , ,
Blockchain systems often rely on rationality assumptions for their security, expecting that nodes are motivated to maximize their profits. These systems thus design their protocols to incentivize nodes to execute the honest protocol but fail to consider ou ...
Cham2024
Commitment is a key primitive which resides at the heart of several cryptographic protocols. Noisy channels can help realize information-theoretically secure commitment schemes; however, their imprecise statistical characterization can severely impair such ...