NOTATION






5.9 NOTATION

As mentioned before, a cryptographic protocol is a distributed algorithm defined by a sequence of steps precisely specifying the actions required of two or more entities to achieve a specific security objective. The following notation is used in this book to describe cryptographic protocols:

  • Capital letters, such as A, B, C, , are used to refer to principals, whereas the same letters put in italics are used to refer to the corresponding principal identifiers. Note that many publications on cryptography and cryptographic protocols use names, such as Alice and Bob, to refer to principals. This is a convenient way of making things unambiguous with relatively few words, because the pronoun "she" can be used for Alice, and "he" can be used for Bob. However, the advantages and disadvantages of this naming scheme are controversial, and we are not going to use it in this book.

  • K is used to refer to a secret key. A secret key is basically a key of a secret key cryptosystem.

  • The pair (k, k1) is used to refer to a public key pair, whereas k is used to refer to the public key and k1 is used to refer to the corresponding private key.

In either case, key subscripts are used to indicate principals. In general, capital letter subscripts are used for long-term keys, and small letter subscripts are used for short-term keys. For example, KA is used to refer to A's long-term secret key, whereas kb is used to refer to B's short-term public key.

  • The term {M}K is used to refer to a message M that is encrypted with the secret key K. Since the same key K is used for decryption, {{M}K} K equals M. If K is used to compute and verify a message authentication code (MAC) for message M, then the term (M) K is used to refer to the MAC.

  • Similarly, the term {M} k is used to refer to a message M that is encrypted with the public key k. The message can only be decrypted with the corresponding private key k1. If a public key cryptosystem is used to digitally sign messages, the private key is used for signing, and the corresponding public key is used for verifying signatures. Referring to the terminology of the OSI security architecture, the term {M}k1 is used to refer to a digital signature giving message recovery, and (M)k1 is used to refer to a digital signature with appendix. Note that in the second case, (M) k1 in fact abbreviates M, {h(M)} k1, with h being an OWHF or CRHF.

Finally, the term X << Y >> is used to refer to an X.509 public key certificate that has been issued by X for Y's public key. It implies that X has verified Y's identity and certified the binding of Y's long-term public key kY with its identity. Unlike an X.509 certificate, a PGP certificate may include several identities that are assigned to a public key. Also, each identity may be signed multiple times (by different parties).



 Python   SQL   Java   php   Perl 
 game development   web development   internet   *nix   graphics   hardware 
 telecommunications   C++ 
 Flash   Active Directory   Windows