25:
787:
136:
operations, then that cryptographic primitive has failed. If a cryptographic primitive is found to fail, almost every protocol that uses it becomes vulnerable. Since creating cryptographic routines is very hard, and testing them to be reliable takes a long time, it is essentially never sensible (nor
155:
Since algorithms in this field are not only required to be designed well but also need to be tested well by the cryptologist community, even if a cryptographic routine looks good from a design point of view it might still contain errors. Successfully withstanding such scrutiny gives some confidence
213:
Combining cryptographic primitives to make a security protocol is itself an entire specialization. Most exploitable errors (i.e., insecurities in cryptosystems) are due not to design errors in the primitives (assuming always that they were chosen with care), but to the way they are used, i.e. bad
180:
their security, must take the primitives they use as secure. Choosing the best primitive available for use in a protocol usually provides the best available security. However, compositional weaknesses are possible in any cryptosystem and it is the responsibility of the designer(s) to avoid them.
189:
Cryptographic primitives are not cryptographic systems, as they are quite limited on their own. For example, a bare encryption algorithm will provide no authentication mechanism, nor any explicit message integrity checking. Only when combined in
227:) but they are extremely cumbersome and cannot be automated. Protocol design is an art requiring deep knowledge and much practice; even then mistakes are common. An illustrative example, for a real system, can be seen on the
127:
Since cryptographic primitives are used as building blocks, they must be very reliable, i.e. perform according to their specification. For example, if an encryption routine claims to be only breakable with
218:
or not careful enough implementation. Mathematical analysis of protocols is, at the time of this writing, not mature. There are some basic properties that can be verified with automated methods, such as
123:
use cryptographic primitives as their most basic building blocks. Because of this, cryptographic primitives are designed to do one very specific task in a precisely defined and highly reliable fashion.
767:
597:
317:
210:
can be used in combination. If the attacker does not know the encryption key, they cannot modify the message such that message digest value(s) would be valid.
194:
can more than one security requirement be addressed. For example, to transmit a message that is not only encoded but also protected from tinkering (i.e. it is
435:
141:
The designer might not be competent in the mathematical and practical considerations involved in cryptographic primitives.
137:
secure) to design a new cryptographic primitive to suit the needs of a new cryptographic system. The reasons include:
815:
428:
397:
387:
382:
Levente Buttyán, István Vajda : Kriptográfia és alkalmazásai (Cryptography and its applications), Typotex 2004,
329:
68:
46:
39:
646:
577:
314:—allows one to commit to a chosen value while keeping it hidden to others, with the ability to reveal it later
301:
421:
269:
251:
762:
717:
520:
406:
is an introductory course on cryptography, freely available for programmers of all ages and skill levels.
641:
340:
757:
231:
747:
737:
592:
261:
203:
165:
33:
742:
732:
525:
478:
463:
458:
275:
530:
473:
92:
50:
360:
790:
636:
582:
335:
247:
100:
752:
676:
169:
156:(in fact, so far, the only confidence) that the algorithm is indeed secure enough to use;
8:
505:
621:
605:
547:
285:
279:
177:
681:
671:
537:
393:
383:
311:
199:
191:
164:
Cryptographic primitives are one of the building blocks of every cryptosystem, e.g.,
157:
96:
235:
616:
468:
195:
120:
691:
611:
567:
510:
495:
132:
number of computer operations, and it is broken with significantly fewer than
809:
772:
727:
686:
666:
557:
515:
490:
224:
722:
562:
552:
542:
500:
444:
278:—compute a ciphertext decodable with a different key used to encode (e.g.,
215:
173:
116:
85:
701:
291:
661:
631:
626:
587:
265:
176:, etc. Cryptosystem designers, not being in a position to definitively
392:
Menezes, Alfred J : Handbook of applied cryptography, CRC Press,
651:
295:
220:
88:
696:
656:
305:
16:
Basic cryptographic algorithm used to build cryptographic protocols
255:
228:
572:
104:
207:
403:
308:
information without server knowing which item was requested
223:. There are even methods for full verification (e.g. the
160:
for cryptographic primitives are generally not available.
99:
systems. These routines include, but are not limited to,
598:
Cryptographically secure pseudorandom number generator
318:
Cryptographically secure pseudorandom number generator
184:
409:
254:—compute a reduced hash value for a message (e.g.,
268:decodable with the same key used to encode (e.g.,
807:
429:
241:
152:error-prone, even for experts in the field.
144:Designing a new cryptographic primitive is
436:
422:
361:"Cryptographic primitive - Glossary CSRC"
69:Learn how and when to remove this message
294:—pool communications from many users to
32:This article includes a list of general
808:
417:
332:– a list of cryptographic primitives
18:
13:
185:Combining cryptographic primitives
91:that are frequently used to build
38:it lacks sufficient corresponding
14:
827:
330:Category:Cryptographic primitives
786:
785:
443:
288:—confirm the author of a message
202:), an encoding routine, such as
84:are well-established, low-level
23:
647:Information-theoretic security
353:
1:
346:
302:Private information retrieval
206:, and a hash-routine such as
252:one-way compression function
110:
7:
763:Message authentication code
718:Cryptographic hash function
521:Cryptographic hash function
323:
250:, sometimes also called as
10:
832:
642:Harvest now, decrypt later
400:, October 1996, 816 pages.
341:Distributed point function
262:Symmetric key cryptography
781:
758:Post-quantum cryptography
710:
451:
413:
816:Cryptographic primitives
748:Quantum key distribution
738:Authenticated encryption
593:Random number generation
242:Commonly used primitives
82:Cryptographic primitives
743:Public-key cryptography
733:Symmetric-key algorithm
526:Key derivation function
486:Cryptographic primitive
479:Authentication protocol
464:Outline of cryptography
459:History of cryptography
276:Public-key cryptography
93:cryptographic protocols
53:more precise citations.
531:Secure Hash Algorithms
474:Cryptographic protocol
101:one-way hash functions
637:End-to-end encryption
583:Cryptojacking malware
336:Cryptographic agility
248:One-way hash function
117:cryptographic systems
753:Quantum cryptography
677:Trusted timestamping
214:protocol design and
105:encryption functions
506:Cryptographic nonce
298:what came from whom
200:integrity-protected
148:time-consuming and
622:Subliminal channel
606:Pseudorandom noise
548:Key (cryptography)
286:Digital signatures
192:security protocols
803:
802:
799:
798:
682:Key-based routing
672:Trapdoor function
538:Digital signature
312:Commitment scheme
97:computer security
79:
78:
71:
823:
789:
788:
617:Insecure channel
469:Classical cipher
438:
431:
424:
415:
414:
411:
410:
375:
374:
372:
371:
357:
74:
67:
63:
60:
54:
49:this article by
40:inline citations
27:
26:
19:
831:
830:
826:
825:
824:
822:
821:
820:
806:
805:
804:
795:
777:
706:
447:
442:
379:
378:
369:
367:
359:
358:
354:
349:
326:
244:
187:
158:security proofs
135:
131:
113:
75:
64:
58:
55:
45:Please help to
44:
28:
24:
17:
12:
11:
5:
829:
819:
818:
801:
800:
797:
796:
794:
793:
782:
779:
778:
776:
775:
770:
768:Random numbers
765:
760:
755:
750:
745:
740:
735:
730:
725:
720:
714:
712:
708:
707:
705:
704:
699:
694:
692:Garlic routing
689:
684:
679:
674:
669:
664:
659:
654:
649:
644:
639:
634:
629:
624:
619:
614:
612:Secure channel
609:
603:
602:
601:
590:
585:
580:
575:
570:
568:Key stretching
565:
560:
555:
550:
545:
540:
535:
534:
533:
528:
523:
513:
511:Cryptovirology
508:
503:
498:
496:Cryptocurrency
493:
488:
483:
482:
481:
471:
466:
461:
455:
453:
449:
448:
441:
440:
433:
426:
418:
408:
407:
401:
390:
377:
376:
351:
350:
348:
345:
344:
343:
338:
333:
325:
322:
321:
320:
315:
309:
299:
289:
283:
273:
259:
243:
240:
186:
183:
162:
161:
153:
142:
133:
129:
115:When creating
112:
109:
77:
76:
31:
29:
22:
15:
9:
6:
4:
3:
2:
828:
817:
814:
813:
811:
792:
784:
783:
780:
774:
773:Steganography
771:
769:
766:
764:
761:
759:
756:
754:
751:
749:
746:
744:
741:
739:
736:
734:
731:
729:
728:Stream cipher
726:
724:
721:
719:
716:
715:
713:
709:
703:
700:
698:
695:
693:
690:
688:
687:Onion routing
685:
683:
680:
678:
675:
673:
670:
668:
667:Shared secret
665:
663:
660:
658:
655:
653:
650:
648:
645:
643:
640:
638:
635:
633:
630:
628:
625:
623:
620:
618:
615:
613:
610:
607:
604:
599:
596:
595:
594:
591:
589:
586:
584:
581:
579:
576:
574:
571:
569:
566:
564:
561:
559:
558:Key generator
556:
554:
551:
549:
546:
544:
541:
539:
536:
532:
529:
527:
524:
522:
519:
518:
517:
516:Hash function
514:
512:
509:
507:
504:
502:
499:
497:
494:
492:
491:Cryptanalysis
489:
487:
484:
480:
477:
476:
475:
472:
470:
467:
465:
462:
460:
457:
456:
454:
450:
446:
439:
434:
432:
427:
425:
420:
419:
416:
412:
405:
402:
399:
398:0-8493-8523-7
395:
391:
389:
388:963-9548-13-8
385:
381:
380:
366:
365:csrc.nist.gov
362:
356:
352:
342:
339:
337:
334:
331:
328:
327:
319:
316:
313:
310:
307:
303:
300:
297:
293:
290:
287:
284:
281:
277:
274:
271:
267:
263:
260:
257:
253:
249:
246:
245:
239:
237:
233:
232:vulnerability
230:
226:
222:
217:
211:
209:
205:
201:
197:
193:
182:
179:
175:
171:
167:
159:
154:
151:
147:
143:
140:
139:
138:
125:
122:
118:
108:
106:
102:
98:
94:
90:
87:
86:cryptographic
83:
73:
70:
62:
52:
48:
42:
41:
35:
30:
21:
20:
723:Block cipher
563:Key schedule
553:Key exchange
543:Kleptography
501:Cryptosystem
485:
445:Cryptography
368:. Retrieved
364:
355:
225:SPI calculus
212:
196:confidential
188:
163:
149:
145:
126:
114:
81:
80:
65:
56:
37:
711:Mathematics
702:Mix network
292:Mix network
264:—compute a
51:introducing
662:Ciphertext
632:Decryption
627:Encryption
588:Ransomware
404:Crypto101
370:2021-09-19
347:References
266:ciphertext
234:news page
89:algorithms
34:references
652:Plaintext
296:anonymize
221:BAN logic
121:designers
111:Rationale
810:Category
791:Category
697:Kademlia
657:Codetext
600:(CSPRNG)
578:Machines
324:See also
306:database
59:May 2021
452:General
256:SHA-256
229:OpenSSL
47:improve
573:Keygen
396:
386:
36:, but
608:(PRN)
304:—get
216:buggy
208:SHA-1
178:prove
394:ISBN
384:ISBN
236:here
198:and
150:very
146:very
103:and
95:for
280:RSA
270:AES
204:DES
174:SSH
170:SSL
166:TLS
812::
363:.
238:.
172:,
168:,
119:,
107:.
437:e
430:t
423:v
373:.
282:)
272:)
258:)
134:X
130:X
72:)
66:(
61:)
57:(
43:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.