Cryptographic algorithms, when used in networks, are used within a cryptographic protocol. Even if the cryptographic primitives and schemes (discussed in the “Algorithms, key size and parameters” report of 2014, see link below) are deemed secure, their use within a protocol can result in a vulnerability which exposes the supposedly secured data.
The report focuses on the current status in cryptographic protocols and encourages further research. A quick overview is presented on protocols which are used in relatively restricted application areas such as wireless, mobile communications or banking (Bluetooth, WPA/WEP, UMTS/LTE, ZigBee, EMV) and specific environments focusing on Cloud computing.
The main emphasis of the report is on guidelines to researchers and organisations in the field.
The key problem with protocols today is that many result from cryptographic design many years (even decades) ago. Thus cryptographic protocols suffer more from legacy issues than the underlying cryptographic components. The goal should be to work towards a better cryptographic protocol infrastructure which does not exhibit such problems. Thus we provide in this report guidelines to organisations which are developing new protocols.