What Are Crypto Protocols?
Protocols combine cryptographic primitives (encryption, signatures, key exchange) into complete systems. Getting individual primitives right is hard; combining them securely is harder.
TLS 1.3
The protocol securing HTTPS. Simplified from previous versions, mandatory PFS.
TLS 1.3 Handshake
Client → Server: ClientHello + key_share
Server → Client: ServerHello + key_share + {Certificate}
Client → Server: {Finished}
[Application Data]
Only 1 round-trip! (vs 2 in TLS 1.2)
Signal Protocol
End-to-end encryption for messaging. Used by Signal, WhatsApp, and others.
X3DH
Extended Triple Diffie-Hellman key agreement
Key ExchangeDouble Ratchet
Per-message key derivation with PFS
SessionSesame
Multi-device session management
SyncOther Important Protocols
WireGuardModern VPN using Noise framework
Noise FrameworkFlexible protocol framework (used by WireGuard, Lightning)
OpenPGPEmail encryption standard
SSHSecure remote access protocol
OPAQUEPassword-authenticated key exchange
Protocol Design Pitfalls
- Encrypt-and-MAC vs Encrypt-then-MAC
- Padding oracle vulnerabilities
- Replay attacks without nonces
- Missing authentication on ciphertext
- Protocol confusion attacks
Golden Rule: Never design your own cryptographic protocol. Use well-audited, established protocols. If you must customize, get expert review.