What is a "Cryptographic Protocol?"

A protocol is simply a set of rules or instructions that determine how to act or interact in a given situation. A cryptographic protocol is designed to allow secure communication under a given set of circumstances. The cryptographic protocol most familiar to internet users is the Secure Sockets Layer (or SSL) protocol, which (with its descendant the Transport Layer Security, or TLS, protocol) protects credit card numbers and other sensitive information, and which provides the lock or green bar in your browser to let you know that you can trust the connection.

Although SSL (or more properly SSL/TLS) is a complex protocol with multiple (often variable) components, you can think of “pig Latin” as an example of a (very simple and not very secure) cryptographic protocol – call it Pig Latin Protocol (or PLP) – using the following ruleset:

  1. “If the word begins with a consonant, move the first syllable to the end.”
  2. “Add ‘-ay’ to the end of each word.”

For example, if Andy and Brenda both know and agree to transmit using PLP (but their math teacher Mrs. Cheever doesn’t) they could try to use it to secure their communications (i.e., share answers in class).

Thus:

“The answer to number six is forty-two point two.”

with PLP applied becomes:

“Eethay answeray ootay umbernay ixsay isay ortyfay-ootay ointpay ootay.”

NOTE: Pig Latin makes a very poor choice as a cryptographic protocol – it’s easy to decrypt, it allows transmission of some parts of the message in clearly understandable form (answeray?) and the underlying code is widely known. For this and many, many other reasons, we do not suggest attempting to use this method to pass algebra, and SSL.com can assume no liability should you get called to the principal’s office.

PLP is incidentally an example of symmetric encryption, since the same “key” both encodes and decodes the information. Generally speaking, symmetric encryption is the only kind feasible in real-world scenarios – the alternative, asymmetric encryption, using two sets of keys, is too unwieldy for everyday use. However, SSL/TLS uses asymmetric encryption in an initial “handshake”  to set up each new secure, symmetrically-encrypted session.

For fuller information on how SSL/TLS works, see our article on the SSL/TLS handshake. As always, if you have any questions contact us at SSL.com, where we believe a safer internet is a better internet.