The Cryptographic Message Syntax (CMS) is the
IETF
The Internet Engineering Task Force (IETF) is a standards organization for the Internet standard, Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP). It has no formal membership roster ...
's standard for
cryptographically protected messages. It can be used by cryptographic schemes and protocols to
digitally sign,
digest,
authenticate
Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicating ...
or
encrypt
In cryptography, encryption (more specifically, encoding) is the process of transforming information in a way that, ideally, only authorized parties can decode. This process converts the original representation of the information, known as plai ...
any form of digital data.
CMS is based on the syntax of
PKCS #7, which in turn is based on the
Privacy-Enhanced Mail standard. The newest version of CMS () is specified in (but also see for updated ASN.1 modules conforming to ASN.1 2002 and and for updates to the standard).
The architecture of CMS is built around
certificate-based key management, such as the profile defined by the
PKIX working group
A working group is a group of experts working together to achieve specified goals. Such groups are domain-specific and focus on discussion or activity around a specific subject area. The term can sometimes refer to an interdisciplinary collab ...
. CMS is used as the key cryptographic component of many other cryptographic standards, such as
S/MIME
S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public-key encryption and signing of MIME data. S/MIME is on an IETF standards track and defined in a number of documents, most importantly . It was originally developed by ...
,
PKCS #12 and the
digital timestamping protocol.
OpenSSL
OpenSSL is a software library for applications that provide secure communications over computer networks against eavesdropping, and identify the party at the other end. It is widely used by Internet servers, including the majority of HTTPS web ...
is
open source
Open source is source code that is made freely available for possible modification and redistribution. Products include permission to use and view the source code, design documents, or content of the product. The open source model is a decentrali ...
software that can encrypt, decrypt, sign and verify, compress and uncompress CMS documents, using the
openssl-cms
command.
Norms and Standards
Cryptographic Message Syntax (CMS) is regularly updated to address evolving security needs and emerging cryptographic algorithms.
* (Update to the Cryptographic Message Syntax (CMS) for Algorithm Identifier Protection)
* (Cryptographic Message Syntax (CMS), in use)
* (Cryptographic Message Syntax (CMS), obsolete)
* (Cryptographic Message Syntax (CMS), obsolete)
* (Cryptographic Message Syntax, obsolete)
* (New ASN.1 Modules for Cryptographic Message Syntax (CMS) and S/MIME, in use)
* (New ASN.1 Modules for Cryptographic Message Syntax (CMS) and S/MIME, updated)
* (Using Elliptic Curve Cryptography with CMS, in use)
* (Use of Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message Syntax (CMS), obsolete)
* (Using AES-CCM and AES-GCM Authenticated Encryption in the Cryptographic Message Syntax (CMS), in use)
* (Using Key Encapsulation Mechanism (KEM) Algorithms in the Cryptographic Message Syntax (CMS), in use)
See also
*
CAdES - CMS Advanced Electronic Signatures
*
S/MIME
S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public-key encryption and signing of MIME data. S/MIME is on an IETF standards track and defined in a number of documents, most importantly . It was originally developed by ...
*
PKCS #7
Cryptographic protocols
Internet Standards
{{Crypto-stub