The Cryptographic Message Syntax (CMS) is the IETF's standard for cryptographically protected messages. It can be used by cryptographic schemes and protocols to digitally sign, digest, authenticate or encrypt any form of digital data.

CMS is based on the syntax of PKCS #7, which in turn is based on the Privacy-Enhanced Mail standard. The newest version of CMS (as of 2024) is specified in RFC 5652 (but also see RFC 5911 for updated ASN.1 modules conforming to ASN.1 2002 and RFC 8933 and RFC 9629 for updates to the standard).

The architecture of CMS is built around certificate-based key management, such as the profile defined by the PKIX working group. CMS is used as the key cryptographic component of many other cryptographic standards, such as S/MIME, PKCS #12 and the RFC 3161 digital timestamping protocol.

OpenSSL is open source software that can encrypt, decrypt, sign and verify, compress and uncompress CMS documents, using the openssl-cms command.

Norms and Standards

edit

Cryptographic Message Syntax (CMS) is regularly updated to address evolving security needs and emerging cryptographic algorithms.

  • RFC 8933 (Update to the Cryptographic Message Syntax (CMS) for Algorithm Identifier Protection)
  • RFC 5652 (Cryptographic Message Syntax (CMS), in use)
  • RFC 3852 (Cryptographic Message Syntax (CMS), obsolete)
  • RFC 3369 (Cryptographic Message Syntax (CMS), obsolete)
  • RFC 2630 (Cryptographic Message Syntax, obsolete)
  • RFC 6268 (New ASN.1 Modules for Cryptographic Message Syntax (CMS) and S/MIME, in use)
  • RFC 5911 (New ASN.1 Modules for Cryptographic Message Syntax (CMS) and S/MIME, updated)
  • RFC 5753 (Using Elliptic Curve Cryptography with CMS, in use)
  • RFC 3278 (Use of Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message Syntax (CMS), obsolete)
  • RFC 5084 (Using AES-CCM and AES-GCM Authenticated Encryption in the Cryptographic Message Syntax (CMS), in use)
  • RFC 9629 (Using Key Encapsulation Mechanism (KEM) Algorithms in the Cryptographic Message Syntax (CMS), in use)

See also

edit


Stub icon

This cryptography-related article is a stub. You can help Wikipedia by adding missing information.

📚 Artikel Terkait di Wikipedia

PKCS

RSA Laboratories. "PKCS #7: Cryptographic Message Syntax Standard". RSA Laboratories. "PKCS #8: Private-Key Information Syntax Standard". RSA Laboratories

PKCS 7

In cryptography, PKCS #7 ("PKCS #7: Cryptographic Message Syntax", "CMS") is a standard syntax for storing signed and/or encrypted data. PKCS #7 is one

CAdES (computing)

(CMS Advanced Electronic Signatures) is a set of extensions to Cryptographic Message Syntax (CMS) signed data making it suitable for advanced electronic

S/MIME

secure message format. Change control to S/MIME has since been vested in the IETF, and the specification is now layered on Cryptographic Message Syntax (CMS)

RSA cryptosystem

Turner (February 2025). Use of the RSA-KEM Algorithm in the Cryptographic Message Syntax (CMS). Internet Engineering Task Force. doi:10.17487/RFC9690

MD2 (hash function)

"What are MD2, MD4, and MD5?". Public-Key Cryptography Standards (PKCS): PKCS #7: Cryptographic Message Syntax Standard. RSA Laboratories. Archived from

Camellia (cipher)

S/MIME RFC 3657 – "Use of the Camellia Encryption Algorithm in Cryptographic Message Syntax (CMS)," Proposed Standard. XML Encryption RFC 9231 – "Additional

XML Signature

forms of digital signatures such as Pretty Good Privacy and Cryptographic Message Syntax, because it does not operate on binary data, but on the XML Infoset