# Cryptographic Message Syntax

> Mediated Wiki article. Canonical URL: https://mediated.wiki/source/Cryptographic_Message_Syntax
> Markdown URL: https://mediated.wiki/source/Cryptographic_Message_Syntax.md
> Source: https://en.wikipedia.org/wiki/Cryptographic_Message_Syntax
> Source revision: 1276688765
> License: Creative Commons Attribution-ShareAlike 4.0 International (https://creativecommons.org/licenses/by-sa/4.0/)

International standard

This article may rely excessively on sources too closely associated with the subject, potentially preventing the article from being verifiable and neutral. Please help improve it by replacing them with more appropriate citations to reliable, independent sources. (April 2024) (Learn how and when to remove this message)

The **Cryptographic Message Syntax** (**CMS**) is the [IETF](/source/IETF)'s standard for [cryptographically](/source/Cryptography) protected messages. It can be used by cryptographic schemes and protocols to [digitally sign](/source/Digital_signature), [digest](/source/Cryptographic_hash_function), [authenticate](/source/Message_authentication_code) or [encrypt](/source/Encryption) any form of digital data.

CMS is based on the syntax of [PKCS #7](/source/PKCS_7), which in turn is based on the [Privacy-Enhanced Mail](/source/Privacy-Enhanced_Mail) standard. The newest version of CMS (as of 2024[\[update\]](https://en.wikipedia.org/w/index.php?title=Cryptographic_Message_Syntax&action=edit)) is specified in [RFC](/source/RFC_(identifier)) [5652](https://www.rfc-editor.org/rfc/rfc5652) (but also see [RFC](/source/RFC_(identifier)) [5911](https://www.rfc-editor.org/rfc/rfc5911) for updated ASN.1 modules conforming to ASN.1 2002 and [RFC](/source/RFC_(identifier)) [8933](https://www.rfc-editor.org/rfc/rfc8933) and [RFC](/source/RFC_(identifier)) [9629](https://www.rfc-editor.org/rfc/rfc9629) for updates to the standard).

The architecture of CMS is built around [certificate-based](/source/X.509) key management, such as the profile defined by the [PKIX](/source/PKIX) [working group](/source/Working_group). CMS is used as the key cryptographic component of many other cryptographic standards, such as [S/MIME](/source/S%2FMIME), [PKCS #12](/source/PKCS_12) and the [RFC](/source/RFC_(identifier)) [3161](https://www.rfc-editor.org/rfc/rfc3161) [digital timestamping](/source/Digital_timestamping) protocol.

[OpenSSL](/source/OpenSSL) is [open source](/source/Open-source_software) software that can encrypt, decrypt, sign and verify, compress and uncompress CMS documents, using the openssl-cms command.

## Norms and Standards

Cryptographic Message Syntax (CMS) is regularly updated to address evolving security needs and emerging cryptographic algorithms.

- [RFC](/source/RFC_(identifier)) [8933](https://www.rfc-editor.org/rfc/rfc8933) (Update to the Cryptographic Message Syntax (CMS) for Algorithm Identifier Protection)

- [RFC](/source/RFC_(identifier)) [5652](https://www.rfc-editor.org/rfc/rfc5652) (Cryptographic Message Syntax (CMS), in use)

- [RFC](/source/RFC_(identifier)) [3852](https://www.rfc-editor.org/rfc/rfc3852) (Cryptographic Message Syntax (CMS), obsolete)

- [RFC](/source/RFC_(identifier)) [3369](https://www.rfc-editor.org/rfc/rfc3369) (Cryptographic Message Syntax (CMS), obsolete)

- [RFC](/source/RFC_(identifier)) [2630](https://www.rfc-editor.org/rfc/rfc2630) (Cryptographic Message Syntax, obsolete)

- [RFC](/source/RFC_(identifier)) [6268](https://www.rfc-editor.org/rfc/rfc6268) (New ASN.1 Modules for Cryptographic Message Syntax (CMS) and S/MIME, in use)

- [RFC](/source/RFC_(identifier)) [5911](https://www.rfc-editor.org/rfc/rfc5911) (New ASN.1 Modules for Cryptographic Message Syntax (CMS) and S/MIME, updated)

- [RFC](/source/RFC_(identifier)) [5753](https://www.rfc-editor.org/rfc/rfc5753) (Using Elliptic Curve Cryptography with CMS, in use)

- [RFC](/source/RFC_(identifier)) [3278](https://www.rfc-editor.org/rfc/rfc3278) (Use of Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message Syntax (CMS), obsolete)

- [RFC](/source/RFC_(identifier)) [5084](https://www.rfc-editor.org/rfc/rfc5084) (Using AES-CCM and AES-GCM Authenticated Encryption in the Cryptographic Message Syntax (CMS), in use)

- [RFC](/source/RFC_(identifier)) [9629](https://www.rfc-editor.org/rfc/rfc9629) (Using Key Encapsulation Mechanism (KEM) Algorithms in the Cryptographic Message Syntax (CMS), in use)

## See also

- [CAdES](/source/CAdES_(computing)) - CMS Advanced Electronic Signatures

- [S/MIME](/source/S%2FMIME)

- [PKCS #7](/source/PKCS_7)

v t e Cryptography General History of cryptography Outline of cryptography Classical cipher Cryptographic protocol Authentication protocol Cryptographic primitive Cryptanalysis Cryptocurrency Cryptosystem Cryptographic nonce Cryptovirology Hash function Cryptographic hash function Key derivation function Secure Hash Algorithms Digital signature Kleptography Key (cryptography) Key exchange Key generator Key schedule Key stretching Keygen Machines Ransomware Random number generation Cryptographically secure pseudorandom number generator (CSPRNG) Pseudorandom noise (PRN) Secure channel Insecure channel Subliminal channel Encryption Decryption End-to-end encryption Harvest now, decrypt later Information-theoretic security Plaintext Codetext Ciphertext Shared secret Trapdoor function Trusted timestamping Key-based routing Onion routing Garlic routing Kademlia Mix network Mathematics Cryptographic hash function Block cipher Stream cipher Symmetric-key algorithm Authenticated encryption Public-key cryptography Quantum key distribution Quantum cryptography Post-quantum cryptography Message authentication code Random numbers Steganography Category

This cryptography-related article is a stub. You can help Wikipedia by adding missing information.

- [v](https://en.wikipedia.org/wiki/Template:Crypto-stub)
- [t](/source/Template_talk%3ACrypto-stub)
- [e](https://en.wikipedia.org/wiki/Special:EditPage/Template:Crypto-stub)

---
Adapted from the Wikipedia article [Cryptographic Message Syntax](https://en.wikipedia.org/wiki/Cryptographic_Message_Syntax) by Wikipedia contributors ([contributor history](https://en.wikipedia.org/wiki/Cryptographic_Message_Syntax?action=history)). Available under [Creative Commons Attribution-ShareAlike 4.0 International](https://creativecommons.org/licenses/by-sa/4.0/). Changes may have been made.
