diff --git a/schema/bom-1.6.proto b/schema/bom-1.6.proto
index 26fcc3d0..33f5efef 100644
--- a/schema/bom-1.6.proto
+++ b/schema/bom-1.6.proto
@@ -2190,6 +2190,8 @@ message CryptoProperties {
     repeated CryptoProtocolCipherSuite cipherSuites = 3;
     // The IKEv2 transform types supported (types 1-4), defined in RFC7296 section 3.3.2, and additional properties.
     optional Ikev2TransformTypes ikev2TransformTypes = 4;
+    // The bom-ref(s) to protocol-related cryptographic assets
+    repeated string cryptoRef = 5;
   } // end of ProtocolProperties
   // Cryptographic assets occur in several forms. Algorithms and protocols are most commonly implemented in specialized cryptographic libraries. They may, however, also be 'hardcoded' in software components. Certificates and related cryptographic material like keys, tokens, secrets or passwords are other cryptographic assets to be modelled.
   CryptoAssetType assetType = 1;
diff --git a/schema/bom-1.6.xsd b/schema/bom-1.6.xsd
index 2ff7949b..1b3817ef 100644
--- a/schema/bom-1.6.xsd
+++ b/schema/bom-1.6.xsd
@@ -7298,6 +7298,11 @@ limitations under the License.
                                 </xs:sequence>
                             </xs:complexType>
                         </xs:element>
+                        <xs:element name="cryptoRef" type="bom:refType" minOccurs="0" maxOccurs="unbounded">
+                            <xs:annotation>
+                                <xs:documentation>A protocol-related cryptographic assets</xs:documentation>
+                            </xs:annotation>
+                        </xs:element>
                     </xs:sequence>
                 </xs:complexType>
             </xs:element>