Cryptographic key types

A cryptographic key is a string of data that is used to lock or unlock cryptographic functions, including authentication, authorization and encryption. Cryptographic keys are grouped into cryptographic key types according to the functions they perform.[1]

Description

Consider a keyring that contains a variety of keys. These keys might be various shapes and sizes, but one thing is certain, each will generally serve a separate purpose. One key might be used to start an automobile, while another might be used to open a safety deposit box. The automobile key will not work to open the safety deposit box and vice versa. This analogy provides some insight on how cryptographic key types work. These keys are categorized in respect to how they are used and what properties they possess.

A cryptographic key is categorized according to how it will be used and what properties it has. For example, a key might have one of the following properties: Symmetric, Public or Private. Keys may also be grouped into pairs that have one private and one public key, which is referred to as an Asymmetric key pair.

Asymmetric versus symmetric keys

Asymmetric keys differ from symmetric keys in that the algorithms use separate keys for encryption and decryption while a symmetric key’s algorithm uses a single key for both processes. Because multiple keys are used with an asymmetric algorithm, the process takes longer to produce than a symmetric key algorithm would. However, the benefits lay in the fact that an asymmetric algorithm is much more secure than a symmetric key algorithm is.

With a symmetric key, the key needs to be transmitted to the receiver where there is always the possibility that the key could be intercepted or tampered with. With an asymmetric key, the message and/or accompanying data can be sent or received by using a public key; however, the receiver or sender would use his or her personal private key to access the message and/or accompanying data. Thus, asymmetric keys are suited for use for transmitting confidential messages and data and when authentication is required for assurance that the message has not been tampered with. Only the receiver, whom is in possession of the public key’s corresponding private key, has the ability to decode the message. A public key can be sent back and forth between recipients, but a private key remains fixed to one location and is not sent back and forth, which keeps it safe from being intercepted during transmission.[1]

Long term versus single use

Cryptographic keys may also have keys that designate they can be used for long-term (static, archived) use or used for a single session (ephemeral). The latter generally applies to the use of an Ephemeral Key Agreement Key. Most other key types are designed to last for long crypto-periods from about one to two years. When a shorter crypto-period is designed different key types may be used, such as Data Encryption keys, Symmetric Authentication keys, Private Key-Transport keys, Key-Wrapping keys, Authorization keys or RNG keys.[1]

Key types

This page shows the classification of key types from the point of view of key management. In a key management system, each key should be labeled with one such type and that key should never be used for a different purpose.

According to NIST SP 800-57 (Revision 4) the following types of keys exist[2][1][3]:

Private signature key
Private signature keys are the private keys of asymmetric (public) key pairs that are used by public key algorithms to generate digital signatures with possible long-term implications. When properly handled, private signature keys can be used to provide authentication, integrity and non-repudiation.
Public signature verification key
A public signature verification key is the public key of an asymmetric key pair that is used by a public key algorithm to verify digital signatures, either to authenticate a user's identity, to determine the integrity of the data, for non-repudiation, or a combination thereof.
Symmetric authentication key
Symmetric authentication keys are used with symmetric key algorithms to provide assurance of the integrity and source of messages, communication sessions, or stored data.
Private authentication key
A private authentication key is the private key of an asymmetric key pair that is used with a public key algorithm to provide assurance as to the integrity of information, and the identity of the originating entity or the source of messages, communication sessions, or stored data.
Public authentication key
A public authentication key is the public key of an asymmetric key pair that is used with a public key algorithm to determine the integrity of information and to authenticate the identity of entities, or the source of messages, communication sessions, or stored data.
Symmetric data encryption key
These keys are used with symmetric key algorithms to apply confidentiality protection to information.
Symmetric key wrapping key
Symmetric key wrapping keys are used to encrypt other keys using symmetric key algorithms. Key wrapping keys are also known as key encrypting keys.
Symmetric and asymmetric random number generation keys
These are keys used to generate random numbers.
Symmetric master key
A symmetric master key is used to derive other symmetric keys (e.g., data encryption keys, key wrapping keys, or authentication keys) using symmetric cryptographic methods.
Private key transport key
Private key transport keys are the private keys of asymmetric key pairs that are used to decrypt keys that have been encrypted with the associated public key using a public key algorithm. Key transport keys are usually used to establish keys (e.g., key wrapping keys, data encryption keys or MAC keys) and, optionally, other keying material (e.g., initialization vectors).
Public key transport key
Public key transport keys are the public keys of asymmetric key pairs that are used to encrypt keys using a public key algorithm. These keys are used to establish keys (e.g., key wrapping keys, data encryption keys or MAC keys) and, optionally, other keying material (e.g., Initialization Vectors).
Symmetric key agreement key
These symmetric keys are used to establish keys (e.g., key wrapping keys, data encryption keys, or MAC keys) and, optionally, other keying material (e.g., Initialization Vectors) using a symmetric key agreement algorithm.
Private static key agreement key
Private static key agreement keys are the private keys of asymmetric key pairs that are used to establish keys (e.g., key wrapping keys, data encryption keys, or MAC keys) and, optionally, other keying material (e.g., Initialization Vectors).
Public static key agreement key
Public static key agreement keys are the public keys of asymmetric key pairs that are used to establish keys (e.g., key wrapping keys, data encryption keys, or MAC keys) and, optionally, other keying material (e.g., Initialization Vectors).
Private ephemeral key agreement key
Private ephemeral key agreement keys are the private keys of asymmetric key pairs that are used only once to establish one or more keys (e.g., key wrapping keys, data encryption keys, or MAC keys) and, optionally, other keying material (e.g., Initialization Vectors).
Public ephemeral key agreement key
Public ephemeral key agreement keys are the public keys of asymmetric key pairs that are used in a single key establishment transaction to establish one or more keys (e.g., key wrapping keys, data encryption keys, or MAC keys) and, optionally, other keying material (e.g., Initialization Vectors).
Symmetric authorization key
Symmetric authorization keys are used to provide privileges to an entity using a symmetric cryptographic method. The authorization key is known by the entity responsible for monitoring and granting access privileges for authorized entities and by the entity seeking access to resources.
Private authorization key
A private authorization key is the private key of an asymmetric key pair that is used to provide privileges to an entity.
Public authorization key
A public authorization key is the public key of an asymmetric key pair that is used to verify privileges for an entity that knows the associated private authorization key.
References
  1. Reinholm, James H. "Classification of Cryptographic Keys (Functions & Properties)". Cryptomathic. Retrieved 12 June 2017.
  2. Barker, Elaine. "NIST Special Publication 800-57 Part 1 Revision 4: Recommendation for Key Management" (PDF). National Institute of Standards and Technology (NIST). Retrieved 12 June 2017.
  3. Spacey, John. "12 Types of Cryptographic Key". Simplicable. Retrieved 12 June 2017.
External links
Continue Reading...
Content from Wikipedia Licensed under CC-BY-SA.

Cryptographic key types

topic

Cryptographic key types

A cryptographic key is a string of data that is used to lock or unlock cryptographic functions, including authentication, authorization and encryption. Cryptographic keys are grouped into cryptographic key types according to the functions they perform.[1] Description Consider a keyring that contains a variety of keys. These keys might be various shapes and sizes, but one thing is certain, each will generally serve a separate purpose. One key might be used to start an automobile, while another might be used to open a safety deposit box. The automobile key will not work to open the safety deposit box and vice versa. This analogy provides some insight on how cryptographic key types work. These keys are categorized in respect to how they are used and what properties they possess. A cryptographic key is categorized according to how it will be used and what properties it has. For example, a key might have one of the following properties: Symmetric, Public or Private. Keys may also be grouped into pairs that have ...more...

Member feedback about Cryptographic key types:

Key management

Revolvy Brain (revolvybrain)

Revolvy User


Key (cryptography)

topic

Key (cryptography)

In cryptography, a key is a piece of information (a parameter) that determines the functional output of a cryptographic algorithm. For encryption algorithms, a key specifies the transformation of plaintext into ciphertext, and vice versa for decryption algorithms. Keys also specify transformations in other cryptographic algorithms, such as digital signature schemes and message authentication codes. Need for secrecy In designing security systems, it is wise to assume that the details of the cryptographic algorithm are already available to the attacker. This is known as Kerckhoffs' principle — "only secrecy of the key provides security", or, reformulated as Shannon's maxim, "the enemy knows the system". The history of cryptography provides evidence that it can be difficult to keep the details of a widely used algorithm secret (see security through obscurity). A key is often easier to protect (it's typically a small piece of information) than an encryption algorithm, and easier to change if compromised. Thus, ...more...

Member feedback about Key (cryptography):

Cryptography

Revolvy Brain (revolvybrain)

Revolvy User

Mathematics

(weknow)

Revolvy User


Glossary of cryptographic keys

topic

Glossary of cryptographic keys

Key list for a German World War II Enigma machine This glossary lists types of keys as the term is used in cryptography, as opposed to door locks. Terms that are primarily used by the U.S. National Security Agency are marked (NSA). For classification of keys according to their usage see cryptographic key types. 40-bit key - key with a length of 40 bits, once the upper limit of what could be exported from the U.S. and other countries without a license. Considered very insecure. See key size for a discussion of this and other lengths. authentication key - Key used in a keyed-hash message authentication code, or HMAC. benign key - (NSA) a key that has been protected by encryption or other means so that it can be distributed without fear of its being stolen. Also called BLACK key. content-encryption key (CEK) a key that may be further encrypted using a KEK, where the content may be a message, audio, image, video, executable code, etc. crypto ignition key An NSA key storage device (KSD-64) shaped to l ...more...

Member feedback about Glossary of cryptographic keys:

Technology-related lists

Revolvy Brain (revolvybrain)

Revolvy User


Ephemeral key

topic

Ephemeral key

A cryptographic key is called ephemeral if it is generated for each execution of a key establishment process. In some cases ephemeral keys are used more than once, within a single session (e.g., in broadcast applications) where the sender generates only one ephemeral key pair per message and the private key is combined separately with each recipient's public key. Contrast with a static key. Private / public ephemeral key agreement key Private (resp. public) ephemeral key agreement keys are the private (resp. public) keys of asymmetric key pairs that are used a single key establishment transaction to establish one or more keys (e.g., key wrapping keys, data encryption keys, or MAC keys) and, optionally, other keying material (e.g., initialization vectors). See also Cryptographic key types Session key External links Recommendation for Key Management — Part 1: General, NIST Special Publication 800-57 NIST Cryptographic Toolkit ...more...

Member feedback about Ephemeral key:

Cryptography

Revolvy Brain (revolvybrain)

Revolvy User


Cryptographic protocol

topic

Cryptographic protocol

A security protocol (cryptographic protocol or encryption protocol) is an abstract or concrete protocol that performs a security-related function and applies cryptographic methods, often as sequences of cryptographic primitives. A protocol describes how the algorithms should be used. A sufficiently detailed protocol includes details about data structures and representations, at which point it can be used to implement multiple, interoperable versions of a program.[1] Cryptographic protocols are widely used for secure application-level data transport. A cryptographic protocol usually incorporates at least some of these aspects: Key agreement or establishment Entity authentication Symmetric encryption and message authentication material construction Secured application-level data transport Non-repudiation methods Secret sharing methods Secure multi-party computation For example, Transport Layer Security (TLS) is a cryptographic protocol that is used to secure web (HTTP/HTTPS) connections. It has ...more...

Member feedback about Cryptographic protocol:

Cryptographic protocols

Revolvy Brain (revolvybrain)

Revolvy User

MultiLevel Security

(jaysper)

Revolvy User


Key management

topic

Key management

Key management refers to management of cryptographic keys in a cryptosystem. This includes dealing with the generation, exchange, storage, use, crypto-shredding (destruction) and replacement of keys. It includes cryptographic protocol design, key servers, user procedures, and other relevant protocols.[1] Key management concerns keys at the user level, either between users or systems. This is in contrast to key scheduling, which typically refers to the internal handling of keys within the operation of a cipher. Successful key management is critical to the security of a cryptosystem. It is the more challenging side of cryptography in a sense that it involves aspects of social engineering such as system policy, user training, organizational and departmental interactions, and coordination between all of these elements, in contrast to pure mathematical practices that can be automated. Types of keys Cryptographic systems may use different types of keys, with some systems using more than one. These may include s ...more...

Member feedback about Key management:

Data security

Revolvy Brain (revolvybrain)

Revolvy User


Public-key cryptography

topic

Public-key cryptography

An unpredictable (typically large and random) number is used to begin generation of an acceptable pair of keys suitable for use by an asymmetric key algorithm. In an asymmetric key encryption scheme, anyone can encrypt messages using the public key, but only the holder of the paired private key can decrypt. Security depends on the secrecy of the private key. In the Diffie–Hellman key exchange scheme, each party generates a public/private key pair and distributes the public key. After obtaining an authentic copy of each other's public keys, Alice and Bob can compute a shared secret offline. The shared secret can be used, for instance, as the key for a symmetric cipher. In this example the message is only signed and not encrypted. 1) Alice signs a message with her private key. 2) Bob can verify that Alice send the message and that the message has not been modified. Public-key cryptography, or asymmetric cryptography, is any cryptographic system that uses pairs of keys: public keys which may be dissemi ...more...

Member feedback about Public-key cryptography:

Banking technology

Revolvy Brain (revolvybrain)

Revolvy User


Key size

topic

Key size

In cryptography, key size or key length is the number of bits in a key used by a cryptographic algorithm (such as a cipher). Key length defines the upper-bound on an algorithm's security (i.e., a logarithmic measure of the fastest known attack against an algorithm, relative to the key length), since the security of all algorithms can be violated by brute force attacks. Ideally, key length would coincide with the lower-bound on an algorithm's security. Indeed, most symmetric-key algorithms are designed to have security equal to their key length. However, after design, a new attack might be discovered. For instance, Triple DES was designed to have a 168 bit key, but an attack of complexity 2112 is now known (i.e., Triple DES has 112 bits of security). Nevertheless, as long as the relation between key length and security is sufficient for a particular application, then it doesn't matter if key length and security coincide. This is important for asymmetric-key algorithms, because no such algorithm is known to sa ...more...

Member feedback about Key size:

Key management

Revolvy Brain (revolvybrain)

Revolvy User


Static key

topic

Static key

A cryptographic key is called static if it is intended for use for a relatively long period of time and is typically intended for use in many instances of a cryptographic key establishment scheme. Contrast with an ephemeral key. See also Cryptographic key types Recommendation for Key Management — Part 1: general, [1] NIST Cryptographic Toolkit ...more...

Member feedback about Static key:

Key management

Revolvy Brain (revolvybrain)

Revolvy User


Symmetric-key algorithm

topic

Symmetric-key algorithm

Symmetric-key algorithms[1] are algorithms for cryptography that use the same cryptographic keys for both encryption of plaintext and decryption of ciphertext. The keys may be identical or there may be a simple transformation to go between the two keys.[2] The keys, in practice, represent a shared secret between two or more parties that can be used to maintain a private information link.[3] This requirement that both parties have access to the secret key is one of the main drawbacks of symmetric key encryption, in comparison to public-key encryption (also known as asymmetric key encryption).[4] Types Symmetric-key encryption can use either stream ciphers or block ciphers.[5] Stream ciphers encrypt the digits (typically bytes), or letters (in substitution ciphers) of a message one at a time. An example is the Vigenere Cipher. Block ciphers take a number of bits and encrypt them as a single unit, padding the plaintext so that it is a multiple of the block size. Blocks of 64 bits were commonly used. The Adv ...more...

Member feedback about Symmetric-key algorithm:

Cryptographic algorithms

Revolvy Brain (revolvybrain)

Revolvy User


PKCS

topic

PKCS

In cryptography, PKCS stands for "Public Key Cryptography Standards". These are a group of public-key cryptography standards devised and published by RSA Security Inc, starting in the early 1990s. The company published the standards to promote the use of the cryptography techniques to which they had patents, such as the RSA algorithm, the Schnorr signature algorithm and several others. Though not industry standards (because the company retained control over them), some of the standards in recent years have begun to move into the "standards-track" processes of relevant standards organizations such as the IETF and the PKIX working-group. PKCS Standards Summary Version Name Comments PKCS #1 2.2 RSA Cryptography Standard[1] See RFC 8017. Defines the mathematical properties and format of RSA public and private keys (ASN.1-encoded in clear-text), and the basic algorithms and encoding/padding schemes for performing RSA encryption, decryption, and producing and verifying signatures. PKCS #2 - Withdrawn No lo ...more...

Member feedback about PKCS:

Public-key cryptography

Revolvy Brain (revolvybrain)

Revolvy User


Key party

topic

Key party

Key party may refer to: A key party, a type of group sex event A key signing party, an event at which people present cryptographic keys to others in person for identity verification ...more...



NSA product types

topic

NSA product types

The U.S. National Security Agency (NSA) ranks cryptographic products or algorithms by a certification called product types. Product types are defined in the National Information Assurance Glossary (CNSSI No. 4009) which defines Type 1 products, Type 2 products, Type 3 algorithms, and Type 4 algorithms.[1] Type 1 product A Type 1 product is a device or system certified by NSA for use in cryptographically securing classified U.S. Government information. A Type 1 product is defined as: Classified or controlled cryptographic item endorsed by the NSA for securing classified and sensitive U.S. Government information, when appropriately keyed. The term refers only to products, and not to information, key, services, or controls. Type 1 products contain approved NSA algorithms. They are available to U.S. Government users, their contractors, and federally sponsored non-U.S. Government activities subject to export restrictions in accordance with International Traffic in Arms Regulations. Type 1 certification is a r ...more...

Member feedback about NSA product types:

Type 1 encryption algorithms

Revolvy Brain (revolvybrain)

Revolvy User


Cryptographic hash function

topic

Cryptographic hash function

A cryptographic hash function (specifically SHA-1) at work. A small change in the input (in the word "over") drastically changes the output (digest). This is the so-called avalanche effect. A cryptographic hash function is a special class of hash function that has certain properties which make it suitable for use in cryptography. It is a mathematical algorithm that maps data of arbitrary size to a bit string of a fixed size (a hash) and is designed to be a one-way function, that is, a function which is infeasible to invert. The only way to recreate the input data from an ideal cryptographic hash function's output is to attempt a brute-force search of possible inputs to see if they produce a match, or use a rainbow table of matched hashes. Bruce Schneier has called one-way hash functions "the workhorses of modern cryptography".[1] The input data is often called the message, and the output (the hash value or hash) is often called the message digest or simply the digest. The ideal cryptographic hash function h ...more...

Member feedback about Cryptographic hash function:

Cryptography

Revolvy Brain (revolvybrain)

Revolvy User

Hash Functions - Cryptography

(jziadi)

Revolvy User


Tsk

topic

Tsk

Look up tsk in Wiktionary, the free dictionary. Tsk or TSK may refer to: The Turkish Armed Forces, (Turkish: Türk Silahlı Kuvvetleri) Traffic Security Key, used to control spread spectrum radios; see List of cryptographic key types Tiger Schulmann's Karate, now Tiger Schulmann's Mixed Martial Arts The Sleuth Kit, collection of computer forensics-related tools ICAO code of airline Tomskavia San-in Chūō Television Broadcasting, a Japanese TV station A dental click, a sound indicating disapproval or pity Thaanaa Serndha Koottam (2018), a Tamil film directed by Vignesh Shivan ...more...



Wiener's attack

topic

Wiener's attack

The Wiener's attack, named after cryptologist Michael J. Wiener, is a type of cryptographic attack against RSA. The attack uses the continued fraction method to expose the private key d when d is small. Background on RSA Before we discuss how Wiener's attack works, we will first briefly explain how RSA works. For more details see the main entry on the RSA cryptosystem. Let Alice and Bob be two people who want to communicate securely. More specifically, Alice wants to send a message to Bob which only Bob can read. First Bob chooses two primes p and q. Then he calculates the RSA modulus N = pq. This RSA modulus is made public together with the encryption exponent e. N and e form the public key pair (e,N). By making this information public, anyone can encrypt messages to Bob. The decryption exponent d satisfies e d = 1 mod φ ( N ) {\displaystyle ed=1{\bmod {\varphi }}(N)} , where φ ( N ) = ( p − 1 ) ( q − 1 ) {\displaystyle \varphi (N)=(p-1)(q-1)} , is Euler’s phi function (note: this is the o ...more...

Member feedback about Wiener's attack:

Cryptographic attacks

Revolvy Brain (revolvybrain)

Revolvy User


Session key

topic

Session key

A session key is a single-use symmetric key used for encrypting all messages in one communication session. A closely related term is content encryption key (CEK), traffic encryption key (TEK), or multicast key which refers to any key used to encrypt messages, as opposed to other uses, like encrypting other keys (key encryption key (KEK) or key wrapping key). Session keys can introduce complication into a system. However, they solve some real problems. There are two primary reasons to use session keys: Several cryptanalytic attacks become easier as more material encrypted with a specific key is available. By limiting the amount of data processed using a particular key, those attacks are made more difficult. asymmetric encryption is too slow for many purposes, and all secret key algorithms require that the key is securely distributed. By using an asymmetric algorithm to encrypt the secret key for another, faster, symmetric algorithm, it's possible to improve overall performance considerably. This is the p ...more...

Member feedback about Session key:

Key management

Revolvy Brain (revolvybrain)

Revolvy User


Post-quantum cryptography

topic

Post-quantum cryptography

Post-quantum cryptography (sometimes referred to as quantum-proof, quantum-safe or quantum-resistant) refers to cryptographic algorithms (usually public-key algorithms) that are thought to be secure against an attack by a quantum computer. As of 2018, this is not true for the most popular public-key algorithms, which can be efficiently broken by a sufficiently strong hypothetical quantum computer. The problem with currently popular algorithms is that their security relies on one of three hard mathematical problems: the integer factorization problem, the discrete logarithm problem or the elliptic-curve discrete logarithm problem. All of these problems can be easily solved on a sufficiently powerful quantum computer running Shor's algorithm.[1][2] Even though current, publicly known, experimental quantum computers lack processing power to break any real cryptographic algorithm,[3] many cryptographers are designing new algorithms to prepare for a time when quantum computing becomes a threat. This work has gained ...more...

Member feedback about Post-quantum cryptography:

Cryptography

Revolvy Brain (revolvybrain)

Revolvy User


Web cryptography API

topic

Web cryptography API

The Web Cryptography API is the World Wide Web Consortium’s (W3C) recommendation for a low-level interface that would increase the security of web applications by allowing them to perform cryptographic functions without having to access raw keying material.[1] This agnostic API would perform basic cryptographic operations, such as hashing, signature generation and verification and encryption as well as decryption from within a web application.[2] Description The World Wide Web Consortium (W3C) was founded in 1994 by Tim Berners-Lee who is the original architect of the World Wide Web. This consortium consists of international companies that are involved with the Internet and the World Wide Web. Its purpose is to develop open standards and provide recommendations that will allow the Web to continue to evolve in a single direction versus splintering into different factions that could potentially compete against one another. On 26 January 2017, the W3C released its recommendation for a Web Cryptography API[3] ...more...

Member feedback about Web cryptography API:

XML-based standards

Revolvy Brain (revolvybrain)

Revolvy User


Strong cryptography

topic

Strong cryptography

Strong cryptography or cryptographic-ally strong are general terms applied to cryptographic systems or components that are considered highly resistant to cryptanalysis. Demonstrating the resistance of any cryptographic scheme to attack is a complex matter, requiring extensive testing and reviews, preferably in a public forum. Good algorithms and protocols are required, and good system design and implementation is needed as well. For instance, the operating system on which the cryptographic software runs should be as carefully secured as possible. Users may handle passwords insecurely, or trust 'service' personnel overly much, or simply misuse the software. (See social engineering.) "Strong" thus is an imprecise term and may not apply in particular situations. Background The use of computers changed the process of cryptanalysis, famously with Bletchley Park's Colossus. But just as the development of digital computers and electronics helped in cryptanalysis, it also made possible much more complex ciphers. I ...more...

Member feedback about Strong cryptography:

Cryptography

Revolvy Brain (revolvybrain)

Revolvy User


History of cryptography

topic

History of cryptography

Cryptography, the use of codes and ciphers to protect secrets, began thousands of years ago. Until recent decades, it has been the story of what might be called classic cryptography — that is, of methods of encryption that use pen and paper, or perhaps simple mechanical aids. In the early 20th century, the invention of complex mechanical and electromechanical machines, such as the Enigma rotor machine, provided more sophisticated and efficient means of encryption; and the subsequent introduction of electronics and computing has allowed elaborate schemes of still greater complexity, most of which are entirely unsuited to pen and paper. The development of cryptography has been paralleled by the development of cryptanalysis — the "breaking" of codes and ciphers. The discovery and application, early on, of frequency analysis to the reading of encrypted communications has, on occasion, altered the course of history. Thus the Zimmermann Telegram triggered the United States' entry into World War I; and Allied readi ...more...

Member feedback about History of cryptography:

History of cryptography

Revolvy Brain (revolvybrain)

Revolvy User

Crypto

(Capetillar)

Revolvy User


V-Key

topic

V-Key

V-Key is a software-based digital security solutions provider. Headquartered in Singapore, it provides back-end to front-end solutions to financial institutions, mobile payment providers and governments to implement cloud-based payments, authentication for mobile banking, and secured mobile applications for user access and data protection.[1][2] Background & founders V-Key was founded in 2011 by entrepreneur Eddie Chau, Benjamin Mah and Joseph Gan.Eddie Chau, who also formed digital agency Brandtology,[3] acquired by iSentia in 2014, started V-Key primarily to secure mobile devices and applications with patented technology.[4][5] Benjamin Mah is the co-founder and chief executive officer of V-Key. He was general manager at e-Cop (acquired by a wholly owned subsidiary of Temasek Holdings) and regional director at Encentuate (acquired by IBM), before he co-founded V-Key.[6] He is concurrently venture partner of Venture Craft, chairman of JumpStart Asia and a mentor at UOB Finlabs.[7] Joseph Gan is the t ...more...

Member feedback about V-Key:

Data security

Revolvy Brain (revolvybrain)

Revolvy User


Encryption

topic

Encryption

In cryptography, encryption is the process of encoding a message or information in such a way that only authorized parties can access it and those who are not authorized cannot. Encryption does not itself prevent interference, but denies the intelligible content to a would-be interceptor. In an encryption scheme, the intended information or message, referred to as plaintext, is encrypted using an encryption algorithm – a cipher – generating ciphertext that can be read only if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. It is in principle possible to decrypt the message without possessing the key, but, for a well-designed encryption scheme, considerable computational resources and skills are required. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients but not to unauthorized users. Types Symmetric key / Private key In symmetric-key schemes,[1] the encryption and decrypti ...more...

Member feedback about Encryption:

Cryptography

Revolvy Brain (revolvybrain)

Revolvy User

ruz

(lolitamar)

Revolvy User ertgxd('g

Favorites

(dav)

Revolvy User


Communications security

topic

Communications security

PRC-77 VHF radio with digital voice encryption device Communications security is the discipline of preventing unauthorized interceptors from accessing telecommunications in an intelligible form, while still delivering content to the intended recipients. In the North Atlantic Treaty Organization culture, including United States Department of Defense culture, it is often referred to by the abbreviation COMSEC. The field includes cryptographic security, transmission security, emissions security and physical security of COMSEC equipment and associated keying material. COMSEC is used to protect both classified and unclassified traffic on military communications networks, including voice, video, and data. It is used for both analog and digital applications, and both wired and wireless links. Voice over secure internet protocol VOSIP has become the de facto standard for securing voice communication, replacing the need for Secure Terminal Equipment (STE) in much of NATO, including the U.S.A. USCENTCOM moved enti ...more...

Member feedback about Communications security:

Cryptography

Revolvy Brain (revolvybrain)

Revolvy User


Diffie–Hellman key exchange

topic

Diffie–Hellman key exchange

Prior to public key methods like Diffie–Hellman, cryptographic keys had to be transmitted in physical form such as this World War II list of keys for the German Enigma cipher machine. Diffie–Hellman key exchange (DH)[nb 1] is a method of securely exchanging cryptographic keys over a public channel and was one of the first public-key protocols as originally conceptualized by Ralph Merkle and named after Whitfield Diffie and Martin Hellman.[1][2] DH is one of the earliest practical examples of public key exchange implemented within the field of cryptography. Traditionally, secure encrypted communication between two parties required that they first exchange keys by some secure physical channel, such as paper key lists transported by a trusted courier. The Diffie–Hellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure channel. This key can then be used to encrypt subsequent communications using a symmetric key cipher. D ...more...

Member feedback about Diffie–Hellman key exchange:

Cryptographic protocols

Revolvy Brain (revolvybrain)

Revolvy User


NSA cryptography

topic

NSA cryptography

The vast majority of the National Security Agency's work on encryption is classified, but from time to time NSA participates in standards processes or otherwise publishes information about its cryptographic algorithms. The NSA has categorized encryption items into four product types, and algorithms into two suites. The following is a brief and incomplete summary of public knowledge about NSA algorithms and protocols. Type 1 Product A Type 1 Product refers to an NSA endorsed classified or controlled cryptographic item for classified or sensitive U.S. government information, including cryptographic equipment, assembly or component classified or certified by NSA for encrypting and decrypting classified and sensitive national security information when appropriately keyed.[1] Name Type Specification Use Equipment (incomplete list) ACCORDIAN (or ACCORDION) R21-TECH-13-00, "ACCORDIAN 3.0 Specification" (August 2000) AIM (1999 and 2004 brochures), SafeXcel-3340, PSIAM [2] AES (256-bit keys onl ...more...

Member feedback about NSA cryptography:

National Security Agency

Revolvy Brain (revolvybrain)

Revolvy User


Cryptography

topic

Cryptography

German Lorenz cipher machine, used in World War II to encrypt very-high-level general staff messages Cryptography or cryptology (from Ancient Greek: κρυπτός, translit. kryptós "hidden, secret"; and γράφειν graphein, "to write", or -λογία -logia, "study", respectively[1]) is the practice and study of techniques for secure communication in the presence of third parties called adversaries.[2] More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages;[3] various aspects in information security such as data confidentiality, data integrity, authentication, and non-repudiation[4] are central to modern cryptography. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, electrical engineering, communication science, and physics. Applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications. Crypt ...more...

Member feedback about Cryptography:

Formal sciences

Revolvy Brain (revolvybrain)

Revolvy User

Fabyan

Rod Nelson (rbn3)

Revolvy User


Cryptography law

topic

Cryptography law

Cryptography is the practice and study of encrypting information, or in other words, securing information from unauthorized access. There are many different cryptography laws in different nations. Some countries prohibit export of cryptography software and/or encryption algorithms or cryptoanalysis methods. In some countries a license is required to use encryption software, and a few countries ban citizens from encrypting their internet communication. Some countries require decryption keys to be recoverable in case of a police investigation. Overview Issues regarding cryptography law fall into four categories:[1] Export control, which is the restriction on export of cryptography methods within a country to other countries or commercial entities. There are international export control agreements, the main one being the Wassenaar Arrangement. The Wassenaar Arrangement was created after the dissolution of COCOM (Coordinating committee for Multilateral Export Controls), which in 1989 "decontrolled password an ...more...

Member feedback about Cryptography law:

Cryptography law

Revolvy Brain (revolvybrain)

Revolvy User


ID-based encryption

topic

ID-based encryption

ID-based encryption, or identity-based encryption (IBE), is an important primitive of ID-based cryptography. As such it is a type of public-key encryption in which the public key of a user is some unique information about the identity of the user (e.g. a user's email address). This means that a sender who has access to the public parameters of the system can encrypt a message using e.g. the text-value of the receiver's name or email address as a key. The receiver obtains its decryption key from a central authority, which needs to be trusted as it generates secret keys for every user. ID-based encryption was proposed by Adi Shamir in 1984.[1] He was however only able to give an instantiation of identity-based signatures. Identity-based encryption remained an open problem for many years. The pairing-based Boneh–Franklin scheme[2] and Cocks's encryption scheme[3] based on quadratic residues both solved the IBE problem in 2001. Usage Identity-based systems allow any party to generate a public key from a known ...more...

Member feedback about ID-based encryption:

Public-key cryptography

Revolvy Brain (revolvybrain)

Revolvy User


Public key infrastructure

topic

Public key infrastructure

Diagram of a public key infrastructure A public key infrastructure (PKI) is a set of roles, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption. The purpose of a PKI is to facilitate the secure electronic transfer of information for a range of network activities such as e-commerce, internet banking and confidential email. It is required for activities where simple passwords are an inadequate authentication method and more rigorous proof is required to confirm the identity of the parties involved in the communication and to validate the information being transferred.[1] In cryptography, a PKI is an arrangement that binds public keys with respective identities of entities (like people and organizations). The binding is established through a process of registration and issuance of certificates at and by a certificate authority (CA). Depending on the assurance level of the binding, this may be carried out by an automated pro ...more...

Member feedback about Public key infrastructure:

Public-key cryptography

Revolvy Brain (revolvybrain)

Revolvy User


Cryptographic Service Provider

topic

Cryptographic Service Provider

In Microsoft Windows, a Cryptographic Service Provider (CSP) is a software library that implements the Microsoft CryptoAPI (CAPI). CSPs implement encoding and decoding functions, which computer application programs may use, for example, to implement strong user authentication or for secure email. CSPs are independent modules that can be used by different applications. A user program calls CryptoAPI functions and these are redirected to CSPs functions. Since CSPs are responsible for implementing cryptographic algorithms and standards, applications do not need to be concerned about security details. Furthermore, one application can define which CSP it is going to use on its calls to CryptoAPI. In fact, all cryptographic activity is implemented in CSPs. CryptoAPI only works as a bridge between the application and the CSP. CSPs are implemented basically as a special type of DLL with special restrictions on loading and use. Every CSP must be digitally signed by Microsoft and the signature is verified when Window ...more...

Member feedback about Cryptographic Service Provider:

Cryptography

Revolvy Brain (revolvybrain)

Revolvy User


Hash-based cryptography

topic

Hash-based cryptography

Hash-based cryptography is the generic term for constructions of cryptographic primitives based on the security of hash functions. So far, hash-based cryptography is limited to digital signatures schemes such as the Merkle signature scheme. Hash-based signature schemes combine a one-time signature scheme with a Merkle tree structure. Since a one-time signature scheme key can only sign a single message securely, it is practical to combine many such keys within a single, larger structure. A Merkle tree structure is used to this end. In this hierarchical data structure, a hash function and concatenation are used repeatedly to compute tree nodes. Lamport signatures are an example of a one-time signature scheme that can be combined with a Merkle tree structure. Hash-based cryptography is a type of post-quantum cryptography. History Ralph Merkle invented hash-based signatures in 1979. The XMSS (eXtended Merkle Signature Scheme)[1] and SPHINCS[2][3] hash-based signature schemes were introduced in 2011 and 2015, re ...more...

Member feedback about Hash-based cryptography:

Public-key cryptography

Revolvy Brain (revolvybrain)

Revolvy User


High Assurance Internet Protocol Encryptor

topic

High Assurance Internet Protocol Encryptor

A High Assurance Internet Protocol Encryptor (HAIPE) is a Type 1 encryption device that complies with the National Security Agency's HAIPE IS (formerly the HAIPIS, the High Assurance Internet Protocol Interoperability Specification). The cryptography used is Suite A and Suite B, also specified by the NSA as part of the Cryptographic Modernization Program. HAIPE IS is based on IPsec with additional restrictions and enhancements. One of these enhancements includes the ability to encrypt multicast data using a "preplaced key" (see definition in List of cryptographic key types). This requires loading the same key on all HAIPE devices that will participate in the multicast session in advance of data transmission. A HAIPE is typically a secure gateway that allows two enclaves to exchange data over an untrusted or lower-classification network. Examples of HAIPE devices include: L-3 Communications' HAIPE [1] KG-245X 10Gbit/s (HAIPE IS v3.0.2), KG-245A fully tactical 1 Gbit/s (HAIPE IS v3.1.2 and Foreign Interoper ...more...

Member feedback about High Assurance Internet Protocol Encryptor:

Cryptographic protocols

Revolvy Brain (revolvybrain)

Revolvy User


Client certificate

topic

Client certificate

In cryptography, a client certificate is a type of digital certificate that is used by client systems to make authenticated requests to a remote server.[1] Client certificates play a key role in many mutual authentication designs, providing strong assurances of a requester's identity. See also Client-authenticated TLS handshake References Dierks, T.; Rescorla, E. (August 2008). RFC 5246. sec. 7.4.4. doi:10.17487/RFC5246. https://tools.ietf.org/html/rfc5246#section-7.4.4. Retrieved 29 October 2014.  ...more...

Member feedback about Client certificate:

Public-key cryptography

Revolvy Brain (revolvybrain)

Revolvy User


Cryptographically secure pseudorandom number generator

topic

Cryptographically secure pseudorandom number generator

A cryptographically secure pseudo-random number generator (CSPRNG) or cryptographic pseudo-random number generator (CPRNG)[1] is a pseudo-random number generator (PRNG) with properties that make it suitable for use in cryptography. Most cryptographic applications require random numbers, for example: key generation nonces one-time pads salts in certain signature schemes, including ECDSA, RSASSA-PSS The "quality" of the randomness required for these applications varies. For example, creating a nonce in some protocols needs only uniqueness. On the other hand, generation of a master key requires a higher quality, such as more entropy. And in the case of one-time pads, the information-theoretic guarantee of perfect secrecy only holds if the key material comes from a true random source with high entropy. Ideally, the generation of random numbers in CSPRNGs uses entropy obtained from a high-quality source, generally the operating system's randomness API. However, unexpected correlations have been found in ...more...

Member feedback about Cryptographically secure pseudorandom number generator:

Cryptographic algorithms

Revolvy Brain (revolvybrain)

Revolvy User


Fill device

topic

Fill device

KY-57 voice encryptor. Note fill port in center. A KYK-13 fill device. A fill device or key loader is a module used to load cryptographic keys into electronic encryption machines. Fill devices are usually hand held and electronic ones are battery operated. Older mechanical encryption systems, such as rotor machines, were keyed by setting the positions of wheels and plugs from a printed keying list. Electronic systems required some way to load the necessary cryptovariable data. In the 1950s and 1960s, systems such as the U.S. National Security Agency KW-26 and the Soviet Union's Fialka used punched cards for this purpose. Later NSA encryption systems incorporated a serial port fill connector and developed several common fill devices (CFDs) that could be used with multiple systems. A CFD was plugged in when new keys were to be loaded. Newer NSA systems allow "over the air rekeying" (OTAR), but a master key often must still be loaded using a fill device. NSA uses two serial protocols for key fill, DS-101 a ...more...

Member feedback about Fill device:

National Security Agency encryption devices

Revolvy Brain (revolvybrain)

Revolvy User


Certificateless cryptography

topic

Certificateless cryptography

Certificateless cryptography is a variant of ID-based cryptography intended to prevent the key escrow problem. Ordinarily, keys are generated by a certificate authority or a key generation center (KGC) who is given complete power and is implicitly trusted. To prevent a complete breakdown of the system in the case of a compromised KGC, the key generation process is split between the KGC and the user. The KGC first generates a key pair, where the private key is now the partial private key of the system. The remainder of the key is a random value generated by the user, and is never revealed to anyone, not even the KGC. All cryptographic operations by the user are performed by using a complete private key which involves both the KGC's partial key, and the user's random secret value. One disadvantage of this is that the identity information no longer forms the entire public key. Meaning, the user's public key is not discoverable from only the user's identity string and the KGC's public key. Thus, the user's publi ...more...

Member feedback about Certificateless cryptography:

Public-key cryptography

Revolvy Brain (revolvybrain)

Revolvy User


PKCS 12

topic

PKCS 12

In cryptography, PKCS #12 defines an archive file format for storing many cryptography objects as a single file. It is commonly used to bundle a private key with its X.509 certificate or to bundle all the members of a chain of trust.[1] A PKCS #12 file may be encrypted and signed. The internal storage containers, called "SafeBags", may also be encrypted and signed. A few SafeBags are predefined to store certificates, private keys and CRLs. Another SafeBag is provided to store any other data at individual implementer's choice.[2][3] PKCS #12 is one of the family of standards called Public-Key Cryptography Standards (PKCS) published by RSA Laboratories. The filename extension for PKCS #12 files is ".p12" or ".pfx".[4] These files can be created, parsed and read out with the OpenSSL pkcs12 command.[5] Relationship to PFX file format PKCS #12 is the successor to Microsoft's "PFX";[6] however, the terms "PKCS #12 file" and "PFX file" are sometimes used interchangeably.[4][5][7] Microsoft's "PFX" has receive ...more...

Member feedback about PKCS 12:

Cryptography standards

Revolvy Brain (revolvybrain)

Revolvy User


PKCS 11

topic

PKCS 11

In cryptography, PKCS #11 is one of the Public-Key Cryptography Standards,[1] and also refers to the programming interface to create and manipulate cryptographic tokens. Detail The PKCS #11 standard defines a platform-independent API to cryptographic tokens, such as hardware security modules (HSM) and smart cards, and names the API itself "Cryptoki" (from "cryptographic token interface" and pronounced as "crypto-key" - but "PKCS #11" is often used to refer to the API as well as the standard that defines it). The API defines most commonly used cryptographic object types (RSA keys, X.509 Certificates, DES/Triple DES keys, etc.) and all the functions needed to use, create/generate, modify and delete those objects. Usage Most commercial certificate authority software uses PKCS #11 to access the CA signing key or to enroll user certificates. Cross-platform software that needs to use smart cards uses PKCS #11, such as Mozilla Firefox and OpenSSL (using an extension). It is also used to access smart cards and H ...more...

Member feedback about PKCS 11:

Smart cards

Revolvy Brain (revolvybrain)

Revolvy User


Cipher

topic

Cipher

Edward Larsson's rune cipher resembling that found on the Kensington Runestone. Also includes runically unrelated blackletter writing style and pigpen cipher. In cryptography, a cipher (or cypher) is an algorithm for performing encryption or decryption—a series of well-defined steps that can be followed as a procedure. An alternative, less common term is encipherment. To encipher or encode is to convert information into cipher or code. In common parlance, "cipher" is synonymous with "code," as they are both a set of steps that encrypt a message; however, the concepts are distinct in cryptography, especially classical cryptography. Codes generally substitute different length strings of characters in the output, while ciphers generally substitute the same number of characters as are input. There are exceptions and some cipher systems may use slightly more, or fewer, characters when output versus the number that were input. Codes operated by substituting according to a large codebook which linked a random str ...more...

Member feedback about Cipher:

Cryptography

Revolvy Brain (revolvybrain)

Revolvy User


HMAC

topic

HMAC

HMAC-SHA1 generation In cryptography, an HMAC (sometimes disabbreviated as either keyed-hash message authentication code or hash-based message authentication code) is a specific type of message authentication code (MAC) involving a cryptographic hash function and a secret cryptographic key. It may be used to simultaneously verify both the data integrity and the authentication of a message, as with any MAC. Any cryptographic hash function, such as MD5 or SHA-1, may be used in the calculation of an HMAC; the resulting MAC algorithm is termed HMAC-X, where X is the hash function used (e.g. HMAC-MD5 or HMAC-SHA1). The cryptographic strength of the HMAC depends upon the cryptographic strength of the underlying hash function, the size of its hash output, and the size and quality of the key. HMAC uses two passes of hash computation. The secret key is first used to derive two keys – inner and outer. The first pass of the algorithm produces an internal hash derived from the message and the inner key. The second pass ...more...

Member feedback about HMAC:

Hashing

Revolvy Brain (revolvybrain)

Revolvy User


Index of cryptography articles

topic

Index of cryptography articles

Articles related to cryptography include: kzs 0–9 3-D Secure • 3-subset meet-in-the-middle attack • 3-Way • 40-bit encryption • 56-bit encryption • 5-UCO A A5/1 • A5/2 • ABA digital signature guidelines • ABC (stream cipher) • Abraham Sinkov • Acoustic cryptanalysis • Adaptive chosen-ciphertext attack • Adaptive chosen plaintext and chosen ciphertext attack • Advantage (cryptography) • ADFGVX cipher • Adi Shamir • Advanced Access Content System • Advanced Encryption Standard • Advanced Encryption Standard process • Adversary • AEAD block cipher modes of operation • Affine cipher • Agnes Meyer Driscoll • AKA (security) • Akelarre (cipher) • Alan Turing • Alastair Denniston • Al Bhed language • Alex Biryukov • Alfred Menezes • Algebraic Eraser • Algorithmically random sequence • Alice and Bob • All-or-nothing transform • Alphabetum Kaldeorum • Alternating step generator • American Cryptogram Association • AN/CYZ-10 • Anonymous Internet banking • Anonymous publication • Anonymous remailer • Antoni Palluth • ...more...

Member feedback about Index of cryptography articles:

Mathematics-related lists

Revolvy Brain (revolvybrain)

Revolvy User


Filesystem-level encryption

topic

Filesystem-level encryption

Filesystem-level encryption, often called file/folder encryption, is a form of disk encryption where individual files or directories are encrypted by the file system itself. This is in contrast to full disk encryption where the entire partition or disk, in which the file system resides, is encrypted. Types of filesystem-level encryption include: the use of a 'stackable' cryptographic filesystem layered on top of the main file system a single general-purpose file system with encryption The advantages of filesystem-level encryption include: flexible file-based key management, so that each file can be and usually is encrypted with a separate encryption key individual management of encrypted files e.g. incremental backups of the individual changed files even in encrypted form, rather than backup of the entire encrypted volume access control can be enforced through the use of public-key cryptography, and the fact that cryptographic keys are only held in memory while the file that is decrypted by them ...more...

Member feedback about Filesystem-level encryption:

Utility software types

Revolvy Brain (revolvybrain)

Revolvy User


Ciphertext

topic

Ciphertext

The Zimmermann Telegram (as it was sent from Washington to Mexico) encrypted as ciphertext. KGB ciphertext found in a hollow nickel in Brooklyn in 1953 In cryptography, ciphertext or cyphertext is the result of encryption performed on plaintext using an algorithm, called a cipher.[1] Ciphertext is also known as encrypted or encoded information because it contains a form of the original plaintext that is unreadable by a human or computer without the proper cipher to decrypt it. Decryption, the inverse of encryption, is the process of turning ciphertext into readable plaintext. Ciphertext is not to be confused with codetext because the latter is a result of a code, not a cipher. Conceptual underpinnings Let m {\displaystyle m\!} be the plaintext message that Alice wants to secretly transmit to Bob and let E k {\displaystyle E_{k}\!} be the encryption cipher, where k {\displaystyle _{k}\!} is a cryptographic key. Alice must first transform the plaintext into ciphertext, ...more...

Member feedback about Ciphertext:

Cryptography

Revolvy Brain (revolvybrain)

Revolvy User


ID-based cryptography

topic

ID-based cryptography

Identity-based cryptography is a type of public-key cryptography in which a publicly known string representing an individual or organization is used as a public key. The public string could include an email address, domain name, or a physical IP address. The first implementation of identity-based signatures and an email-address based public-key infrastructure (PKI) was developed by Adi Shamir in 1984,[1] which allowed users to verify digital signatures using only public information such as the user's identifier. Under Shamir's scheme, a trusted third party would deliver the private key to the user after verification of the user's identity, with verification essentially the same as that required for issuing a certificate in a typical PKI. Shamir similarly proposed identity-based encryption, which appeared particularly attractive since there was no need to acquire an identity's public key prior to encryption. However, he was unable to come up with a concrete solution, and identity-based encryption remained an ...more...

Member feedback about ID-based cryptography:

Public-key cryptography

Revolvy Brain (revolvybrain)

Revolvy User


Internet Key Exchange

topic

Internet Key Exchange

In computing, Internet Key Exchange (IKE, sometimes IKEv1 or IKEv2, depending on version) is the protocol used to set up a security association (SA) in the IPsec protocol suite. IKE builds upon the Oakley protocol and ISAKMP.[1] IKE uses X.509 certificates for authentication ‒ either pre-shared or distributed using DNS (preferably with DNSSEC) and a Diffie–Hellman key exchange ‒ to set up a shared session secret from which cryptographic keys are derived.[2][3] In addition, a security policy for every peer which will connect must be manually maintained.[2] History The Internet Engineering Task Force (IETF) originally defined IKE in November 1998 in a series of publications (Request for Comments) known as RFC 2407, RFC 2408 and RFC 2409: RFC 2407 defined the Internet IP Security Domain of Interpretation for ISAKMP.[4] RFC 2408 defined the Internet Security Association and Key Management Protocol (ISAKMP). [5] RFC 2409 defined the Internet Key Exchange (IKE). [6] RFC 4306 updated IKE to version two ...more...

Member feedback about Internet Key Exchange:

Cryptographic protocols

Revolvy Brain (revolvybrain)

Revolvy User


Advanced Encryption Standard

topic

Advanced Encryption Standard

The Advanced Encryption Standard (AES), also known by its original name Rijndael (Dutch pronunciation: ),[3] is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001.[4] AES is a subset of the Rijndael block cipher[3] developed by two Belgian cryptographers, Vincent Rijmen and Joan Daemen, who submitted a proposal[5] to NIST during the AES selection process.[6] Rijndael is a family of ciphers with different key and block sizes. For AES, NIST selected three members of the Rijndael family, each with a block size of 128 bits, but three different key lengths: 128, 192 and 256 bits. AES has been adopted by the U.S. government and is now used worldwide. It supersedes the Data Encryption Standard (DES),[7] which was published in 1977. The algorithm described by AES is a symmetric-key algorithm, meaning the same key is used for both encrypting and decrypting the data. In the United States, AES was announced by the NIST as U.S. F ...more...

Member feedback about Advanced Encryption Standard:

Block ciphers

Revolvy Brain (revolvybrain)

Revolvy User


Challenge–response authentication

topic

Challenge–response authentication

In computer security, challenge–response authentication is a family of protocols in which one party presents a question ("challenge") and another party must provide a valid answer ("response") to be authenticated. The simplest example of a challenge–response protocol is password authentication, where the challenge is asking for the password and the valid response is the correct password. Clearly an adversary who can eavesdrop on a password authentication can then authenticate itself in the same way. One solution is to issue multiple passwords, each of them marked with an identifier. The verifier can ask for any of the passwords, and the prover must have that correct password for that identifier. Assuming that the passwords are chosen independently, an adversary who intercepts one challenge–response message pair has no clues to help with a different challenge at a different time. For example, when other communications security methods are unavailable, the U.S. military uses the AKAC-1553 TRIAD numeral ciphe ...more...

Member feedback about Challenge–response authentication:

Cryptographic protocols

Revolvy Brain (revolvybrain)

Revolvy User


Export of cryptography from the United States

topic

Export of cryptography from the United States

Export-restricted RSA encryption source code printed on a T-shirt made the T-shirt an export-restricted munition, as a freedom of speech protest against U.S. encryption export restrictions (Back side).[1] Changes in the export law means that it is no longer illegal to export this T-shirt from the U.S., or for U.S. citizens to show it to foreigners. The export of cryptographic technology and devices from the United States was severely restricted by U.S. law until 1992, but was gradually eased until 2000; some restrictions still remain. Since World War II, many governments, including the U.S. and its NATO allies, have regulated the export of cryptography for national security reasons, and, as late as 1992, cryptography was on the U.S. Munitions List as an Auxiliary Military Equipment.[2] Due to the enormous impact of cryptanalysis in World War II, these governments saw the military value in denying current and potential enemies access to cryptographic systems. Since the U.S. and U.K. believed they had bette ...more...

Member feedback about Export of cryptography from the United States:

Cryptography

Revolvy Brain (revolvybrain)

Revolvy User


Brute-force attack

topic

Brute-force attack

The EFF's US$250,000 DES cracking machine contained over 1,800 custom chips and could brute-force a DES key in a matter of days. The photograph shows a DES Cracker circuit board fitted on both sides with 64 Deep Crack chips. In cryptography, a brute-force attack consists of an attacker trying many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correct one is found. Alternatively, the attacker can attempt to guess the key which is typically created from the password using a key derivation function. This is known as an exhaustive key search. A brute-force attack is a cryptanalytic attack that can, in theory, be used to attempt to decrypt any encrypted data[1] (except for data encrypted in an information-theoretically secure manner). Such an attack might be used when it is not possible to take advantage of other weaknesses in an encryption system (if any exist) that would make the task easier. When pa ...more...

Member feedback about Brute-force attack:

Cryptographic attacks

Revolvy Brain (revolvybrain)

Revolvy User



Next Page
Javascript Version
Revolvy Server https://www.revolvy.com
Revolvy Site Map