Revolvy Trivia Quizzes Revolvy Lists Revolvy Topics

Cryptographic key types

A cryptographic key is a string of data that is used to lock or unlock cryptographic functions, including authentication, authorization and encryption. Cryptographic keys are grouped into cryptographic key types according to the functions they perform.[1]


Consider a keyring that contains a variety of keys. These keys might be various shapes and sizes, but one thing is certain, each will generally serve a separate purpose. One key might be used to start an automobile, while another might be used to open a safety deposit box. The automobile key will not work to open the safety deposit box and vice versa. This analogy provides some insight on how cryptographic key types work. These keys are categorized in respect to how they are used and what properties they possess.

A cryptographic key is categorized according to how it will be used and what properties it has. For example, a key might have one of the following properties: Symmetric, Public or Private. Keys may also be grouped into pairs that have one private and one public key, which is referred to as an Asymmetric key pair.

Asymmetric versus symmetric keys

Asymmetric keys differ from symmetric keys in that the algorithms use separate keys for encryption and decryption while a symmetric key’s algorithm uses a single key for both processes. Because multiple keys are used with an asymmetric algorithm, the process takes longer to produce than a symmetric key algorithm would. However, the benefits lay in the fact that an asymmetric algorithm is much more secure than a symmetric key algorithm is.

With a symmetric key, the key needs to be transmitted to the receiver where there is always the possibility that the key could be intercepted or tampered with. With an asymmetric key, the message and/or accompanying data can be sent or received by using a public key; however, the receiver or sender would use his or her personal private key to access the message and/or accompanying data. Thus, asymmetric keys are suited for use for transmitting confidential messages and data and when authentication is required for assurance that the message has not be tampered with. Only the receiver whom is in possession of the public key’s corresponding private key has the ability to decode the message. A public key can be sent back and forth between recipients, but a private key remains fixed to one location and is not sent back and forth, which keeps it safe from being intercepted during transmission.[1]

Long term versus single use

Cryptographic keys may also have keys that designate they can be used for long-term (static, archived) use or used for a single session (ephemeral). The latter generally applies to the use of an Ephemeral Key Agreement Key. Most other key types are designed to last for long crypto-periods from about one to two years. When a shorter crypto-period is designed different key types may be used, such as Data Encryption keys, Symmetric Authentication keys, Private Key-Transport keys, Key-Wrapping keys, Authorization keys or RNG keys.[1]

Key types

This page shows the classification of key types from the point of view of key management. In a key management system, each key should be labeled with one such type and that key should never be used for a different purpose.

According to NIST SP 800-57 (Revision 4) the following types of keys exist[2] [1] [3] :

Private signature key
Private signature keys are the private keys of asymmetric (public) key pairs that are used by public key algorithms to generate digital signatures with possible long-term implications. When properly handled, private signature keys can be used to provide authentication, integrity and non-repudiation.
Public signature verification key
A public signature verification key is the public key of an asymmetric key pair that is used by a public key algorithm to verify digital signatures, either to authenticate a user's identity, to determine the integrity of the data, for non-repudiation, or a combination thereof.
Symmetric authentication key
Symmetric authentication keys are used with symmetric key algorithms to provide assurance of the integrity and source of messages, communication sessions, or stored data.
Private authentication key
A private authentication key is the private key of an asymmetric key pair that is used with a public key algorithm to provide assurance as to the integrity of information, and the identity of the originating entity or the source of messages, communication sessions, or stored data.
Public authentication key
A public authentication key is the public key of an asymmetric key pair that is used with a public key algorithm to determine the integrity of information and to authenticate the identity of entities, or the source of messages, communication sessions, or stored data.
Symmetric data encryption key
These keys are used with symmetric key algorithms to apply confidentiality protection to information.
Symmetric key wrapping key
Symmetric key wrapping keys are used to encrypt other keys using symmetric key algorithms. Key wrapping keys are also known as key encrypting keys.
Symmetric and asymmetric random number generation keys
These are keys used to generate random numbers.
Symmetric master key
A symmetric master key is used to derive other symmetric keys (e.g., data encryption keys, key wrapping keys, or authentication keys) using symmetric cryptographic methods.
Private key transport key
Private key transport keys are the private keys of asymmetric key pairs that are used to decrypt keys that have been encrypted with the associated public key using a public key algorithm. Key transport keys are usually used to establish keys (e.g., key wrapping keys, data encryption keys or MAC keys) and, optionally, other keying material (e.g., initialization vectors).
Public key transport key
Public key transport keys are the public keys of asymmetric key pairs that are used to encrypt keys using a public key algorithm. These keys are used to establish keys (e.g., key wrapping keys, data encryption keys or MAC keys) and, optionally, other keying material (e.g., Initialization Vectors).
Symmetric key agreement key
These symmetric keys are used to establish keys (e.g., key wrapping keys, data encryption keys, or MAC keys) and, optionally, other keying material (e.g., Initialization Vectors) using a symmetric key agreement algorithm.
Private static key agreement key
Private static key agreement keys are the private keys of asymmetric key pairs that are used to establish keys (e.g., key wrapping keys, data encryption keys, or MAC keys) and, optionally, other keying material (e.g., Initialization Vectors).
Public static key agreement key
Public static key agreement keys are the public keys of asymmetric key pairs that are used to establish keys (e.g., key wrapping keys, data encryption keys, or MAC keys) and, optionally, other keying material (e.g., Initialization Vectors).
Private ephemeral key agreement key
Private ephemeral key agreement keys are the private keys of asymmetric key pairs that are used only once to establish one or more keys (e.g., key wrapping keys, data encryption keys, or MAC keys) and, optionally, other keying material (e.g., Initialization Vectors).
Public ephemeral key agreement key
Public ephemeral key agreement keys are the public keys of asymmetric key pairs that are used in a single key establishment transaction to establish one or more keys (e.g., key wrapping keys, data encryption keys, or MAC keys) and, optionally, other keying material (e.g., Initialization Vectors).
Symmetric authorization key
Symmetric authorization keys are used to provide privileges to an entity using a symmetric cryptographic method. The authorization key is known by the entity responsible for monitoring and granting access privileges for authorized entities and by the entity seeking access to resources.
Private authorization key
A private authorization key is the private key of an asymmetric key pair that is used to provide privileges to an entity.
Public authorization key
A public authorization key is the public key of an asymmetric key pair that is used to verify privileges for an entity that knows the associated private authorization key.
  1. Reinholm, James H. "Classification of Cryptographic Keys (Functions & Properties)". Cryptomathic. Retrieved 12 June 2017.
  2. Barker, Elaine. "NIST Special Publication 800-57 Part 1 Revision 4: Recommendation for Key Management" (PDF). National Institute of Standards and Technology (NIST). Retrieved 12 June 2017.
  3. Spacey, John. "12 Types of Cryptographic Key". Simplicable. Retrieved 12 June 2017.
External links
Continue Reading...
Content from Wikipedia Licensed under CC-BY-SA.



Edward Larsson 's rune cipher resembling that found on the Kensington Runestone . Also includes runically unrelated blackletter writing style and pigpen cipher . In cryptography , a cipher (or cypher ) is an algorithm for performing encryption or decryption —a series of well-defined steps that can be followed as a procedure. An alternative, less common term is encipherment. To encipher or encode is to convert information into cipher or code. In common parlance, "cipher" is synonymous with " code ", as they are both a set of steps that encrypt a message; however, the concepts are distinct in cryptography, especially classical cryptography . Codes generally substitute different length strings of characters in the output, while ciphers generally substitute the same number of characters as are input. There are exceptions and some cipher systems may use slightly more, or fewer, characters when output versus the number that were input. Codes operated by substituting according to a large codebook which linked a rand ...more...

Hash function


A hash function that maps names to integers from 0 to 15. There is a collision between keys "John Smith" and "Sandra Dee". A hash function is any function that can be used to map data of arbitrary size to data of fixed size. The values returned by a hash function are called hash values , hash codes , digests , or simply hashes . One use is a data structure called a hash table , widely used in computer software for rapid data lookup. Hash functions accelerate table or database lookup by detecting duplicated records in a large file. An example is finding similar stretches in DNA sequences. They are also useful in cryptography . A cryptographic hash function allows one to easily verify that some input data maps to a given hash value, but if the input data is unknown, it is deliberately difficult to reconstruct it (or equivalent alternatives) by knowing the stored hash value. This is used for assuring integrity of transmitted data, and is the building block for HMACs , which provide message authentication . Hash ...more...



A plastic charm keychain on a carabiner Keychain in art A keychain , key fob or key ring is a small chain , usually made from metal or plastic , that connects a small item to a keyring. The length of a keychain allows an item to be used more easily than if connected directly to a keyring. Some keychains allow one or both ends the ability to rotate, keeping the keychain from becoming twisted, while the item is being used. A keychain can also be a connecting link between a keyring and the belt of an individual. It is usually employed by personnel whose job demands frequent use of keys, such as a security guard , prison officer, janitor , or retail store manager. The chain is often retractable, and therefore may be a nylon rope, instead of an actual metal chain. The chain ensures that the keys remain attached to the individual using them, makes accidental loss less likely, and saves on wear and tear on the pockets of the user. Use of keychains Keychains are one of the most common souvenir and advertising items. ...more...



The Zimmermann Telegram (as it was sent from Washington to Mexico) encrypted as ciphertext. KGB ciphertext found in a hollow nickel in Brooklyn in 1953 In cryptography , ciphertext or cyphertext is the result of encryption performed on plaintext using an algorithm, called a cipher . Ciphertext is also known as encrypted or encoded information because it contains a form of the original plaintext that is unreadable by a human or computer without the proper cipher to decrypt it. Decryption , the inverse of encryption, is the process of turning ciphertext into readable plaintext. Ciphertext is not to be confused with codetext because the latter is a result of a code , not a cipher. Conceptual underpinnings Let m {\displaystyle m\!} be the plaintext message that Alice wants to secretly transmit to Bob and let E k {\displaystyle E_{k}\!} be the encryption cipher, where k {\displaystyle _{k}\!} is a cryptographic key . Alice must first transform the plaintext into ciphertext, c {\displaystyle c\!} , in order to sec ...more...

Challenge–response authentication


In computer security , challenge–response authentication is a family of protocols in which one party presents a question ("challenge") and another party must provide a valid answer ("response") to be authenticated . The simplest example of a challenge–response protocol is password authentication, where the challenge is asking for the password and the valid response is the correct password. Clearly an adversary who can eavesdrop on a password authentication can then authenticate itself in the same way. One solution is to issue multiple passwords, each of them marked with an identifier. The verifier can ask for any of the passwords, and the prover must have that correct password for that identifier. Assuming that the passwords are chosen independently, an adversary who intercepts one challenge–response message pair has no clues to help with a different challenge at a different time. For example, when other communications security methods are unavailable, the U.S. military uses the AKAC-1553 TRIAD numeral cipher ...more...

Ring learning with errors key exchange


In cryptography , a public key exchange algorithm is a cryptographic algorithm which allows two parties to create and share a secret key, which they can use to encrypt messages between themselves. The ring learning with errors key exchange ( RLWE-KEX ) is one of a new class of public key exchange algorithms that are designed to be secure against an adversary that possesses a quantum computer . This is important because the vast majority of public key algorithms in use today are easily broken by a quantum computer and scientists are making steady progress toward creating such a computer. RLWE -KEX is one of a set of post-quantum cryptographic algorithms which are based on the difficulty of solving certain mathematical problems involving lattices . Unlike older lattice based cryptographic algorithms, the RLWE -KEX is provably reducible to a known hard problem in lattices. Background Since the 1980s the security of cryptographic key exchanges and digital signatures over the Internet has been primarily based on a ...more...

Encryption software


Encryption software is software that uses cryptography to prevent unauthorized access to digital information. Practically speaking, people use cryptography today to protect the digital information on their computers as well as the digital information that is sent to other computers over the Internet . As software that implements secure cryptography is complex to develop and difficult to get right, most computer users make use of the encryption software that already exists rather than writing their own. Classification As encryption software is an important component in providing protection from cybercrime, there are many, many software products that provide encryption. Because there are so many software products that provide encryption, a good way to begin understanding this topic is classification by categorization . Software encryption uses a cipher to obscure the content into ciphertext , so one way to classify this type of software is by the type of cipher used. Ciphers can be categorized into two cate ...more...



Three rounds of the CAST-128 block cipher In cryptography , CAST-128 (alternatively CAST5 ) is a symmetric-key block cipher used in a number of products, notably as the default cipher in some versions of GPG and PGP . It has also been approved for Government of Canada use by the Communications Security Establishment . The algorithm was created in 1996 by Carlisle Adams and Stafford Tavares using the CAST design procedure. Another member of the CAST family of ciphers, CAST-256 (a former AES candidate) was derived from CAST-128. According to some sources, the CAST name is based on the initials of its inventors, though Bruce Schneier reports the authors' claim that "the name should conjure up images of randomness". CAST-128 is a 12- or 16-round Feistel network with a 64- bit block size and a key size of between 40 and 128 bits (but only in 8-bit increments). The full 16 rounds are used when the key size is longer than 80 bits. Components include large 8×32-bit S-boxes based on bent functions , key-dependent rota ...more...

Data Encryption Standard


The Data Encryption Standard ( DES , ) is a symmetric-key algorithm for the encryption of electronic data. Although now considered insecure, it was highly influential in the advancement of modern cryptography . Developed in the early 1970s at IBM and based on an earlier design by Horst Feistel , the algorithm was submitted to the National Bureau of Standards (NBS) following the agency's invitation to propose a candidate for the protection of sensitive, unclassified electronic government data. In 1976, after consultation with the National Security Agency (NSA), the NBS eventually selected a slightly modified version (strengthened against differential cryptanalysis , but weakened against brute-force attacks ), which was published as an official Federal Information Processing Standard (FIPS) for the United States in 1977. The publication of an NSA-approved encryption standard simultaneously resulted in its quick international adoption and widespread academic scrutiny. Controversies arose out of classified design ...more...

RSA (cryptosystem)


RSA ( Rivest–Shamir–Adleman ) is one of the first public-key cryptosystems and is widely used for secure data transmission. In such a cryptosystem , the encryption key is public and it is different from the decryption key which is kept secret (private). In RSA, this asymmetry is based on the practical difficulty of the factorization of the product of two large prime numbers , the " factoring problem ". The acronym RSA is made of the initial letters of the surnames of Ron Rivest , Adi Shamir , and Leonard Adleman , who first publicly described the algorithm in 1978. Clifford Cocks , an English mathematician working for the British intelligence agency· Government Communications Headquarters (GCHQ), had developed an equivalent system in 1973, but this was not declassified until 1997. A user of RSA creates and then publishes a public key based on two large prime numbers , along with an auxiliary value. The prime numbers must be kept secret. Anyone can use the public key to encrypt a message, but with currently pu ...more...

Man-in-the-middle attack


In cryptography and computer security , a man-in-the-middle attack ( MITM ) is an attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other. One example of man-in-the-middle attacks is active eavesdropping , in which the attacker makes independent connections with the victims and relays messages between them to make them believe they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. The attacker must be able to intercept all relevant messages passing between the two victims and inject new ones. This is straightforward in many circumstances; for example, an attacker within reception range of an unencrypted wireless access point (Wi-Fi) could insert himself as a man-in-the-middle. As an attack that aims at circumventing mutual authentication , or lack thereof, a man-in-the-middle attack can succeed only when the attacker can imperso ...more...

Side-channel attack


In computer security , a side-channel attack is any attack based on information gained from the physical implementation of a computer system, rather than weaknesses in the implemented algorithm itself (e.g. cryptanalysis and software bugs ). Timing information, power consumption, electromagnetic leaks or even sound can provide an extra source of information, which can be exploited to break the system. Some side-channel attacks require technical knowledge of the internal operation of the system, although others such as differential power analysis are effective as black-box attacks. Many powerful side-channel attacks are based on statistical methods pioneered by Paul Kocher . Attempts to break a cryptosystem by deceiving or coercing people with legitimate access are not typically called side-channel attacks: see social engineering and rubber-hose cryptanalysis . For attacks on computer systems themselves (which are often used to perform cryptography and thus contain cryptographic keys or plaintexts ), see compu ...more...

Homomorphic encryption


Homomorphic encryption is a form of encryption that allows computation on ciphertexts , generating an encrypted result which, when decrypted, matches the result of the operations as if they had been performed on the plaintext . The purpose of homomorphic encryption is to allow computation on encrypted data. Cloud computing platforms can perform difficult computations on homomorphically encrypted data without ever having access to the unencrypted data. Homomorphic encryption can also be used to securely chain together different services without exposing sensitive data. For example, services from different companies can calculate 1) the tax 2) the currency exchange rate 3) shipping, on a transaction without exposing the unencrypted data to each of those services. Homomorphic encryption can also be used to create other secure systems such as secure voting systems, collision-resistant hash functions , and private information retrieval schemes. Homomorphic encryption schemes are inherently malleable . In terms o ...more...

Export of cryptography from the United States


Export-restricted RSA encryption source code printed on a T-shirt made the T-shirt an export-restricted munition, as a freedom of speech protest against U.S. encryption export restrictions ( Back side ). Changes in the export law means that it is no longer illegal to export this T-shirt from the U.S., or for U.S. citizens to show it to foreigners. The export of cryptographic technology and devices from the United States was severely restricted by U.S. law until 1992, but was gradually eased until 2000; some restrictions still remain. Since World War II , many governments, including the U.S. and its NATO allies, have regulated the export of cryptography for national security reasons, and, as late as 1992, cryptography was on the U.S. Munitions List as an Auxiliary Military Equipment. Due to the enormous impact of cryptanalysis in World War II , these governments saw the military value in denying current and potential enemies access to cryptographic systems. Since the U.S. and U.K. believed they had better cry ...more...

Fill device


A KYK-13 fill device. A fill device or key loader is a module used to load cryptographic keys into electronic encryption machines. Fill devices are usually hand held and electronic ones are battery operated. Older mechanical encryption systems, such as rotor machines , were keyed by setting the positions of wheels and plugs from a printed keying list. Electronic systems required some way to load the necessary cryptovariable data. In the 1950s and 1960s, systems such as the U.S. National Security Agency KW-26 and the Soviet Union 's Fialka used punched cards for this purpose. Later NSA encryption systems incorporated a serial port fill connector and developed several common fill devices (CFDs) that could be used with multiple systems. A CFD was plugged in when new keys were to be loaded. Newer NSA systems allow " over the air rekeying " (OTAR), but a master key often must still be loaded using a fill device. NSA uses two serial protocols for key fill, DS-101 and DS-102 . Both employ the same U-229 6-pin connec ...more...

Substitution cipher


In cryptography , a substitution cipher is a method of encrypting by which units of plaintext are replaced with ciphertext , according to a fixed system; the "units" may be single letters (the most common), pairs of letters, triplets of letters, mixtures of the above, and so forth. The receiver deciphers the text by performing the inverse substitution. Substitution ciphers can be compared with transposition ciphers . In a transposition cipher, the units of the plaintext are rearranged in a different and usually quite complex order, but the units themselves are left unchanged. By contrast, in a substitution cipher, the units of the plaintext are retained in the same sequence in the ciphertext, but the units themselves are altered. There are a number of different types of substitution cipher. If the cipher operates on single letters, it is termed a simple substitution cipher ; a cipher that operates on larger groups of letters is termed polygraphic . A monoalphabetic cipher uses fixed substitution over the enti ...more...

Member feedback about Substitution cipher:

Folder: My Items


nk dtz fwj wjfinsl ymnx uwtujwqd ymj fsxbjw dtz fwj qttpnsl ktw yt fii yt ymj jsi tk ymj zwq rjsyntsji fgtaj nx wtrfsjrunwj

Key disclosure law


Key disclosure laws , also known as mandatory key disclosure , is legislation that requires individuals to surrender cryptographic keys to law enforcement. The purpose is to allow access to material for confiscation or digital forensics purposes and use it either as evidence in a court of law or to enforce national security interests. Similarly, mandatory decryption laws force owners of encrypted data to supply decrypted data to law enforcement. Nations vary widely in the specifics of how they implement key disclosure laws. Some, such as Australia, give law enforcement wide-ranging power to compel assistance in decrypting data from any party. Some, such as Belgium, concerned with self-incrimination , only allow law enforcement to compel assistance from non-suspects. Some require only specific third parties such as telecommunications carriers, certification providers, or maintainers of encryption services to provide assistance with decryption. In all cases, a warrant is generally required. Theory and counterme ...more...



A STU-III secure telephone (Motorola model). Crypto Ignition Key upper right. STU-III is a family of secure telephones introduced in 1987 by the NSA for use by the United States government, its contractors, and its allies. STU-III desk units look much like typical office telephones, plug into a standard telephone wall jack and can make calls to any ordinary phone user (with such calls receiving no special protection, however). When a call is placed to another STU-III unit that is properly set up, one caller can ask the other to initiate secure transmission . They then press a button on their telephones and, after a 15-second delay, their call is encrypted to prevent eavesdropping. There are portable and militarized versions and most STU-IIIs contained an internal modem and RS-232 port for data and fax transmission. Vendors were AT&T (later transferred to Lucent Technologies ), RCA (Now L-3 Communications , East) and Motorola . STU-III are no longer in service with the U.S. Government, with the last crypt ...more...

Stream cipher


A stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher digit stream ( keystream ). In a stream cipher, each plaintext digit is encrypted one at a time with the corresponding digit of the keystream, to give a digit of the ciphertext stream. Since encryption of each digit is dependent on the current state of the cipher, it is also known as state cipher . In practice, a digit is typically a bit and the combining operation an exclusive-or (XOR). The pseudorandom keystream is typically generated serially from a random seed value using digital shift registers . The seed value serves as the cryptographic key for decrypting the ciphertext stream. Stream ciphers represent a different approach to symmetric encryption from block ciphers . Block ciphers operate on large blocks of digits with a fixed, unvarying transformation. This distinction is not always clear-cut: in some modes of operation , a block cipher primitive is used in such a way that it acts effectively as a ...more...

Running key cipher


In classical cryptography , the running key cipher is a type of polyalphabetic substitution cipher in which a text, typically from a book, is used to provide a very long keystream . Usually, the book to be used would be agreed ahead of time, while the passage to be used would be chosen randomly for each message and secretly indicated somewhere in the message. Example The text used is The C Programming Language (1978 edition), and the tabula recta is the tableau. The plaintext is "Flee at once". Page 63, line 1 is selected as the running key: errors can occur in several places. A label has... The running key is then written under the plaintext: Plaintext f l e e a t o n c e Running key E R R O R S C A N O Ciphertext J C V S R L Q N P S The message is then sent as "JCVSR LQNPS". However, unlike a Vigenère cipher , if the message is extended, the key is not repeated; the key text itself is used as the key. If the message is extended, such as, "Flee at once. We are discovered", then the running key continues as b ...more...

Trusted third party


In cryptography , a trusted third party ( TTP ) is an entity which facilitates interactions between two parties who both trust the third party; the Third Party reviews all critical transaction communications between the parties, based on the ease of creating fraudulent digital content. In TTP models, the relying parties use this trust to secure their own interactions. TTPs are common in any number of commercial transactions and in cryptographic digital transactions as well as cryptographic protocols , for example, a certificate authority (CA) would issue a digital identity certificate to one of the two parties in the next example. The CA then becomes the Trusted-Third-Party to that certificates issuance. Likewise transactions that need a third party recordation would also need a third-party repository service of some kind or another. 'Trusted' means that a system need to be trusted to act in your interests. But it has the option (either at will or involuntarily) to act against your interest. 'Trusted' also me ...more...



Look up tsk in Wiktionary, the free dictionary. Tsk or TSK may refer to: The Turkish Armed Forces , (Turkish: Türk Silahlı Kuvvetleri) Traffic Security Key, used to control spread spectrum radios; see List of cryptographic key types Tiger Schulmann 's Karate, now Tiger Schulmann's Mixed Martial Arts The Sleuth Kit , collection of computer forensics-related tools ICAO code of airline Tomskavia San-in Chūō Television Broadcasting , a Japanese TV station A dental click , a sound indicating disapproval or pity Look up tsk in Wiktionary, the free dictionary. Tsk or TSK may refer to: The Turkish Armed Forces , (Turkish: Türk Silahlı Kuvvetleri) Traffic Security Key, used to control spread spectrum radios; see List of cryptographic key types Tiger Schulmann 's Karate, now Tiger Schulmann's Mixed Martial Arts The Sleuth Kit , collection of computer forensics-related tools ICAO code of airline Tomskavia San-in Chūō Television Broadcasting , a Japanese TV station A dental click , a sound indicating disapproval or pity ...more...

Neural cryptography


Neural cryptography is a branch of cryptography dedicated to analyzing the application of stochastic algorithms, especially artificial neural network algorithms, for use in encryption and cryptanalysis . Definition Neural Networks are well known for their ability to selectively explore the solution space of a given problem. This feature finds a natural niche of application in the field of cryptanalysis . At the same time, Neural Networks offer a new approach to attack ciphering algorithms based on the principle that any function could be reproduced by a neural network, which is a powerful proven computational tool that can be used to find the inverse-function of any cryptographic algorithm. The ideas of mutual learning, self learning, and stochastic behavior of neural networks and similar algorithms can be used for different aspects of cryptography, like public-key cryptography , solving the key distribution problem using neural network mutual synchronization, hashing or generation of pseudo-random numbers . ...more...

Quantum key distribution


Quantum key distribution ( QKD ) is a secure communication method which implements a cryptographic protocol involving components of quantum mechanics . It enables two parties to produce a shared random secret key known only to them, which can then be used to encrypt and decrypt messages . It is often incorrectly called quantum cryptography , as it is the best-known example of a quantum cryptographic task. An important and unique property of quantum key distribution is the ability of the two communicating users to detect the presence of any third party trying to gain knowledge of the key. This results from a fundamental aspect of quantum mechanics: the process of measuring a quantum system in general disturbs the system. A third party trying to eavesdrop on the key must in some way measure it, thus introducing detectable anomalies. By using quantum superpositions or quantum entanglement and transmitting information in quantum states , a communication system can be implemented that detects eavesdropping. If the ...more...

Lightning Network


The Lightning Network is a proposed solution to the bitcoin scalability problem . The network would use an off-chain protocol and is currently under development. It would feature a P2P system for making micropayments of digital cryptocurrency through a scale-free network of bidirectional payment channels without delegating custody of funds or trust to third parties. It is expected that normal use of the Lightning Network consists of opening a payment channel by committing a funding transaction to the relevant blockchain , followed by making any number of Lightning transactions that update the tentative distribution of the channel's funds without broadcasting to the blockchain, followed by closing the payment channel by broadcasting the final version of the transaction to distribute the channel's funds. The specification for using the Lightning Network relies on Segregated Witness (SegWit). Design The payment channels allow participants to transfer money to each other without having to make all their transacti ...more...



S/MIME ( Secure/Multipurpose Internet Mail Extensions ) is a standard for public key encryption and signing of MIME data. S/MIME is on an IETF standards track and defined in a number of documents, most importantly RFCs 3369, 3370, 3850 and 3851. It was originally developed by RSA Data Security Inc. and the original specification used the IETF MIME specification with the de facto industry standard PKCS#7 secure message format. Change control to S/MIME has since been vested in the IETF and the specification is now layered on Cryptographic Message Syntax , an IETF specification that is identical in most respects with PKCS #7. S/MIME functionality is built into the majority of modern email software and interoperates between them. Function S/MIME provides the following cryptographic security services for electronic messaging applications: Authentication Message integrity Non-repudiation of origin (using digital signatures) Privacy Data security (using encryption) S/MIME specifies the MIME type application/pkcs7-m ...more...

Elliptic Curve Digital Signature Algorithm


In cryptography , the Elliptic Curve Digital Signature Algorithm ( ECDSA ) offers a variant of the Digital Signature Algorithm (DSA) which uses elliptic curve cryptography . Key and signature-size comparison to DSA As with elliptic-curve cryptography in general, the bit size of the public key believed to be needed for ECDSA is about twice the size of the security level , in bits. For example, at a security level of 80 bits (meaning an attacker requires a maximum of about 2 80 {\displaystyle 2^{80}} operations to find the private key) the size of an ECDSA public key would be 160 bits, whereas the size of a DSA public key is at least 1024 bits. On the other hand, the signature size is the same for both DSA and ECDSA: apx. 4 t {\displaystyle 4t} bits, where t {\displaystyle t} is the security level measured in bits, that is, about 320 bits for a security level of 80 bits. Signature generation algorithm Suppose Alice wants to send a signed message to Bob . Initially, they must agree on the curve parameters ( CURV ...more...

List of hash functions


This is a list of hash functions , including cyclic redundancy checks , checksum functions, and cryptographic hash functions . Cyclic redundancy checks Name Length Type BSD checksum 16 bits CRC Checksum 32 bits CRC CRC-16 16 bits CRC CRC-32 32 bits CRC CRC-32 MPEG-2 32 bits CRC CRC-64 64 bits CRC SYSV checksum 16 bits CRC Adler-32 is often mistaken for a CRC, but it is not, it is a checksum . Checksums Name Length Type sum (Unix) 16 or 32 bits sum sum8 8 bits sum sum16 16 bits sum sum24 24 bits sum sum32 32 bits sum fletcher-4 4 bits sum fletcher-8 8 bits sum fletcher-16 16 bits sum fletcher-32 32 bits sum Adler-32 32 bits sum xor8 8 bits sum Luhn algorithm 1 decimal digit sum Verhoeff algorithm 1 decimal digit sum Damm algorithm 1 decimal digit Quasigroup operation Universal hash function families Name Length Type Zobrist hashing variable XOR universal one-way hash function tabulation hashing variable XOR Rabin fingerprint variable multiply Non-cryptographic hash functions Name Length Type Pearson hashing 8 ...more...

Related-key attack


In cryptography , a related-key attack is any form of cryptanalysis where the attacker can observe the operation of a cipher under several different keys whose values are initially unknown, but where some mathematical relationship connecting the keys is known to the attacker. For example, the attacker might know that the last 80 bits of the keys are always the same, even though they don't know, at first, what the bits are. This appears, at first glance, to be an unrealistic model; it would certainly be unlikely that an attacker could persuade a human cryptographer to encrypt plaintexts under numerous secret keys related in some way. KASUMI KASUMI is an eight round, 64-bit block cipher with a 128-bit key. It is based upon MISTY1, and was designed to form the basis of the 3G confidentiality and integrity algorithms. Mark Blunden and Adrian Escott described differential related key attacks on five and six rounds of KASUMI. Differential attacks were introduced by Biham and Shamir. Related key attacks were first ...more...

Device Keys


Device Keys play a role in the cryptographic key management procedure in the Advanced Access Content System (AACS) specification. This specification defines a method for protecting audiovisual entertainment content, including high-definition content. Introduction The AACS’s cryptographic key management procedure uses Device Keys to decrypt one or more elements of a Media Key Block (MKB), in order to extract a secret Media Key (Km). A MKB is located on the physical support (the disc) together with the content of the disc encrypted. MKB enables system renewability. The MKB is generated by AACS LA , and allows all compliant devices, each using their set of secret Device Keys, to calculate the same Media Key (Km). If a set of Device Keys is compromised in a way that threatens the integrity of the system, an updated MKB can be released that causes a device with the compromised set of Device Keys to be unable to calculate the correct Km. In this way, the compromised Device Keys are “revoked” by the new MKB. Common ...more...

Password-authenticated key agreement


In cryptography , a password-authenticated key agreement method is an interactive method for two or more parties to establish cryptographic keys based on one or more party's knowledge of a password . An important property is that an eavesdropper or man in the middle cannot obtain enough information to be able to brute force guess a password without further interactions with the parties for each (few) guesses. This means that strong security can be obtained using weak passwords. Types Password-authenticated key agreement generally encompasses methods such as: Balanced password-authenticated key exchange Augmented password-authenticated key exchange Password-authenticated key retrieval Multi-server methods Multi-party methods In the most stringent password-only security models, there is no requirement for the user of the method to remember any secret or public data other than the password. Password authenticated key exchange (PAKE) is where two or more parties, based only on their knowledge of a password, estab ...more...

Pretty Good Privacy


Pretty Good Privacy ( PGP ) is an encryption program that provides cryptographic privacy and authentication for data communication . PGP is used for signing , encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications. Phil Zimmermann developed PGP in 1991. PGP and similar software follow the OpenPGP standard ( RFC 4880 ) for encrypting and decrypting data. Design How PGP encryption works PGP encryption uses a serial combination of hashing , data compression , symmetric-key cryptography , and finally public-key cryptography ; each step uses one of several supported algorithms . Each public key is bound to a user name or an e-mail address. The first version of this system was generally known as a web of trust to contrast with the X.509 system, which uses a hierarchical approach based on certificate authority and which was added to PGP implementations later. Current versions of PGP encryption include both options through an auto ...more...

Public key certificate


Server certificate of * In cryptography , a public key certificate, also known as a digital certificate or identity certificate, is an electronic document used to prove the ownership of a public key . The certificate includes information about the key, information about the identity of its owner (called the subject), and the digital signature of an entity that has verified the certificate's contents (called the issuer). If the signature is valid, and the software examining the certificate trusts the issuer, then it can use that key to communicate securely with the certificate's subject. In email encryption , code signing , and e-signature systems, a certificate's subject is typically a person or organization. However, in Transport Layer Security (TLS) a certificate's subject is typically a computer or other device, though TLS certificates may identify organizations or individuals in addition to their core role in identifying devices. TLS, sometimes called by its older name Secure Sockets Layer ...more...

Network Security Services


In computing , Network Security Services ( NSS ) comprises a set of libraries designed to support cross-platform development of security-enabled client and server applications with optional support for hardware TLS/SSL acceleration on the server side and hardware smart cards on the client side. NSS provides a complete open-source implementation of cryptographic libraries supporting Transport Layer Security (TLS) / Secure Sockets Layer (SSL) and S/MIME . Previously tri-licensed under the Mozilla Public License 1.1, the GNU General Public License , and the GNU Lesser General Public License , NSS upgraded to GPL-compatible MPL 2.0 with release 3.14. History NSS originated from the libraries developed when Netscape invented the SSL security protocol. FIPS 140 validation and NISCC testing The NSS software crypto module has been validated five times (1997, 1999, 2002, 2007, and 2010) for conformance to FIPS 140 at Security Levels 1 and 2. NSS was the first open source cryptographic library to receive FIPS 140 vali ...more...



In cryptography , zeroisation (also spelled zeroization ) is the practice of erasing sensitive parameters (electronically stored data, cryptographic keys , and Critical Security Parameters ) from a cryptographic module to prevent their disclosure if the equipment is captured. This is generally accomplished by altering or deleting the contents to prevent recovery of the data. When encryption was performed by mechanical devices , this would often mean changing all the machine's settings to some fixed, meaningless value, such as zero . On machines with letter settings rather than numerals , the letter 'O' was often used instead. Some machines had a button or lever for performing this process in a single step. Zeroisation would typically be performed at the end of an encryption session to prevent accidental disclosure of the keys, or immediately when there was a risk of capture by an adversary. In modern software based cryptographic modules, zeroisation is made considerably more complex by issues such as virtual ...more...

Schnorr signature


In cryptography , a Schnorr signature is a digital signature produced by the Schnorr signature algorithm. Its security is based on the intractability of certain discrete logarithm problems. The Schnorr signature is considered the simplest digital signature scheme to be provably secure in a random oracle model. It is efficient and generates short signatures. It was covered by U.S. Patent 4,995,082 which expired in February 2008. Algorithm Choosing parameters All users of the signature scheme agree on a group , G {\displaystyle G} , of prime order, q {\displaystyle q} , with generator, g {\displaystyle g} , in which the discrete log problem is assumed to be hard. Typically a Schnorr group is used. All users agree on a cryptographic hash function H : { 0 , 1 } ∗ → Z q {\displaystyle H:\{0,1\}^{*}\rightarrow \mathbb {Z} _{q}} . Notation In the following, Exponentiation stands for repeated application of the group operation Juxtaposition stands for multiplication on the set of congruence classes or application o ...more...

MARS (cryptography)


MARS is a block cipher that was IBM 's submission to the Advanced Encryption Standard process . MARS was selected as an AES finalist in August 1999, after the AES2 conference in March 1999, where it was voted as the fifth and last finalist algorithm. The MARS design team included Don Coppersmith , who had been involved in the creation of the previous Data Encryption Standard (DES) twenty years earlier. The project was specifically designed to resist future advances in cryptography by adopting a layered, compartmentalized approach. IBM 's official report stated that MARS and Serpent were the only two finalists to implement any form of safety net with regard to would-be advances in cryptographic mathematics. The Twofish team made a similar statement about its cipher. MARS has a 128-bit block size and a variable key size of between 128 and 448 bits (in 32-bit increments). Unlike most block ciphers, MARS has a heterogeneous structure: several rounds of a cryptographic core are "jacketed" by unkeyed mixing rounds, ...more...

Attack model


In cryptanalysis , attack models or attack types are a classification of cryptographic attacks specifying the kind of access a cryptanalyst has to a system under attack when attempting to "break" an encrypted message (also known as ciphertext ) generated by the system. The more elaborate the access the cryptanalyst can gain, the more useful information it can extracted and utilize for breaking the system. In cryptography , a sending party uses a cipher to encrypt (transform) a secret plaintext into a ciphertext , which is sent over an insecure communication channel to the receiving party. The receiving party uses an inverse cipher to decrypt the ciphertext to obtain the plaintext. A secret knowledge is required to apply the inverse cipher to the ciphertext. This secret knowledge is usually a short number or string called a key . In a cryptographic attack a third party cryptanalyst analyzes the ciphertext to try to "break" the cipher, to read the plaintext and obtain the key so that future enciphered messages ...more...

ID-based encryption


ID-based encryption , or identity-based encryption (IBE) , is an important primitive of ID-based cryptography . As such it is a type of public-key encryption in which the public key of a user is some unique information about the identity of the user (e.g. a user's email address). This means that a sender who has access to the public parameters of the system can encrypt a message using e.g. the text-value of the receiver's name or email address as a key. The receiver obtains its decryption key from a central authority, which needs to be trusted as it generates secret keys for every user. ID-based encryption was proposed by Adi Shamir in 1984. He was however only able to give an instantiation of identity-based signatures . Identity-based encryption remained an open problem for many years. The pairing -based Boneh–Franklin scheme and Cocks's encryption scheme based on quadratic residues both solved the IBE problem in 2001. Usage Identity-based systems allow any party to generate a public key from a known identi ...more...

Commitment scheme


A commitment scheme is a cryptographic primitive that allows one to commit to a chosen value (or chosen statement) while keeping it hidden to others, with the ability to reveal the committed value later. Commitment schemes are designed so that a party cannot change the value or statement after they have committed to it: that is, commitment schemes are binding. Commitment schemes have important applications in a number of cryptographic protocols including secure coin flipping , zero-knowledge proofs , and secure computation . A way to visualize a commitment scheme is to think of a sender as putting a message in a locked box, and giving the box to a receiver. The message in the box is hidden from the receiver, who cannot open the lock themselves. Since the receiver has the box, the message inside cannot be changed—merely revealed if the sender chooses to give them the key at some later time. Interactions in a commitment scheme take place in two phases: the commit phase during which a value is chosen and specif ...more...



In cryptography , RC4 (Rivest Cipher 4 also known as ARC4 or ARCFOUR meaning Alleged RC4, see below) is a stream cipher . While remarkable for its simplicity and speed in software, multiple vulnerabilities have been discovered in RC4, rendering it insecure. It is especially vulnerable when the beginning of the output keystream is not discarded, or when nonrandom or related keys are used. Particularly problematic uses of RC4 have led to very insecure protocols such as WEP . As of 2015, there is speculation that some state cryptologic agencies may possess the capability to break RC4 when used in the TLS protocol . IETF has published RFC 7465 to prohibit the use of RC4 in TLS; Mozilla and Microsoft have issued similar recommendations. A number of attempts have been made to strengthen RC4, notably Spritz, RC4A, VMPC , and RC4 . History RC4 was designed by Ron Rivest of RSA Security in 1987. While it is officially termed "Rivest Cipher 4", the RC acronym is alternatively understood to stand for "Ron's Code" (se ...more...



A codebook is a type of document used for gathering and storing codes. Originally codebooks were often literally books , but today codebook is a byword for the complete record of a series of codes, regardless of physical format. Cryptography In cryptography , a codebook is a document used for implementing a code . A codebook contains a lookup table for coding and decoding; each word or phrase has one or more strings which replace it. To decipher messages written in code, corresponding copies of the codebook must be available at either end. The distribution and physical security of codebooks presents a special difficulty in the use of codes, compared to the secret information used in ciphers , the key , which is typically much shorter. The United States National Security Agency documents sometimes use codebook to refer to block ciphers ; compare their use of combiner-type algorithm to refer to stream ciphers . A codebook is usually made in two parts, one part being for converting plaintext to ciphertext, the o ...more...

Content Protection for Recordable Media


Content Protection for Recordable Media and Pre-Recorded Media ( CPRM/CPPM ) is a mechanism for controlling the copying, moving and deletion of digital media on a host device, such as a personal computer, or other player. It is a form of digital rights management (DRM) developed by The 4C Entity , LLC (consisting of IBM , Intel , Matsushita and Toshiba ). The CPRM/CPPM Specification defines a renewable cryptographic method for protecting entertainment content when recorded on physical media. The currently implemented method utilizes the Cryptomeria cipher (C2) algorithm for symmetric encryption. The types of physical media supported include, but are not limited to, recordable DVD media and flash memory (note that the available 0.9 revision includes only the portions of the specification covering DVD media). The most widespread use of CPRM is arguably in Secure Digital cards. The CPRM/CPPM Specification was designed to meet the robustness and renewability requirements of content owners while balancing the impl ...more...

Advantage (cryptography)


In cryptography , an adversary's advantage is a measure of how successfully it can attack a cryptographic algorithm , by distinguishing it from an idealized version of that type of algorithm. Note that in this context, the " adversary " is itself an algorithm and not a person . A cryptographic algorithm is considered secure if no adversary has a non-negligible advantage, subject to specified bounds on the adversary's computational resources (see concrete security ). "Negligible" usually means "within O (2 )" where p is a security parameter associated with the algorithm. For example, p might be the number of bits in a block cipher's key . Description of concept Let F be an oracle for the function being studied, and let G be an oracle for an idealized function of that type. The adversary A is a probabilistic algorithm given F or G as input and which outputs 1 or 0. A's job is to distinguish F from G based on making queries to the oracle that it's given. We say: A d v ( A ) = | Pr [ A ( F ) = 1 ] − Pr [ A ( G ) ...more...



The same image viewed by white, blue, green and red lights reveals different hidden numbers. Steganography (  (   listen ) STEG -ə- NOG -rə-fee ) is the practice of concealing a file, message, image, or video within another file, message, image, or video. The word steganography combines the Greek words steganos ( στεγανός ), meaning "covered, concealed, or protected," and graphein ( γράφειν ) meaning "writing". The first recorded use of the term was in 1499 by Johannes Trithemius in his Steganographia , a treatise on cryptography and steganography, disguised as a book on magic. Generally, the hidden messages appear to be (or be part of) something else: images, articles, shopping lists, or some other cover text. For example, the hidden message may be in invisible ink between the visible lines of a private letter. Some implementations of steganography that lack a shared secret are forms of security through obscurity , and key-dependent steganographic schemes adhere to Kerckhoffs's principle . The advantage of s ...more...

Pigpen cipher


The pigpen cipher uses graphical symbols assigned according to a key similar to the above diagram. The pigpen cipher (alternately referred to as the masonic cipher , Freemason's cipher , Napoleon cipher , and tic-tac-toe cipher ) is a geometric simple substitution cipher, which exchanges letters for symbols which are fragments of a grid. The example key shows one way the letters can be assigned to the grid. Security The use of symbols instead of letters is no impediment to cryptanalysis , and this system is identical to that of other simple monoalphabetic substitution schemes. Due to the simplicity of the cipher, it is often included in children's books on ciphers and secret writing. History Cornelius Agrippa described an early form of the Rosicrucian cipher which he attributes to an existing Kabbalistic tradition in Three Books of Occult Philosophy , first published in 1531. This system, which used Hebrew alphabet rather than the Latin alphabet , was used for creating sigils of spirits rather than for any ...more...



ssh-keygen is a standard component of the Secure Shell (SSH) protocol suite found on Unix and Unix-like computer systems used to establish secure shell sessions between remote computers over insecure networks , through the use of various cryptographic techniques. The ssh-keygen utility is used to generate, manage, and convert authentication keys. ssh-keygen is able to generate a key using one of three different digital signature algorithms. With the help of the ssh-keygen tool, a user can create passphrase keys for any of these key types (to provide for unattended operation, the passphrase can be left empty, at increased risk). These keys differ from keys used by the related tool GNU Privacy Guard . Key formats supported Originally, with SSH protocol version 1 (now deprecated) only the RSA algorithm was supported. As of 2016, RSA is still considered strong, but the recommended key length has increased over time. The SSH protocol version 2 additionally introduced support for the DSA algorithm. As the DSA algor ...more...

Software token


A software token (a.k.a. soft token) is a type of two-factor authentication security device that may be used to authorize the use of computer services. Software tokens are stored on a general-purpose electronic device such as a desktop computer , laptop , PDA , or mobile phone and can be duplicated. (Contrast hardware tokens , where the credentials are stored on a dedicated hardware device and therefore cannot be duplicated (absent physical invasion of the device).) Because software tokens are something one does not physically possess, they are exposed to unique threats based on duplication of the underlying cryptographic material - for example, computer viruses and software attacks. Both hardware and software tokens are vulnerable to bot-based man-in-the-middle attacks , or to simple phishing attacks in which the one-time password provided by the token is solicited, and then supplied to the genuine website in a timely manner. Software tokens do have benefits: there is no physical token to carry, they do not ...more...

Digital signature forgery


In a cryptographic digital signature or MAC system, digital signature forgery is the ability to create a pair consisting of a message, m {\displaystyle m} , and a signature (or MAC), σ {\displaystyle \sigma } , that is valid for m {\displaystyle m} , where m {\displaystyle m} has not been signed in the past by the legitimate signer. There are three types of forgery: existential, selective, and universal. Types Besides the following attacks, there is also a total break: when adversary can compute the signer's private key and therefore forge any possible signature on any message. Existential forgery (existential unforgeability, EUF) Existential forgery is the creation (by an adversary) of at least one message/signature pair, ( m , σ ) {\displaystyle (m,\sigma )} , where σ {\displaystyle \sigma } was not produced by the legitimate signer. The adversary need not have any control over m {\displaystyle m} ; m {\displaystyle m} need not have any particular meaning; the message content is irrelevant — as long as the ...more...

Identity-based conditional proxy re-encryption


Identity-based conditional proxy re-encryption ( IBCPRE ) is a type of proxy re-encryption (PRE) scheme in the identity-based public key cryptographic setting . An IBCPRE scheme is a natural extension of proxy re-encryption on two aspects. The first aspect is to extend the proxy re-encryption notion to the identity-based public key cryptographic setting. The second aspect is to extend the feature set of proxy re-encryption to support conditional proxy re-encryption. By conditional proxy re-encryption, a proxy can use an IBCPRE scheme to re-encrypt a ciphertext but the ciphertext would only be well-formed for decryption if a condition applied onto the ciphertext together with the re-encryption key is satisfied. This allows fine-grained proxy re-encryption and can be useful for applications such as secure sharing over encrypted cloud data storage. Introduction A public-key encryption scheme allows anyone who has the public key of a receiver to encrypt messages to the receiver using the public key in such a way ...more...

Next Page
Javascript Version
Revolvy Server