Cryptography: Wikis

  
  
  
  

Did you know ...


More interesting facts on Cryptography

Include this on your site/blog:

Encyclopedia

From Wikipedia, the free encyclopedia

German Lorenz cipher machine, used in World War II to encrypt very-high-level general staff messages
.Cryptography (or cryptology; from Greek κρυπτός, kryptos, "hidden, secret"; and γράφω, gráphō, "I write", or -λογία, -logia, respectively)[1] is the practice and study of hiding information.^ The basic functionality of cryptography is to hide information.
  • Public Key Cryptography 10 February 2010 13:51 UTC www.acm.org [Source type: Academic]

^ Steganography is the study of techniques for hiding a secret message within an apparently innocent message.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Cryptology ("the study of secrets", from the Greek) is the more general term encompassing both cryptography and cryptanalysis.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.Modern cryptography intersects the disciplines of mathematics, computer science, and engineering.^ High on the list of such venues is England's Bletchley Park, considered by many to be the home of modern cryptography and computing.
  • An Introduction to Cryptography 10 February 2010 13:51 UTC www.isaca.org [Source type: FILTERED WITH BAYES]

^ The Crypto Reading Group is under the auspices of the NYU Cryptography Group , which is part of the NYU Computer Science Department .
  • NYU Cryptography Seminar 10 February 2010 13:51 UTC www.cs.nyu.edu [Source type: Academic]

^ Since then the emphasis has shifted, and cryptography now makes extensive use of mathematics, primarily information theory , computational complexity , abstract algebra , and number theory .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.Applications of cryptography include ATM cards, computer passwords, and electronic commerce.^ With the spread of computers and electronic communication systems in recent decades, cryptography has become much more broadly important.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ In many applications, public keys are widely published — on the net, in the phonebook, on business cards, on key server computers which provide an index of public keys.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Banks use cryptography to identify their customers for ATM transactions and to secure messages between the ATM and the bank's computers.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

Contents

Terminology

.Until modern times cryptography referred almost exclusively to encryption, which is the process of converting ordinary information (plaintext) into unintelligible gibberish (i.e., ciphertext).^ For decryption, the process is reversed to turn ciphertext back into plaintext.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ The original text, or "plaintext", is converted into a coded equivalent called "ciphertext" via an encryption algorithm.
  • Cryptography in Asp.net 10 February 2010 13:51 UTC www.c-sharpcorner.com [Source type: FILTERED WITH BAYES]

^ Ciphers operate at a lower level than codes, using a mathematical operation to convert understandable plaintext into unintelligible ciphertext .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

[2] .Decryption is the reverse, in other words, moving from the unintelligible ciphertext back to plaintext.^ For decryption, the process is reversed to turn ciphertext back into plaintext.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ The process of reverting ciphertext to its original plaintext is called decryption .
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

^ If, for instance, corresponding plaintext and ciphertext are known, any choice of decryption key that does not give the correct plaintext for all the corresponding ciphertext cannot possibly be the correct key.
  • An Introduction to Cryptography 10 February 2010 13:51 UTC www.isaca.org [Source type: FILTERED WITH BAYES]

.A cipher (or cypher) is a pair of algorithms that create the encryption and the reversing decryption.^ A cipher (or cypher ) is a system of algorithms for encryption and decryption.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ A cryptographic algorithm, or cipher, is a mathematical function used in the encryption and decryption process.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

^ In a public key system, keys are created in matched pairs, such that when one of a pair is used to encrypt, the other must be used to decrypt .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.The detailed operation of a cipher is controlled both by the algorithm and in each instance by a key.^ The exact operation of a cipher is controlled by a key , which is a secret parameter for the cipher algorithm.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ A stream cipher encrypts a stream of input data by combining it with a pseudo-random stream of data; the pseudo-random stream is generated under control of the encryption key.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ In both cases, the algorithm is to offset the alphabet and the key is the number of characters to offset it.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

.This is a secret parameter (ideally known only to the communicants) for a specific message exchange context.^ Key distribution/exchange : In a two-party communication, the key must remain secret and must be known to both the sender and receiver before the transaction.
  • Public Key Cryptography 10 February 2010 13:51 UTC www.acm.org [Source type: Academic]

^ Because Bob's private key is known only to Bob, he could only have encrypted the message r if the comparison at Alice's end was successful.
  • Public Key Cryptography 10 February 2010 13:51 UTC www.acm.org [Source type: Academic]

^ Because Bob's private key is known only to Bob, an eavesdropper, Eve, listening to the transaction can only get the encrypted message, but not the key k .
  • Public Key Cryptography 10 February 2010 13:51 UTC www.acm.org [Source type: Academic]

.Keys are important, as ciphers without variable keys can be trivially broken with only the knowledge of the cipher used and are therefore less than useful for most purposes.^ Knowledge of the public key is only useful for verifying the signature.
  • An intro to Elliptical Curve Cryptography 10 February 2010 13:51 UTC www.deviceforge.com [Source type: FILTERED WITH BAYES]

^ Various mechanical contrivances have been used to move the different rotors by different amounts, but the important point here is that the result is a complex and changing network designed to defy cryptanalysis.
  • Cryonics and Cryptography 10 February 2010 13:51 UTC www.alcor.org [Source type: FILTERED WITH BAYES]

^ And since Bill is the only one who has his private key, no one other than Bill (and anybody else who he authorizes to use his private key) can read the encrypted message that I have sent to him.

.Historically, ciphers were often used directly for encryption or decryption without additional procedures such as authentication or integrity checks.^ B uses his/her copy of the CA's public key to check the signature on CERTA and, provided it agrees, now has an authentic copy of A 's public key.
  • An Introduction to Cryptography 10 February 2010 13:51 UTC www.isaca.org [Source type: FILTERED WITH BAYES]

^ Data integrity for a message can be assured using an authentication algorithm and a secret key.
  • An Introduction to Cryptography 10 February 2010 13:51 UTC www.isaca.org [Source type: FILTERED WITH BAYES]

^ The card is authenticated to the ATM by using a PIN. However, the cardholder has to use noncryptographic means, such as the location and design of the ATM, to be convinced that the ATM is genuine.
  • An Introduction to Cryptography 10 February 2010 13:51 UTC www.isaca.org [Source type: FILTERED WITH BAYES]

.In colloquial use, the term "code" is often used to mean any method of encryption or concealment of meaning.^ In common usage, the term " code " is often used to mean any method of encryption or meaning-concealment.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ The discipline which embodies principles, means and methods for the transformation of data in order to hide its information content, prevent its undetected modification, or prevent its unauthorized use.
  • Cryptography in Asp.net 10 February 2010 13:51 UTC www.c-sharpcorner.com [Source type: FILTERED WITH BAYES]

^ You can use their encryption key — which means it's recoverable: they have a backdoor if you loose lose it, or if someone else turns up with a subpoena — or you can grow your own.
  • Discourse.net: Cryptography Archives 10 February 2010 13:51 UTC www.discourse.net [Source type: General]

.However, in cryptography, code has a more specific meaning.^ This process of translating data into a code that makes it more difficult for unauthorized users to read is called encryption , or cryptography .

^ Each code word or code phrase carries a specific meaning.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ In cryptography, however, code is more specific, meaning a linguistic procedure which replaces a unit of plain text with a code word or code phrase.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.It means the replacement of a unit of plaintext (i.e., a meaningful word or phrase) with a code word (for example, apple pie replaces attack at dawn).^ Each code word or code phrase carries a specific meaning.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ For example, in a monoalphabetic substitution cipher where each letter in the plaintext is replaced by a letter in the ciphertext which is the same each time, a simple analysis of a sizeable portion of ciphertext can be used to retrieve most of the plaintext.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ N.B. Ciphers, as in the case of codes, also replace a piece of information (an element of the plaintext that may consist of a letter or word or string of symbols) with another object.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.Codes are no longer used in serious cryptography—except incidentally for such things as unit designations (e.g., Bronco Flight or Operation Overlord)—since properly chosen ciphers are both more practical and more secure than even the best codes and also are better adapted to computers.^ If the codes are not re-used or foolishly chosen (e,g.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ The length of the key determines the codes security level the longer the key, the more secure the code.

^ Both cryptography and cryptoanalysis have become far more mathematical since WWII. Even so, it has taken the wide availability of computers and the Internet as a communications medium, to bring effective cryptography into common use by anyone other than national governments or similarly large enterprises.
  • Cryptography - GHN 10 February 2010 13:51 UTC www.ieeeghn.org [Source type: FILTERED WITH BAYES]

.Some use the terms cryptography and cryptology interchangeably in English, while others (including US military practice generally) use cryptography to refer specifically to the use and practice of cryptographic techniques and cryptology to refer to the combined study of cryptography and cryptanalysis.^ Some of the techniques are the same as those used in other cryptography but the goal is quite different.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Cryptology ("the study of secrets", from the Greek) is the more general term encompassing both cryptography and cryptanalysis.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Cryptology embraces both cryptography and cryptanalysis.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

[3][4] .English is more flexible than several other languages in which cryptology (done by cryptologists) is always used in the second sense above.^ The use of encryption on stored data, however, does not by itself suggest people are anything other than prudent.
  • Discourse.net: Cryptography Archives 10 February 2010 13:51 UTC www.discourse.net [Source type: General]

^ Historically, for encrypting elements of a plaintext made up of more than a single letter only digraphs (two successive letters) have ever been used.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ RSA Data Security is coordinating the S/Wan (Secure Wide Area Network) project among more than a dozen vendors who use these protocols.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

.In the English Wikipedia the general term used for the entire field is cryptography (done by cryptographers).^ The most commonly used finite field in cryptography is F p (the combination of Z n and Z p * ).
  • Public Key Cryptography 10 February 2010 13:51 UTC www.acm.org [Source type: Academic]

^ Licenses for the manufacture and use of our patented encryption technologies, Information to help everyone understand our technology, and Consulting services in cryptography and surrounding fields.
  • Ciphers By Ritter: Cryptography and Technology 10 February 2010 13:51 UTC ciphersbyritter.com [Source type: Academic]

^ Use BigInteger.probablePrime for primality testing and SecureRandom to generate cryptographically secure pseudorandom numbers.

The study of characteristics of languages which have some application in cryptography (or cryptology), i.e. frequency data, letter combinations, universal patterns, etc., is called cryptolinguistics.

History of cryptography and cryptanalysis

.Before the modern era, cryptography was concerned solely with message confidentiality (i.e., encryption)—conversion of messages from a comprehensible form into an incomprehensible one and back again at the other end, rendering it unreadable by interceptors or eavesdroppers without secret knowledge (namely the key needed for decryption of that message).^ Knowledge of the decryption key would enable him to deduce the message.
  • An Introduction to Cryptography 10 February 2010 13:51 UTC www.isaca.org [Source type: FILTERED WITH BAYES]

^ It's the key that will decrypt the secret data.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

^ In conventional cryptography, also called secret-key or symmetric-key encryption, one key is used both for encryption and decryption.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

.Encryption was used to (attempt to) ensure secrecy in communications, such as those of spies, military leaders, and diplomats.^ Until quite recently, cryptography was primarily a concern of governments, especially of the military, of spies, and of diplomats.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ Although field cipher systems such as the U.S. Signal Corps cipher disk lacked sophistication some complicated cipher systems were used for high-level communications by the end of the war.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ When people think about encryption they tend to think about vast computer banks processing military and diplomatic communications, or a world war two rotor cipher machine slowly deciphering an order.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.In recent decades, the field has expanded beyond confidentiality concerns to include techniques for message integrity checking, sender/receiver identity authentication, digital signatures, interactive proofs and secure computation, among others.^ Authentication: confirm identity of sender.

^ A digital signature is a cryptographic checksum that can be appended to a message to assure the receiver of the identity of the sender and that the message has not been altered in transit.
  • An Introduction to Cryptography 10 February 2010 13:51 UTC www.isaca.org [Source type: FILTERED WITH BAYES]

^ Digital Signatures are used to verify and identity of the sender and ensure data integrity.
  • Cryptography in Asp.net 10 February 2010 13:51 UTC www.c-sharpcorner.com [Source type: FILTERED WITH BAYES]

Classic cryptography

Reconstructed ancient Greek scytale (rhymes with "Italy"), an early cipher device
.The earliest forms of secret writing required little more than local pen and paper analogs, as most people could not read.^ Gauls of that region could not read.  During the middle ages the most .
  • cryptography-msg 10 February 2010 13:51 UTC www.florilegium.org [Source type: FILTERED WITH BAYES]

^ They say that a secret is not a secret if it is known to more than one person.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

^ Some people tend to use signatures more than they use encryption.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

More literacy, or literate opponents, required actual cryptography. .The main classical cipher types are transposition ciphers, which rearrange the order of letters in a message (e.g., 'hello world' becomes 'ehlol owrdl' in a trivially simple rearrangement scheme), and substitution ciphers, which systematically replace letters or groups of letters with other letters or groups of letters (e.g., 'fly at once' becomes 'gmz bu podf' by replacing each letter with the one following it in the Latin alphabet).^ The simple substitution cipher was once described as utterly unbreakable[1].
  • Cryonics and Cryptography 10 February 2010 13:51 UTC www.alcor.org [Source type: FILTERED WITH BAYES]

^ Pierre Abbat: Three other ways to transform one Latin square into another....
  • Ciphers By Ritter: Cryptography and Technology 10 February 2010 13:51 UTC ciphersbyritter.com [Source type: Academic]

^ If we assign the letters A through Z to the contacts on one face, and do the same to the contacts on the other face, then connecting the "P" on one face to a battery might make a voltage appear on (for example) the "H" on the other face.
  • Cryonics and Cryptography 10 February 2010 13:51 UTC www.alcor.org [Source type: FILTERED WITH BAYES]

Simple versions of either offered little confidentiality from enterprising opponents, and still do. .An early substitution cipher was the Caesar cipher, in which each letter in the plaintext was replaced by a letter some fixed number of positions further down the alphabet.^ Caesar ciphers (like rot-13) or book substitution .
  • cryptography-msg 10 February 2010 13:51 UTC www.florilegium.org [Source type: FILTERED WITH BAYES]

^ David Hopwood: "It would also be a weakness in the cipher if it were possible, given some subset of the plaintext/ciphertext pairs, to find other plaintext/ciphertext pairs...."
  • Ciphers By Ritter: Cryptography and Technology 10 February 2010 13:51 UTC ciphersbyritter.com [Source type: Academic]

^ For example, if we encode the word "SECRET" using Caesar's key value of 3, we offset the alphabet so that the 3rd letter down (D) begins the alphabet.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

.It was named after Julius Caesar who is reported to have used it, with a shift of 3, to communicate with his generals during his military campaigns, just like EXCESS-3 code in boolean algebra.^ Also if a code is used many times, an enemy is quite likely to work out that "John" means "dawn" or whatever; there is no long-term security.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ It is provided to demonstrate that this computation can be done using just VB6 code.
  • Cryptography Software Code in Visual Basic and C 10 February 2010 13:51 UTC www.di-mgt.com.au [Source type: Reference]

^ Even in the military, where cryptography has been important since the time of Julius Caesar , the range of uses is growing as new computing and communication systems come into play.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

There is record of several early Hebrew ciphers as well. .The earliest known use of cryptography is some carved ciphertext on stone in Egypt (ca 1900 BC), but this may have been done for the amusement of literate observers.^ Some of the techniques are the same as those used in other cryptography but the goal is quite different.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Many nations restrict the export of cryptography and some restrict its use by their citizens or others within their borders.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ Until the 1970s, all (publicly known) cryptosystems used secret key or symmetric key cryptography methods.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

The next oldest is bakery recipes from Mesopotamia.
Cryptography is recommended in the Kama Sutra as a way for lovers to communicate without inconvenient discovery.[5] .Steganography (i.e., hiding even the existence of a message so as to keep it confidential) was also first developed in ancient times.^ Moreover, someone in your organisation (or on contract to it) needs to spend considerable time keeping up with new developments.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ Steganography is the study of techniques for hiding a secret message within an apparently innocent message.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Anyone wanting to send confidential, or maybe even just personal, messages via e-mail needs to find some other means of protecting them.
  • An Introduction to Cryptography 10 February 2010 13:51 UTC www.isaca.org [Source type: FILTERED WITH BAYES]

An early example, from Herodotus, concealed a message—a tattoo on a slave's shaved head—under the regrown hair.[2] .More modern examples of steganography include the use of invisible ink, microdots, and digital watermarks to conceal information.^ For more information, see: Steganography .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ For more information, see: Digital signature .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ URL ) Steganography software (COTSE) Steganos WetStone Technologies "Coded Communications" (McGrath, Newsweek/MSNBC, 9/21/2001) Digital Invisible Ink Toolkit spam mimic OutGuess (N. Provos) SpyHunter stego page (M. Raggo) Workshop on Information Hiding: 2004 (6th) (includes links to prior workshops) .

.Ciphertexts produced by a classical cipher (and some modern ciphers) always reveal statistical information about the plaintext, which can often be used to break them.^ A cipher takes as input a key and plaintext, and produces ciphertext as output.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ John Young runs a very useful, important, but edgy (some would say over the edge) service at Cryptome.org , which I wrote about in Cryptome: Often Heroic, but Sometimes Creepy .
  • Discourse.net: Cryptography Archives 10 February 2010 13:51 UTC www.discourse.net [Source type: General]

^ Differential Cryptanalysis: A Literature Survey (35K) Differential Cryptanalysis has been used to "break" or at least "bend" a whole list of ciphers.
  • Ciphers By Ritter: Cryptography and Technology 10 February 2010 13:51 UTC ciphersbyritter.com [Source type: Academic]

.After the discovery of frequency analysis perhaps by the Arab mathematician and polymath, Al-Kindi (also known as Alkindus), in the 9th century, nearly all such ciphers became more or less readily breakable by any informed attacker.^ Most such ciphers fall to frequency analysis, often on short .
  • cryptography-msg 10 February 2010 13:51 UTC www.florilegium.org [Source type: FILTERED WITH BAYES]

^ The most fearsome attacker is one with strong motivation, large resources, and few scruples; such an attacker will learn all the other details sooner or later.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ An attacker might try an exhaustive key search, trying all possibilities, to determine this key, and the only defence against such a search is to have sufficient keys to deter would-be attackers.
  • An Introduction to Cryptography 10 February 2010 13:51 UTC www.isaca.org [Source type: FILTERED WITH BAYES]

.Such classical ciphers still enjoy popularity today, though mostly as puzzles (see cryptogram).^ Modern ciphers are generally algorithms which can run on any general purpose computer, though there are exceptions such as Solitaire designed for manual use.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Though it is still in the experimental stage, we hope to see a lot of it in future.
  • Public Key Cryptography 10 February 2010 13:51 UTC www.acm.org [Source type: Academic]

16th-century book-shaped French cipher machine, with arms of Henri II of France
Enciphered letter from Gabriel de Luetz d'Aramon, French Ambassador to the Ottoman Empire, after 1546, with partial decipherment
.Essentially all ciphers remained vulnerable to cryptanalysis using this technique until the development of the polyalphabetic cipher, most clearly by Leon Battista Alberti around the year 1467, though there is some indication that it was known to Al-Kindi.^ And having Equifax (and anyone else using it) revoking all existing certs based on this now vulnerable hash.
  • Discourse.net: Cryptography Archives 10 February 2010 13:51 UTC www.discourse.net [Source type: General]

^ Some of the techniques are the same as those used in other cryptography but the goal is quite different.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ It is possible, though, that there may be a time period between CRLs in which a newly compromised certificate is used.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

[6] .Alberti's innovation was to use different ciphers (i.e., substitution alphabets) for various parts of a message (perhaps for each successive plaintext letter at the limit).^ The Efficient Generation of Cryptographic Confusion Sequences (1991) (168K) : A survey of the various techniques used to build the running-key "confusion" generators used in stream ciphers.
  • Ciphers By Ritter: Cryptography and Technology 10 February 2010 13:51 UTC ciphersbyritter.com [Source type: Academic]

^ Stream Ciphers Using Variable Amounts of RNG State (2001) (74K) Can a newbie with an idea get a fair reception on sci.crypt?
  • Ciphers By Ritter: Cryptography and Technology 10 February 2010 13:51 UTC ciphersbyritter.com [Source type: Academic]

^ Mixing Ciphers: Using Balanced Block Mixing Scalable and fast block cipher designs with guaranteed diffusion and dynamically variable block size in power-of-2 steps.
  • Ciphers By Ritter: Cryptography and Technology 10 February 2010 13:51 UTC ciphersbyritter.com [Source type: Academic]

.He also invented what was probably the first automatic cipher device, a wheel which implemented a partial realization of his invention.^ In general, stream ciphers are faster than block ciphers, and some of them are very easy to implement in hardware; this makes them attractive for dedicated devices.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ MA> This "slip wheel" is actually the cipher disk invented, to .
  • cryptography-msg 10 February 2010 13:51 UTC www.florilegium.org [Source type: FILTERED WITH BAYES]

.In the polyalphabetic Vigenère cipher, encryption uses a key word, which controls letter substitution depending on which letter of the key word is used.^ A stream cipher encrypts a stream of input data by combining it with a pseudo-random stream of data; the pseudo-random stream is generated under control of the encryption key.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ The exact operation of a cipher is controlled by a key , which is a secret parameter for the cipher algorithm.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ When used for content confidentiality , the public key is typically used for encryption, while the private key is used for decryption.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.In the mid 1800s Charles Babbage showed that polyalphabetic ciphers of this type remained partially vulnerable to extended frequency analysis techniques.^ Most such ciphers fall to frequency analysis, often on short .
  • cryptography-msg 10 February 2010 13:51 UTC www.florilegium.org [Source type: FILTERED WITH BAYES]

^ Attacks on them used techniques based largely on linguistic analysis, such as frequency counting; see cryptanalysis .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

[2]
.Although frequency analysis is a powerful and general technique against many ciphers, encryption has still been often effective in practice; many a would-be cryptanalyst was unaware of the technique.^ Most such ciphers fall to frequency analysis, often on short .
  • cryptography-msg 10 February 2010 13:51 UTC www.florilegium.org [Source type: FILTERED WITH BAYES]

^ A stream cipher encrypts a stream of input data by combining it with a pseudo-random stream of data; the pseudo-random stream is generated under control of the encryption key.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ One would think, then, that strong cryptography would hold up rather well against even an extremely determined cryptanalyst.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

.Breaking a message without using frequency analysis essentially required knowledge of the cipher used and perhaps of the key involved, thus making espionage, bribery, burglary, defection, etc., more attractive approaches to the cryptanalytically uninformed.^ Decryption of Mary Stuart's encrypted letters revealed her intent to assassinate Elizabeth I. In the 1800s, Edgar Allen Poe boasted that he could break anyone's cypher using frequency analysis.

^ And since Bill is the only one who has his private key, no one other than Bill (and anybody else who he authorizes to use his private key) can read the encrypted message that I have sent to him.

^ This works much like a stream cipher, but it does not need to generate a pseudo-random stream because its key is a truly random stream as long as the message .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.It was finally explicitly recognized in the 19th century that secrecy of a cipher's algorithm is not a sensible nor practical safeguard of message security; in fact, it was further realized that any adequate cryptographic scheme (including ciphers) should remain secure even if the adversary fully understands the cipher algorithm itself.^ AU6160 ISBN: 9781420061604 Publication Date: April 09, 2009 Binding: Hardback A How-to Guide for Implementing Algorithms and ProtocolsAddressing real-world implementation issues, Understanding and Applying Cryptography and Data Security emphasizes cryptographic algorithm and protocol implementation in hardware, software, and embedded systems.
  • CRC Press Online - Book: Handbook of Applied Cryptography 10 February 2010 13:51 UTC www.crcpress.com [Source type: Academic]

^ ETSI Security Algorithms Cryptography and Braid Groups David Hopwood's Standard Cryptographic Algorithm Naming Pages (including lots of algorithm details) Weaknesses in hash functions: "Finding Collisions in the Full SHA-1" (Wang et al.

^ When assessing the security level offered by a cryptographic system, it is considered good practice to assume that the attacker has complete knowledge of the system, including details of the algorithm.
  • An Introduction to Cryptography 10 February 2010 13:51 UTC www.isaca.org [Source type: FILTERED WITH BAYES]

.Security of the key used should alone be sufficient for a good cipher to maintain confidentiality under an attack.^ He can reply securely using her public key.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ In accordance with Kerckhoffs' Principle , a cryptosystem cannot be considered secure unless it remains safe even when the attacker knows all details except the key in use.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ The security of a cryptosystem should not depend on keeping the algorithm secret, but only on keeping the numeric key secret.

This fundamental principle was first explicitly stated in 1883 by Auguste Kerckhoffs and is generally called Kerckhoffs' principle; alternatively and more bluntly, it was restated by Claude Shannon, the inventor of information theory and the fundamentals of theoretical cryptography, as Shannon's Maxim—'the enemy knows the system'.
.Different physical devices and aids have been used to assist with ciphers.^ Historically, many ciphers were done with pencil and paper but various mechanical and electronic devices were also used.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.One of the earliest may have been the scytale of ancient Greece, a rod supposedly used by the Spartans as an aid for a transposition cipher (see image above).^ Dynamic Transposition Revisited Again (2001) (40K) A block cipher based on transposition, using stream cipher techniques, generates a perfect secrecy transformation on a block-by-block basis.
  • Ciphers By Ritter: Cryptography and Technology 10 February 2010 13:51 UTC ciphersbyritter.com [Source type: Academic]

.In medieval times, other aids were invented such as the cipher grille, which was also used for a kind of steganography.^ Modern ciphers are generally algorithms which can run on any general purpose computer, though there are exceptions such as Solitaire designed for manual use.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ In a public key system, keys are created in matched pairs, such that when one of a pair is used to encrypt, the other must be used to decrypt .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ The only reason there has ever been for anyone to use such ciphers is that government agencies want weak ciphers used so that they can crack them.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

With the invention of polyalphabetic ciphers came more sophisticated aids such as Alberti's own cipher disk, Johannes Trithemius' tabula recta scheme, and Thomas Jefferson's multi-cylinder (not publicly known, and reinvented independently by Bazeries around 1900). .Many mechanical encryption/decryption devices were invented early in the 20th century, and several patented, among them rotor machines—famously including the Enigma machine used by the German government and military from the late '20s and during World War II.^ MLE has been applied to World War II rotor machines[2].
  • Cryonics and Cryptography 10 February 2010 13:51 UTC www.alcor.org [Source type: FILTERED WITH BAYES]

^ The German Enigma, to which the Nazis war machine trusted its most sensitive secrets, was broken by the Allies despite Nazis scientist's opinion that it was unbreakable[1].
  • Cryonics and Cryptography 10 February 2010 13:51 UTC www.alcor.org [Source type: FILTERED WITH BAYES]

^ Various machines were also used for cryptanalysis , the most famous example being the British ULTRA project during the Second World War which made extensive use of mechanical and electronic devices in cracking German ciphers.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

[7] The ciphers implemented by better quality examples of these machine designs brought about a substantial increase in cryptanalytic difficulty after WWI.[8]

The computer era

The development of digital computers and electronics after WWII made possible much more complex ciphers. .Furthermore, computers allowed for the encryption of any kind of data representable in any binary format, unlike classical ciphers which only encrypted written language texts; this was new and significant.^ The information in its original form is known as plain text , and the encrypted message is called cipher text .
  • Public Key Cryptography 10 February 2010 13:51 UTC www.acm.org [Source type: Academic]

^ It is also called as Secret Key Encryption since the data is encrypted using a single "Secret Key".
  • Cryptography in Asp.net 10 February 2010 13:51 UTC www.c-sharpcorner.com [Source type: FILTERED WITH BAYES]

^ As can be seen from the figure, the only arithmetic operation required for encryption and decryption is modular exponentiation, i.e., computation of a function of the form x y mod n .
  • Public Key Cryptography 10 February 2010 13:51 UTC www.acm.org [Source type: Academic]

.Computer use has thus supplanted linguistic cryptography, both for cipher design and cryptanalysis.^ Cryptology embraces both cryptography and cryptanalysis.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

^ "Butterfly" computations with a similar structure are useful in mixing block ciphers.
  • Ciphers By Ritter: Cryptography and Technology 10 February 2010 13:51 UTC ciphersbyritter.com [Source type: Academic]

^ Heeralal Janwa , Oscar Moreno, McEliece Public Key Cryptosystems Using Algebraic-Geometric Codes, Designs, Codes and Cryptography, v.8 n.3, p.293-307, June 1996 .
  • Cryptography and data security 10 February 2010 13:51 UTC portal.acm.org [Source type: Academic]

.Many computer ciphers can be characterized by their operation on binary bit sequences (sometimes in groups or blocks), unlike classical and mechanical schemes, which generally manipulate traditional characters (i.e., letters and digits) directly.^ "Butterfly" computations with a similar structure are useful in mixing block ciphers.
  • Ciphers By Ritter: Cryptography and Technology 10 February 2010 13:51 UTC ciphersbyritter.com [Source type: Academic]

^ FFT-style mixing patterns can be computed at ciphering time, so blocks of dynamically arbitrary power-of-2 size can be ciphered.
  • Ciphers By Ritter: Cryptography and Technology 10 February 2010 13:51 UTC ciphersbyritter.com [Source type: Academic]

^ Many of the articles in this collection were released to Usenet News for general computer distribution.
  • Ciphers By Ritter: Cryptography and Technology 10 February 2010 13:51 UTC ciphersbyritter.com [Source type: Academic]

However, computers have also assisted cryptanalysis, which has compensated to some extent for increased cipher complexity. .Nonetheless, good modern ciphers have stayed ahead of cryptanalysis; it is typically the case that use of a quality cipher is very efficient (i.e., fast and requiring few resources, such as memory or CPU capability), while breaking it requires an effort many orders of magnitude larger, and vastly larger than that required for any classical cipher, making cryptanalysis so inefficient and impractical as to be effectively impossible.^ Period ciphers typically used .
  • cryptography-msg 10 February 2010 13:51 UTC www.florilegium.org [Source type: FILTERED WITH BAYES]

^ Further, many countries's laws make it difficult or impossible for a court to order you to turn over your keys; once the passphrase is known by a third party, its security from legal attack is greatly undermined, as the law generally protects your knowledge of someone else's keys to a lesser extent than it protects your own.
  • Discourse.net: Cryptography Archives 10 February 2010 13:51 UTC www.discourse.net [Source type: General]

^ Within very broad limits, you can make it as fast as you like if you have the budget.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

Alternate methods of attack (bribery, burglary, threat, torture, ...) have become more attractive in consequence.
Credit card with smart-card capabilities. The 3-by-5-mm chip embedded in the card is shown, enlarged. Smart cards combine low cost and portability with the power to compute cryptographic algorithms.
Extensive open academic research into cryptography is relatively recent; it began only in the mid-1970s. .In recent times, IBM personnel designed the algorithm that became the Federal (i.e., US) Data Encryption Standard; Whitfield Diffie and Martin Hellman published their key agreement algorithm,[9]; and the RSA algorithm was published in Martin Gardner's Scientific American column.^ In a 1976 paper that was appropriately titled " New Directions in Cryptography ," Whitfield Diffie and Martin Hellman proposed a way in which cryptography might be used to produce the electronic equivalent to the handwritten signature.
  • An Introduction to Cryptography 10 February 2010 13:51 UTC www.isaca.org [Source type: FILTERED WITH BAYES]

^ Some examples of public-key cryptosystems are Elgamal (named for its inventor, Taher Elgamal), RSA (named for its inventors, Ron Rivest, Adi Shamir, and Leonard Adleman), Diffie-Hellman (named, you guessed it, for its inventors), and DSA, the Digital Signature Algorithm (invented by David Kravitz).
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

^ In 1997, it finally became publicly known that asymmetric cryptography had been invented by James H. Ellis at GCHQ , a British intelligence organization, in the early 1970s, and that both the Diffie-Hellman and RSA algorithms had been previously developed (by Malcolm J. Williamson and Clifford Cocks, respectively) [20] .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.Since then, cryptography has become a widely used tool in communications, computer networks, and computer security generally.^ So to transmit data over networks we can use Cryptography.
  • Cryptography in Asp.net 10 February 2010 13:51 UTC www.c-sharpcorner.com [Source type: FILTERED WITH BAYES]

^ Anyone who runs Linux on a standalone PC will also be able to secure their network connections, without changing their application software or how they operate their computer from day to day.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ The project is called S/WAN or S/Wan or Swan for Secure Wide Area Network; since it's free software, we call it FreeSwan to distinguish it from various commercial implementations.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

.Some modern cryptographic techniques can only keep their keys secret if certain mathematical problems are intractable, such as the integer factorization or the discrete logarithm problems, so there are deep connections with abstract mathematics.^ A cert server usually provides some administrative features that enable a company to maintain its security policies for example, allowing only those keys that meet certain requirements to be stored.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

^ If users must all be able to communicate with each other securely, then there are possible connections, each of which needs its own key.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Hint: use the fact from previous exercise that there exist integers a and b such that ap + bq = gcd(p, q).

.There are no absolute proofs that a cryptographic technique is secure (but see one-time pad); at best, there are proofs that some techniques are secure if some computational problem is difficult to solve, or this or that assumption about implementation or practical use is met.^ Another method, usable manually or on a computer, is a one-time pad .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Can use as a one-time pad.

^ If we re-use a one-time pad, then the system is no longer secure.

.As well as being aware of cryptographic history, cryptographic algorithm and system designers must also sensibly consider probable future developments while working on their designs.^ Most of the development work is being done in Canada.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ It is difficult to make most computer applications work well on parallel machines, or to design specialised hardware to accelerate them.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ A cryptographic algorithm works in combination with a key a word, number, or phrase to encrypt the plaintext.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

.For instance, continuous improvements in computer processing power have increased the scope of brute-force attacks, thus when specifying key lengths, the required key lengths are similarly advancing.^ Moreover, the size of the keys was too small, so brute force attacks were possible.

^ For instance, the effects of Moore's Law on the speed of brute force attacks must be taken into account when specifying key lengths , and the potential effects of quantum computing are already being considered.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Thus, the first crude requirement is that the time required for an exhaustive key search should be significantly longer than the cover time.
  • An Introduction to Cryptography 10 February 2010 13:51 UTC www.isaca.org [Source type: FILTERED WITH BAYES]

.The potential effects of quantum computing are already being considered by some cryptographic system designers; the announced imminence of small implementations of these machines may be making the need for this preemptive caution rather more than merely speculative.^ It should be something already firmly embedded in your long-term memory, rather than something you make up from scratch.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

^ For instance, the effects of Moore's Law on the speed of brute force attacks must be taken into account when specifying key lengths , and the potential effects of quantum computing are already being considered.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ As well as being aware of cryptographic history and techniques, and of cryptanalytic methods, cryptographers must also carefully consider probable future developments.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

[10]
.Essentially, prior to the early 20th century, cryptography was chiefly concerned with linguistic and lexicographic patterns.^ Up to the early 20th century, cryptography was chiefly concerned with linguistic patterns.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.Since then the emphasis has shifted, and cryptography now makes extensive use of mathematics, including aspects of information theory, computational complexity, statistics, combinatorics, abstract algebra, number theory, and finite mathematics generally.^ Public-key cryptography and computational number theory.
  • Lattice-based public-key cryptography 10 February 2010 13:51 UTC pqcrypto.org [Source type: Academic]

^ Since then the emphasis has shifted, and cryptography now makes extensive use of mathematics, primarily information theory , computational complexity , abstract algebra , and number theory .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ In addition to its traditional use for confidentiality, cryptography is now used to provide: .
  • An Introduction to Cryptography 10 February 2010 13:51 UTC www.isaca.org [Source type: FILTERED WITH BAYES]

.Cryptography is, also, a branch of engineering, but an unusual one as it deals with active, intelligent, and malevolent opposition (see cryptographic engineering and security engineering); other kinds of engineering (e.g., civil or chemical engineering) need deal only with neutral natural forces.^ For the context in which cryptographic work is done, see information security , Security Engineering [5] or Secrets and Lies [6] .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ To be secure, the system must resist all attacks ; to break it, the attacker need only find one effective attack.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ If users must all be able to communicate with each other securely, then there are possible connections, each of which needs its own key.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.There is also active research examining the relationship between cryptographic problems and quantum physics (see quantum cryptography and quantum computing).^ Quantum cryptography is an active research area.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Banks use cryptography to identify their customers for ATM transactions and to secure messages between the ATM and the bank's computers.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Thus, if there were ever a dispute between A and B as to what was sent, there would be no cryptographic way of settling it.
  • An Introduction to Cryptography 10 February 2010 13:51 UTC www.isaca.org [Source type: FILTERED WITH BAYES]

Modern cryptography

The modern field of cryptography can be divided into several areas of study. .The chief ones are discussed here; see Topics in Cryptography for more.^ We conduct discussions on various topics in cryptography.
  • NYU Cryptography Seminar 10 February 2010 13:51 UTC www.cs.nyu.edu [Source type: Academic]

^ For more information, see: Cryptography controversy .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ For more information, see: One-way encryption .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

Symmetric-key cryptography

.Symmetric-key cryptography refers to encryption methods in which both the sender and receiver share the same key (or, less commonly, in which their keys are different, but related in an easily computable way).^ Cryptography is difficult 2 Principles and terms 2.1 Codes versus ciphers 2.2 Keying 3 Basic mechanisms 3.1 Secret key systems 3.1.1 Types of modern symmetric cipher 3.1.2 Key management 3.2 Public key systems 3.3 Cryptographic hash algorithms 3.4 Random numbers 3.5 One-way encryption 3.6 Steganography 4 Combination mechanisms 4.1 Digital signatures 4.2 Digital certificates 4.3 Public key infrastructure 4.4 Hybrid cryptosystems 5 Cryptographic hardware 6 Legal and political issues 7 References .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Symmetric key encryption may also be called traditional , shared-secret , secret-key , or conventional encryption.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ How PGP decryption works The combination of the two encryption methods combines the convenience of public key encryption with the speed of conventional encryption.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

This was the only kind of encryption publicly known until June 1976.[9]
One round (out of 8.5) of the patented IDEA cipher, used in some versions of PGP for high-speed encryption of, for instance, e-mail
.The modern study of symmetric-key ciphers relates mainly to the study of block ciphers and stream ciphers and to their applications.^ Types of modern symmetric cipher .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ A stream cipher encrypts a stream of input data by combining it with a pseudo-random stream of data; the pseudo-random stream is generated under control of the encryption key.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Designing a good cryptographic primitive — a block cipher , stream cipher or cryptographic hash — is indeed a tricky business, but for most applications designing new primitives is unnecessary.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.A block cipher is, in a sense, a modern embodiment of Alberti's polyalphabetic cipher: block ciphers take as input a block of plaintext and a key, and output a block of ciphertext of the same size.^ A cipher takes as input a key and plaintext, and produces ciphertext as output.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ The same plaintext encrypts to different ciphertext with different keys.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

^ This session key works with a very secure, fast conventional encryption algorithm to encrypt the plaintext; the result is ciphertext.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

.Since messages are almost always longer than a single block, some method of knitting together successive blocks is required.^ And since Bill is the only one who has his private key, no one other than Bill (and anybody else who he authorizes to use his private key) can read the encrypted message that I have sent to him.

^ In general, stream ciphers are faster than block ciphers, and some of them are very easy to implement in hardware; this makes them attractive for dedicated devices.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Historically, for encrypting elements of a plaintext made up of more than a single letter only digraphs (two successive letters) have ever been used.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.Several have been developed, some with better security in one aspect or another than others.^ And since Bill is the only one who has his private key, no one other than Bill (and anybody else who he authorizes to use his private key) can read the encrypted message that I have sent to him.

^ As long as a secure hash function is used, there is no way to take someone's signature from one document and attach it to another, or to alter a signed message in any way.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

^ However, in systems where more than one CA is operating, a user may also want access to the public keys of the other CAs.
  • An Introduction to Cryptography 10 February 2010 13:51 UTC www.isaca.org [Source type: FILTERED WITH BAYES]

.They are the modes of operation and must be carefully considered when using a block cipher in a cryptosystem.^ They must have tried; the cipher was an American standard and widely used.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ In particular, any block cipher can be used as stream cipher in some modes of operation .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ As well as being aware of cryptographic history and techniques, and of cryptanalytic methods, cryptographers must also carefully consider probable future developments.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.The Data Encryption Standard (DES) and the Advanced Encryption Standard (AES) are block cipher designs which have been designated cryptography standards by the US government (though DES's designation was finally withdrawn after the AES was adopted).^ Advanced Encryption Standard (AES, Rijndael algorithm).

^ Block ciphers are often done in hardware; the Data Encryption Standard was originally intended to be implemented only in hardware and there are a number of Advanced Encryption Standard chips on the market.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ A stream cipher encrypts a stream of input data by combining it with a pseudo-random stream of data; the pseudo-random stream is generated under control of the encryption key.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

[11] .Despite its deprecation as an official standard, DES (especially its still-approved and much more secure triple-DES variant) remains quite popular; it is used across a wide range of applications, from ATM encryption[12] to e-mail privacy[13] and secure remote access.^ Triple DES is almost certainly secure .
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ The project is called S/WAN or S/Wan or Swan for Secure Wide Area Network; since it's free software, we call it FreeSwan to distinguish it from various commercial implementations.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ They might change to something more secure, so it is very much in the attacker's interest to keep the break secret.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

[14] .Many other block ciphers have been designed and released, with considerable variation in quality.^ Designing a good cryptographic primitive — a block cipher , stream cipher or cryptographic hash — is indeed a tricky business, but for most applications designing new primitives is unnecessary.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Many cryptographic techniques — block ciphers , stream ciphers , public key encryption, digital signatures , and hashed message authentication codes — depend on cryptographic keys .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ The same is true, in spades, of ciphers -- DES or others -- crippled by 40-bit keys, as many ciphers were required to be until recently under various export laws .
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

.Many have been thoroughly broken; see Category:Block ciphers.^ Block ciphers are usual for things like encrypting disk blocks, or network traffic at the packet level (see IPsec ), or email messages ( PGP ).
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Many cryptographic techniques — block ciphers , stream ciphers , public key encryption, digital signatures , and hashed message authentication codes — depend on cryptographic keys .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

[10][15]
.Stream ciphers, in contrast to the 'block' type, create an arbitrarily long stream of key material, which is combined with the plaintext bit-by-bit or character-by-character, somewhat like the one-time pad.^ PGP then creates a session key, which is a one-time-only secret key.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

^ Can use as a one-time pad.

^ The best passphrases are relatively long and complex and contain a combination of upper and lowercase letters, numeric and punctuation characters.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

.In a stream cipher, the output stream is created based on a hidden internal state which changes as the cipher operates.^ In particular, any block cipher can be used as stream cipher in some modes of operation .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.That internal state is initially set up using the secret key material.^ But then, where should one store the key used to encrypt the secret key?
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ It is also called as Secret Key Encryption since the data is encrypted using a single "Secret Key".
  • Cryptography in Asp.net 10 February 2010 13:51 UTC www.c-sharpcorner.com [Source type: FILTERED WITH BAYES]

^ You can use their encryption key — which means it's recoverable: they have a backdoor if you loose lose it, or if someone else turns up with a subpoena — or you can grow your own.
  • Discourse.net: Cryptography Archives 10 February 2010 13:51 UTC www.discourse.net [Source type: General]

.RC4 is a widely used stream cipher; see Category:Stream ciphers.^ They must have tried; the cipher was an American standard and widely used.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ This cipher will almost certainly become widely used for many applications, including IPsec.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ In particular, any block cipher can be used as stream cipher in some modes of operation .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

[10] .Block ciphers can be used as stream ciphers; see Block cipher modes of operation.^ In particular, any block cipher can be used as stream cipher in some modes of operation .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ In general, stream ciphers are faster than block ciphers, and some of them are very easy to implement in hardware; this makes them attractive for dedicated devices.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ In principle, any block cipher could be used in a similar way.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.Cryptographic hash functions are a third type of cryptographic algorithm.^ Cryptographic hash algorithms .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Cryptographically secure hash functions.

^ PGP uses a cryptographically strong hash function on the plaintext the user is signing.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

.They take a message of any length as input, and output a short, fixed length hash which can be used in (for example) a digital signature.^ Simple digital signatures Hash functions .
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

^ Hashes are used in generating digital signatures.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ A one-way hash function takes variable-length input in this case, a message of any length, even thousands or millions of bits and produces a fixed-length output; say, 160-bits.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

.For good hash functions, an attacker cannot find two messages that produce the same hash.^ A one-way hash function takes variable-length input in this case, a message of any length, even thousands or millions of bits and produces a fixed-length output; say, 160-bits.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

^ Alice applies an encryption function E to the message, which produces another N bit integer E(m).

^ It is a two-step cryptographic process: first, the message to be transmitted undergoes a hash algorithm (for example, SHA-1) to obtain a message digest (or hash value).
  • Cryptography in Asp.net 10 February 2010 13:51 UTC www.c-sharpcorner.com [Source type: FILTERED WITH BAYES]

.MD4 is a long-used hash function which is now broken; MD5, a strengthened variant of MD4, is also widely used but broken in practice.^ PGP uses a cryptographically strong hash function on the plaintext the user is signing.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

^ As long as a secure hash function is used, there is no way to take someone's signature from one document and attach it to another, or to alter a signed message in any way.
  • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

^ It can be fixed by having Equifax, which uses this now shown-to-be-insecure hast, replace the hash with something better.
  • Discourse.net: Cryptography Archives 10 February 2010 13:51 UTC www.discourse.net [Source type: General]

The U.S. National Security Agency developed the Secure Hash Algorithm series of MD5-like hash functions: SHA-0 was a flawed algorithm that the agency withdrew; SHA-1 is widely deployed and more secure than MD5, but cryptanalysts have identified attacks against it; the SHA-2 family improves on SHA-1, but it isn't yet widely deployed, and the U.S. standards authority thought it "prudent" from a security perspective to develop a new standard to "significantly improve the robustness of NIST's overall hash algorithm toolkit."[16] Thus, a hash function design competition is underway and meant to select a new U.S. national standard, to be called SHA-3, by 2012.
.Message authentication codes (MACs) are much like cryptographic hash functions, except that a secret key is used to authenticate the hash value[10] on receipt.^ Cryptographically secure hash functions.

^ Many cryptographic techniques — block ciphers , stream ciphers , public key encryption, digital signatures , and hashed message authentication codes — depend on cryptographic keys .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Heeralal Janwa , Oscar Moreno, McEliece Public Key Cryptosystems Using Algebraic-Geometric Codes, Designs, Codes and Cryptography, v.8 n.3, p.293-307, June 1996 .
  • Cryptography and data security 10 February 2010 13:51 UTC portal.acm.org [Source type: Academic]

Public-key cryptography

.Symmetric-key cryptosystems use the same key for encryption and decryption of a message, though a message or group of messages may have a different key than others.^ This Encryption is different form Symmetric Encryption since it uses two keys .
  • Cryptography in Asp.net 10 February 2010 13:51 UTC www.c-sharpcorner.com [Source type: FILTERED WITH BAYES]

^ Other private key encryption schemes.

^ Bob uses his private key d to decrypt the message.

.A significant disadvantage of symmetric ciphers is the key management necessary to use them securely.^ He can reply securely using her public key.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ He has also lectured worldwide on information security, academically and commercially, with recent emphasis on the use of digital signatures and the role for public key infrastructures.
  • An Introduction to Cryptography 10 February 2010 13:51 UTC www.isaca.org [Source type: FILTERED WITH BAYES]

^ For example it is natural to use a different key for each new message in a message-oriented protocol such as email, or for each new connection in a connection-oriented protocol such as SSH for secure remote login.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.Each distinct pair of communicating parties must, ideally, share a different key, and perhaps each ciphertext exchanged as well.^ Private key = two parties share a secret key prior to their communication.

^ If users must all be able to communicate with each other securely, then there are possible connections, each of which needs its own key.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Both the sender and receiver must have the key, and third parties (potential intruders) must be prevented from obtaining the key.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.The number of keys required increases as the square of the number of network members, which very quickly requires complex key management schemes to keep them all straight and secret.^ This may be all the re-keying required.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ They might change to something more secure, so it is very much in the attacker's interest to keep the break secret.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ In a system based on secret keys, if Alice communicates with people, her system must manage secret keys all of which change periodically, all of which must sometimes be communicated, and each of which must be kept secret from everyone except the one person it is used with.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.The difficulty of securely establishing a secret key between two communicating parties, when a secure channel doesn't already exist between them, also presents a chicken-and-egg problem which is a considerable practical obstacle for cryptography users in the real world.^ Private key = two parties share a secret key prior to their communication.

^ Communicating keys is an even harder problem.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ The security of a cryptosystem should not depend on keeping the algorithm secret, but only on keeping the numeric key secret.

Whitfield Diffie and Martin Hellman, authors of the first published paper on public-key cryptography
.In a groundbreaking 1976 paper, Whitfield Diffie and Martin Hellman proposed the notion of public-key (also, more generally, called asymmetric key) cryptography in which two different but mathematically related keys are used—a public key and a private key.^ He can reply securely using her public key.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Public key or asymmetric key cryptography was first proposed, in the open literature, in 1976 by Whitfield Diffie and Martin Hellman .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Public key cryptography was invented by Diffie and Hellman.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

[17] .A public key system is so constructed that calculation of one key (the 'private key') is computationally infeasible from the other (the 'public key'), even though they are necessarily related.^ Other private key encryption schemes.

^ One final challenge is choosing the public and private keys.

^ Generating public and private RSA keys.

.Instead, both keys are generated secretly, as an interrelated pair.^ Keys are generated secretly, in interrelated pairs.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Write a program RSA.java to generate a key pair for use with the RSA cryptosystem, determine two N/2 bit primes p and q.

[18] The historian David Kahn described public-key cryptography as "the most revolutionary new concept in the field since polyalphabetic substitution emerged in the Renaissance".[19]
.In public-key cryptosystems, the public key may be freely distributed, while its paired private key must remain secret.^ To participate in the RSA cryptosystem, Bob must first generate a public and private key.

^ This paper described a public key cryptosystem for the key distribution problem.

^ Generating public and private RSA keys.

.The public key is typically used for encryption, while the private or secret key is used for decryption.^ When used for content confidentiality , the public key is typically used for encryption, while the private key is used for decryption.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Hence this Encryption also called as Public Key Encryption.
  • Cryptography in Asp.net 10 February 2010 13:51 UTC www.c-sharpcorner.com [Source type: FILTERED WITH BAYES]

^ The ciphertext can only be decoded (decrypted) using a predefined secret key.
  • Cryptography in Asp.net 10 February 2010 13:51 UTC www.c-sharpcorner.com [Source type: FILTERED WITH BAYES]

.Diffie and Hellman showed that public-key cryptography was possible by presenting the Diffie-Hellman key exchange protocol.^ Public key cryptography.

^ Lattice-based public-key cryptography .
  • Lattice-based public-key cryptography 10 February 2010 13:51 UTC pqcrypto.org [Source type: Academic]

^ Public key cryptography was invented by Diffie and Hellman.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

[9]
.In 1978, Ronald Rivest, Adi Shamir, and Len Adleman invented RSA, another public-key system.^ Public key systems .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Generating public and private RSA keys.

^ The most widely used public techniques today are the Diffie-Hellman key agreement protocol and the RSA ( Rivest-Shamir-Adleman ) public-key system [19] .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

[20]
.In 1997, it finally became publicly known that asymmetric key cryptography had been invented by James H. Ellis at GCHQ, a British intelligence organization, and that, in the early 1970s, both the Diffie-Hellman and RSA algorithms had been previously developed (by Malcolm J. Williamson and Clifford Cocks, respectively).^ Public key cryptography was invented by Diffie and Hellman.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ In 1997, it finally became publicly known that asymmetric cryptography had been invented by James H. Ellis at GCHQ , a British intelligence organization, in the early 1970s, and that both the Diffie-Hellman and RSA algorithms had been previously developed (by Malcolm J. Williamson and Clifford Cocks, respectively) [20] .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ More recent papers, covering both symmetric and public key systems are at cryptosavvy.com and rsa.com .
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

[21]
.The Diffie-Hellman and RSA algorithms, in addition to being the first publicly known examples of high quality public-key algorithms, have been among the most widely used.^ Public key cryptography was invented by Diffie and Hellman.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ Generating public and private RSA keys.

^ Heeralal Janwa , Oscar Moreno, McEliece Public Key Cryptosystems Using Algebraic-Geometric Codes, Designs, Codes and Cryptography, v.8 n.3, p.293-307, June 1996 .
  • Cryptography and data security 10 February 2010 13:51 UTC portal.acm.org [Source type: Academic]

.Others include the Cramer-Shoup cryptosystem, ElGamal encryption, and various elliptic curve techniques.^ However, advances in factoring techniques over the last decade have near completely negated the advantage of strong primes, the elliptic curve factoring algorithm is one such advance.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.See Category:Asymmetric-key cryptosystems.^ Many different asymmetric techniques have been proposed and some have been shown to be vulnerable to some forms of cryptanalysis ; see the public key article for details.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ For more information, see: asymmetric key cryptography .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.
Padlock icon from the Firefox Web browser, meant to indicate a page has been sent in SSL or TLS-encrypted protected form.
^ In Secure Sockets Layer (SSL) or the later version Transport Layer Security (TLS) which provides secure web browsing (http s ), digital certificates are used for source authentication and connections are generally encrypted with a stream cipher .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

However, such an icon is not a guarantee of security; any subverted browser might mislead a user by displaying such an icon when a transmission is not actually being protected by SSL or TLS.
.In addition to encryption, public-key cryptography can be used to implement digital signature schemes.^ Public-key encryption .
  • Lattice-based public-key cryptography 10 February 2010 13:51 UTC pqcrypto.org [Source type: Academic]

^ He can reply securely using her public key.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Public key Encryption Schemes with Auxiliary Input .
  • NYU Cryptography Seminar 10 February 2010 13:51 UTC www.cs.nyu.edu [Source type: Academic]

.A digital signature is reminiscent of an ordinary signature; they both have the characteristic that they are easy for a user to produce, but difficult for anyone else to forge.^ It is easy for a user to produce, but difficult for anyone else to forge .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ A digital signature has some of the desirable properties of an ordinary signature .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Two cryptographic techniques are used together to produce a digital signature , a hash and a public key system.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.Digital signatures can also be permanently tied to the content of the message being signed; they cannot then be 'moved' from one document to another, for any attempt will be detectable.^ The signature is permanently tied to the content of the message being signed; it cannot be copied from one document to another, or used with an altered document, since the different document would give a different hash.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Moreover, there is an intrusion detection component so that if Eve observes even one bit, both parties will learn about the attempted eavesdropping.

^ Messages sent over the radio had to be encrypted and the encryption system they used was adapted from one which was commercially available before the war.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.In digital signature schemes, there are two algorithms: one for signing, in which a secret key is used to process the message (or a hash of the message, or both), and one for verification, in which the matching public key is used with the message to check the validity of the signature.^ There are two primary distinctions between the algorithm and the numeric key.

^ Moreover, there is an intrusion detection component so that if Eve observes even one bit, both parties will learn about the attempted eavesdropping.

^ There are prototype implementations of ISAKMP. The protocol is not yet defined to enable opportunistic encryption or the use of DNSSEC keys.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

.RSA and DSA are two of the most popular digital signature schemes.^ RSA is widely used, as is the US government standard Digital Signature Algorithm (DSA).
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Two cryptographic techniques are used together to produce a digital signature , a hash and a public key system.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Two online surveys cover crypto laws around the world, one for usage and export restrictions and one for digital signatures .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.Digital signatures are central to the operation of public key infrastructures and many network security schemes (e.g., SSL/TLS, many VPNs, etc).^ He can reply securely using her public key.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Public key infrastructure .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Any public key technique can provide digital signatures.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

[15]
.Public-key algorithms are most often based on the computational complexity of "hard" problems, often from number theory.^ Public-key cryptography and computational number theory.
  • Lattice-based public-key cryptography 10 February 2010 13:51 UTC pqcrypto.org [Source type: Academic]

^ Lattice-based public-key cryptography .
  • Lattice-based public-key cryptography 10 February 2010 13:51 UTC pqcrypto.org [Source type: Academic]

^ This is a problem with the public key system which can only be solved by increasing the number of keys in the system.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.For example, the hardness of RSA is related to the integer factorization problem, while Diffie-Hellman and DSA are related to the discrete logarithm problem.^ They offer the best security we know how to build, using the Triple-DES, RSA, and Diffie-Hellman algorithms.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ What is the complexity of the following problem: Given an even integer x and another integer y, determine whether x has any odd factors between 3 and y.

^ Using a very sophisticated factoring algorithm known as the general number field sieve , researchers were recently able to factor RSA-576 , a 576-bit (174 decimal digits) composite integer offered as a challenge problem by RSA Security.

.More recently, elliptic curve cryptography has developed in which security is based on number theoretic problems involving elliptic curves.^ Techniques based on elliptic curves are also used.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ With the spread of computers and electronic communication systems in recent decades, cryptography has become much more broadly important.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Using a very sophisticated factoring algorithm known as the general number field sieve , researchers were recently able to factor RSA-576 , a 576-bit (174 decimal digits) composite integer offered as a challenge problem by RSA Security.

.Because of the difficulty of the underlying problems, most public-key algorithms involve operations such as modular multiplication and exponentiation, which are much more computationally expensive than the techniques used in most block ciphers, especially with typical key sizes.^ The exact operation of a cipher is controlled by a key , which is a secret parameter for the cipher algorithm.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ He can reply securely using her public key.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ In particular, any block cipher can be used as stream cipher in some modes of operation .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.As a result, public-key cryptosystems are commonly hybrid cryptosystems, in which a fast high-quality symmetric-key encryption algorithm is used for the message itself, while the relevant symmetric key is sent with the message, but encrypted using a public-key algorithm.^ Public-key encryption .
  • Lattice-based public-key cryptography 10 February 2010 13:51 UTC pqcrypto.org [Source type: Academic]

^ He can reply securely using her public key.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ A survey of public key encryption .
  • NYU Cryptography Seminar 10 February 2010 13:51 UTC www.cs.nyu.edu [Source type: Academic]

.Similarly, hybrid signature schemes are often used, in which a cryptographic hash function is computed, and only the resulting hash is digitally signed.^ Hashes are used in generating digital signatures.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Our policy in FreeS/WAN is to use only cryptographic components with adequate keylength and no known weaknesses.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ The legal status of digital signatures can be an issue, and cryptographic techniques may affect the acceptability of computer data as evidence.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

[10]

Cryptanalysis

.
Variants of the Enigma machine, used by Germany's military and civil authorities from the late 1920s through World War II, implemented a complex electro-mechanical polyalphabetic cipher.
^ The era of computers and electronics has meant an unprecedented freedom for cipher designers to use elaborate designs which would be far too prone to error if handled by pencil and paper, or far to expensive to implement in the form of an electromechanical cipher machine.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ In the 1920s the maturing of mechanical and electromechanical technology came together with the needs of telegraphy and radio to bring about a revolution in cryptodevices - the development of rotor cipher machines.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ At almost the same time as Hebern was inventing the rotor cipher machine in the United States, European engineers such as Hugo Koch (Netherlands) and Arthur Scherbius (Germany) independently discovered the rotor concept and designed the precursors to the most famous cipher machine in history - the German Enigma machine which was used during World War 2.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.Breaking and reading of the Enigma cipher at Poland's Cipher Bureau, for 7 years before the war, and subsequent decryption at Bletchley Park, was important to Allied victory.^ Alan Turing led a team at Bletchley Park which cracked the German Enigma cipher.

^ In a famous example, the British ULTRA project read many German ciphers through most of World War II, and the Germans never realised it.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Enemies can sometimes read encrypted messages without breaking the cipher; they use practical cryptanalysis techniques such as breaking into an office to steal keys.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

[2]
The goal of cryptanalysis is to find some weakness or insecurity in a cryptographic scheme, thus permitting its subversion or evasion.
It is a common misconception that every encryption method can be broken. .In connection with his WWII work at Bell Labs, Claude Shannon proved that the one-time pad cipher is unbreakable, provided the key material is truly random, never reused, kept secret from all possible attackers, and of equal or greater length than the message.^ Stream ciphers were developed as an approximation to the one-time pad.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ Can use as a one-time pad.

^ One-time pads (Chapter 1) are provably secure if the bits in the key are generated from a truly random source.

[22] .Most ciphers, apart from the one-time pad, can be broken with enough computational effort by brute force attack, but the amount of effort needed may be exponentially dependent on the key size, as compared to the effort needed to use the cipher.^ Hardware can also be used to facilitate attacks on ciphers.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Another method, usable manually or on a computer, is a one-time pad .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Stream ciphers were developed as an approximation to the one-time pad.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.In such cases, effective security could be achieved if it is proven that the effort required (i.e., "work factor", in Shannon's terms) is beyond the ability of any adversary.^ It is worth noting that in some cases the number of rounds required to provide an accurate level of security will be too large for the cipher to be practical.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.This means it must be shown that no efficient method (as opposed to the time-consuming brute force method) can be found to break the cipher.^ A brute force search of such a cipher's keyspace is 2 16 times faster than a similar search against DES. The EFF's machine can do a brute-force search of a 40-bit key space in seconds .
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ The computer shown in Figure 10 is one in use at the Government Communications Headquarters in Cheltenham, with computers hundreds of times more powerful it will become plausible to decrypt many ciphers by a simple brute force attack where it had not been so before.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ A stream cipher also breaks the plaintext into units, this time it is normally a single character.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.Since no such showing can be made currently, as of today, the one-time-pad remains the only theoretically unbreakable cipher.^ Interest in stream ciphers is currently attributed to the appealing properties of the one-time pad .
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ Stream ciphers were developed as an approximation to the one-time pad.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ Can use as a one-time pad.

.There are a wide variety of cryptanalytic attacks, and they can be classified in any of several ways.^ There are several distinct types of cryptanalytic attack.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

A common distinction turns on what an attacker knows and what capabilities are available. .In a ciphertext-only attack, the cryptanalyst has access only to the ciphertext (good modern cryptosystems are usually effectively immune to ciphertext-only attacks).^ In a ciphertext only attack the cryptanalyst has only the encoded message from which to determine the plaintext, with no knowledge whatsoever of the actual message.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ In a chosen plaintext attack the cryptanalyst has the capability to find the ciphertext corresponding to an arbitrary plaintext message of his or her own choosing.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ A ciphertext only attack is presumed to be possible, if not easy.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.In a known-plaintext attack, the cryptanalyst has access to a ciphertext and its corresponding plaintext (or to many such pairs).^ In a chosen ciphertext attack the cryptanalyst can choose an arbitrary ciphertext and find the corresponding decrypted plaintext.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ At least one of the keys must be virtually impossible for the cryptanalyst to recover even when he knows the other key and many matching plaintext and ciphertext pairs.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ In a chosen plaintext attack the cryptanalyst has the capability to find the ciphertext corresponding to an arbitrary plaintext message of his or her own choosing.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.In a chosen-plaintext attack, the cryptanalyst may choose a plaintext and learn its corresponding ciphertext (perhaps many times); an example is gardening, used by the British during WWII. Finally, in a chosen-ciphertext attack, the cryptanalyst may be able to choose ciphertexts and learn their corresponding plaintexts.^ In a chosen plaintext attack the cryptanalyst has the capability to find the ciphertext corresponding to an arbitrary plaintext message of his or her own choosing.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ In a chosen ciphertext attack the cryptanalyst can choose an arbitrary ciphertext and find the corresponding decrypted plaintext.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ In an adaptive chosen plaintext attack the cryptanalyst can determine the ciphertext of chosen plaintexts in an iterative process based on previous results.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

[10] .Also important, often overwhelmingly so, are mistakes (generally in the design or use of one of the protocols involved; see Cryptanalysis of the Enigma for some historical examples of this).^ John Young runs a very useful, important, but edgy (some would say over the edge) service at Cryptome.org , which I wrote about in Cryptome: Often Heroic, but Sometimes Creepy .
  • Discourse.net: Cryptography Archives 10 February 2010 13:51 UTC www.discourse.net [Source type: General]

^ For example it is natural to use a different key for each new message in a message-oriented protocol such as email, or for each new connection in a connection-oriented protocol such as SSH for secure remote login.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ In some systems, a third factor is used, a random challenge; this prevents an enemy from reading the hash from one transaction and using it to perform a different transaction.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

Poznań monument (center) to Polish cryptologists whose breaking of Germany's Enigma machine ciphers, beginning in 1932, altered the course of World War II
.Cryptanalysis of symmetric-key ciphers typically involves looking for attacks against the block ciphers or stream ciphers that are more efficient than any attack that could be against a perfect cipher.^ Whether a block or a stream cipher is produced.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ Cryptanalysis of public key ciphers is therefore virtually indistinguishable from research into any other area of mathematics.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ More recent papers, covering both symmetric and public key systems are at cryptosavvy.com and rsa.com .
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

.For example, a simple brute force attack against DES requires one known plaintext and 255 decryptions, trying approximately half of the possible keys, to reach a point at which chances are better than even the key sought will have been found.^ Moreover, the size of the keys was too small, so brute force attacks were possible.

^ For example, in a monoalphabetic substitution cipher where each letter in the plaintext is replaced by a letter in the ciphertext which is the same each time, a simple analysis of a sizeable portion of ciphertext can be used to retrieve most of the plaintext.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ Access to data can be an issue: can a warrant or a tax auditor force someone to decrypt data, or even to turn over the key?
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.But this may not be enough assurance; a linear cryptanalysis attack against DES requires 243 known plaintexts and approximately 243 DES operations.^ A standard cryptanalytic attack is to determine the key which maps a known plaintext to a known ciphertext.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ If the plaintext segment is guessed it is unlikely that its exact position is known however a message is generally short enough for a cryptanalyst to try all possible positions in parallel.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ In some systems a known ciphertext-plaintext pair will compromise the entire system however a strong encryption algorithm will be unbreakable under this type of attack.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

[23] .This is a considerable improvement on brute force attacks.^ It's only major flaw is that the small keyspace allows brute force attacks to succeeed.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ Another type of brute force attack is a dictionary attack .
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ For the majority of encryption algorithms a brute force attack is impractical due to the large number of possibilities.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.Public-key algorithms are based on the computational difficulty of various problems.^ Lattice-based public-key cryptography .
  • Lattice-based public-key cryptography 10 February 2010 13:51 UTC pqcrypto.org [Source type: Academic]

^ Because public key cryptography relies on "hard" mathematical problems, their cryptanalysis is essentially research into solving the underlying mathematical problems.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ Public Key cryptography is based on the idea that a user can possess two keys - one public and one private key.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.The most famous of these is integer factorization (e.g., the RSA algorithm is based on a problem related to integer factoring), but the discrete logarithm problem is also important.^ "Improved algorithms for integer programming and related lattice problems."
  • Lattice-based public-key cryptography 10 February 2010 13:51 UTC pqcrypto.org [Source type: Academic]

^ But as Ed explains, it is based on an making worse a known weakness in the “MD5 with RSA ” hashing algorithm.
  • Discourse.net: Cryptography Archives 10 February 2010 13:51 UTC www.discourse.net [Source type: General]

^ Using a very sophisticated factoring algorithm known as the general number field sieve , researchers were recently able to factor RSA-576 , a 576-bit (174 decimal digits) composite integer offered as a challenge problem by RSA Security.

.Much public-key cryptanalysis concerns numerical algorithms for solving these computational problems, or some of them, efficiently (i.e., in a practical time).^ This is a problem with the public key system which can only be solved by increasing the number of keys in the system.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ Because public key cryptography relies on "hard" mathematical problems, their cryptanalysis is essentially research into solving the underlying mathematical problems.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ Cryptanalysis of public key ciphers is therefore virtually indistinguishable from research into any other area of mathematics.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.For instance, the best known algorithms for solving the elliptic curve-based version of discrete logarithm are much more time-consuming than the best known algorithms for factoring, at least for problems of more or less equivalent size.^ Answer: equivalent to factoring problem.

^ Techniques based on elliptic curves are also used.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ The information handed over to the British by the Polish was much more advanced than anything the British (or anyone else) had accomplished .
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.Thus, other things being equal, to achieve an equivalent strength of attack resistance, factoring-based encryption techniques must use larger keys than elliptic curve techniques.^ Techniques based on elliptic curves are also used.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ The use of encryption on stored data, however, does not by itself suggest people are anything other than prudent.
  • Discourse.net: Cryptography Archives 10 February 2010 13:51 UTC www.discourse.net [Source type: General]

^ To be secure, the system must resist all attacks ; to break it, the attacker need only find one effective attack.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.For this reason, public-key cryptosystems based on elliptic curves have become popular since their invention in the mid-1990s.^ "NTRU: a ring-based public key cryptosystem."
  • Lattice-based public-key cryptography 10 February 2010 13:51 UTC pqcrypto.org [Source type: Academic]

^ Techniques based on elliptic curves are also used.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Lattice-based public-key cryptography .
  • Lattice-based public-key cryptography 10 February 2010 13:51 UTC pqcrypto.org [Source type: Academic]

.While pure cryptanalysis uses weaknesses in the algorithms themselves, other attacks on cryptosystems are based on actual use of the algorithms in real devices, and are called side-channel attacks.^ The only thing using a weak cipher can do for you is to cause all your other investment to be wasted.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ "Improving lattice based cryptosystems using the Hermite normal form."
  • Lattice-based public-key cryptography 10 February 2010 13:51 UTC pqcrypto.org [Source type: Academic]

^ This is the general name for a method of attacking product ciphers called "differential cryptanalysis".
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.If a cryptanalyst has access to, say, the amount of time the device took to encrypt a number of plaintexts or report an error in a password or PIN character, he may be able to use a timing attack to break a cipher that is otherwise resistant to analysis.^ A stream cipher also breaks the plaintext into units, this time it is normally a single character.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ For example, in a monoalphabetic substitution cipher where each letter in the plaintext is replaced by a letter in the ciphertext which is the same each time, a simple analysis of a sizeable portion of ciphertext can be used to retrieve most of the plaintext.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ To encrypt the plaintext we must convert in into a binary number.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.An attacker might also study the pattern and length of messages to derive valuable information; this is known as traffic analysis,[24] and can be quite useful to an alert adversary.^ I can see how if parties are communicating by encrypted email (or otherwise) with someone known or suspected to be a member of a gang, then by ordinary principles of traffic analysis, police might decide they were worth knowing more about.
  • Discourse.net: Cryptography Archives 10 February 2010 13:51 UTC www.discourse.net [Source type: General]

^ The secret information known only to the transmitter and the receiver which is used to secure the PLAINTEXT. .
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ At each stage the same process (known as a round function ) is applied to the data using a subkey (the set of subkeys usually being derived from a user provided key).
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.Poor administration of a cryptosystem, such as permitting too short keys, will make any system vulnerable, regardless of other virtues.^ Cryptanalysis of public key ciphers is therefore virtually indistinguishable from research into any other area of mathematics.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ It is therefore believed that 512-bit keys provide insufficient security for anything other than short-term needs.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ At least one of the keys must be virtually impossible for the cryptanalyst to recover even when he knows the other key and many matching plaintext and ciphertext pairs.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.And, of course, social engineering, and other attacks against the personnel who work with cryptosystems or the messages they handle (e.g., bribery, extortion, blackmail, espionage, torture, ...^ They have been developed by the IP Security Working Group of the Internet Engineering Task Force , and will be a standard part of the next major version of the Internet protocols ( IPv6 ).
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ Mention what other volunteer projects you've been involved in (and how they worked out).
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

) may be the most productive attacks of all.

Cryptographic primitives

.Much of the theoretical work in cryptography concerns cryptographic primitives—algorithms with basic cryptographic properties—and their relationship to other cryptographic problems.^ This problem basically occurs because both the sender and receiver must hold a copy of the key, but they must also prevent others from gaining a copy of the key.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ This isn't a problem for my effort, because the cryptographic work is happening outside the United States.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

.More complicated cryptographic tools are then built from these basic primitives.^ These more powerful processors will allow more complicated encryption algorithms to be run within a reasonable time span.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.These primitives provide fundamental properties, which are used to develop more complex tools called cryptosystems or cryptographic protocols, which guarantee one or more high-level security properties.^ The encryption protocols for these boxes are called IPSEC (IP Security) .
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ Please consider contributing to one or more of these groups: .
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ The encipherment was performed by a device called a "scrambler" that was made of three rotating wheels on a common spindle and a plugboard known as a "Steckerboard" that added an additional level of security.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.Note however, that the distinction between cryptographic primitives and cryptosystems, is quite arbitrary; for example, the RSA algorithm is sometimes considered a cryptosystem, and sometimes a primitive.^ These include ISO 9796 which lists RSA as a compatible cryptographic algorithm and many internet standards and proposals including S/MIME .
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ For example, to "crack" the RSA algorithm and obtain the private key from the public key would essentially involve research into factoring algorithms.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.Typical examples of cryptographic primitives include pseudorandom functions, one-way functions, etc.^ "Generalized compact knapsacks, cyclic lattices, and efficient one-way functions."
  • Lattice-based public-key cryptography 10 February 2010 13:51 UTC pqcrypto.org [Source type: Academic]

^ One way, as in this example, is to define the order in which each column is written depending on the alphabetical position of each letter of the keyword relative to the other letters.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

Cryptosystems

.One or more cryptographic primitives are often used to develop a more complex algorithm, called a cryptographic system, or cryptosystem.^ A variant of DES called triple-DES will be used until AES (Advanced Encryption System) is ready.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ There was also some use of a particular class of product ciphers called fractionation systems.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ Widespread use of cryptosystems is something most governments are not particularly happy about - precisely because it threatens to give more privacy to the individual, including criminals.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

Cryptosystems (e.g. El-Gamal encryption) are designed to provide particular functionality (e.g. public key encryption) while guaranteeing certain security properties (e.g. .CPA security in the random oracle model).^ On the Relation Between the Ideal Cipher and the Random Oracle Models .
  • NYU Cryptography Seminar 10 February 2010 13:51 UTC www.cs.nyu.edu [Source type: Academic]

^ Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles .
  • NYU Cryptography Seminar 10 February 2010 13:51 UTC www.cs.nyu.edu [Source type: Academic]

Cryptosystems use the properties of the underlying cryptographic primitives to support the system's security properties. Of course, as the distinction between primitives and cryptosystems is somewhat arbitrary, a sophisticated cryptosystem can be derived from a combination of several more primitive cryptosystems. .In many cases, the cryptosystem's structure involves back and forth communication among two or more parties in space (e.g., between the sender of a secure message and its receiver) or across time (e.g., cryptographically protected backup data).^ Of course, making systems secure does involve costs, and trade-offs can be made between cost and security.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ The computer shown in Figure 10 is one in use at the Government Communications Headquarters in Cheltenham, with computers hundreds of times more powerful it will become plausible to decrypt many ciphers by a simple brute force attack where it had not been so before.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ Because it is a single-key cryptosystem, when used for communication both sender and receiver must know the same secret key which can be used to encrypt or decrypt the message.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

Such cryptosystems are sometimes called cryptographic protocols.
.Some widely known cryptosystems include RSA encryption, Schnorr signature, El-Gamal encryption, PGP, etc.^ RSA is the most widely used public-key cryptosystem available currently and has often been referred to as a de-facto standard regardless of official recognition.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ Dorothy E. Denning, Digital signatures with RSA and other public-key cryptosystems, Communications of the ACM, v.27 n.4, p.388-392, April 1984 .
  • Cryptography and data security 10 February 2010 13:51 UTC portal.acm.org [Source type: Academic]

^ In some systems a known ciphertext-plaintext pair will compromise the entire system however a strong encryption algorithm will be unbreakable under this type of attack.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

More complex cryptosystems include electronic cash[25] systems, signcryption systems, etc. .Some more 'theoretical' cryptosystems include interactive proof systems,[26] (like zero-knowledge proofs,[27]), systems for secret sharing[28][29], etc.^ Once this was done, however, they could exchange information happily, encrypted with this secret key, in the knowledge that to anyone without the key it would simply look like garbage.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ "Noninteractive statistical zero-knowledge proofs for lattice problems."
  • Lattice-based public-key cryptography 10 February 2010 13:51 UTC pqcrypto.org [Source type: Academic]

^ Hashing, zero-knowledge proofs, etc.
  • Lattice-based public-key cryptography 10 February 2010 13:51 UTC pqcrypto.org [Source type: Academic]

.Until recently, most security properties of most cryptosystems were demonstrated using empirical techniques, or using ad hoc reasoning.^ Widespread use of cryptosystems is something most governments are not particularly happy about - precisely because it threatens to give more privacy to the individual, including criminals.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ RSA is the most widely used public-key cryptosystem available currently and has often been referred to as a de-facto standard regardless of official recognition.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ Unfortunately, it has been shown that it is possible, in a reasonable length of time, to derive the private key from the public key thus knapsack-based cryptosystems have been shown not to be secure.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.Recently, there has been considerable effort to develop formal techniques for establishing the security of cryptosystems; this has been generally called provable security.^ Justifying Formal-Method Abstractions of Cryptography: A provably secure Dolev-Yao model .
  • NYU Cryptography Seminar 10 February 2010 13:51 UTC www.cs.nyu.edu [Source type: Academic]

.The general idea of provable security is to give arguments about the computational difficulty needed to compromise some security aspect of the cryptosystem (i.e., to any adversary).^ Widespread use of cryptosystems is something most governments are not particularly happy about - precisely because it threatens to give more privacy to the individual, including criminals.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ It involves general computer security, and general physical security, which are two very expensive problems for even a site to solve, let alone to build into a whole society.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ The idea is that cryptographic keys be held by some third party and turned over to law enforcement or security agencies under some conditions.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

.The study of how best to implement and integrate cryptography in software applications is itself a distinct field; see: Cryptographic engineering and Security engineering.^ Anyone who runs Linux on a standalone PC will also be able to secure their network connections, without changing their application software or how they operate their computer from day to day.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ The project is called S/WAN or S/Wan or Swan for Secure Wide Area Network; since it's free software, we call it FreeSwan to distinguish it from various commercial implementations.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ They offer the best security we know how to build, using the Triple-DES, RSA, and Diffie-Hellman algorithms.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

Legal issues

Prohibitions

.Cryptography has long been of interest to intelligence gathering and law enforcement agencies.^ We believe that such policies are against the interests of consumers and the business community, are largely irrelevant to issues of military security, and provide only a marginal or illusory benefit to law enforcement agencies, ...
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ Cryptography has a long and interesting history, and has been the subject of considerable political controversy.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ The idea is that cryptographic keys be held by some third party and turned over to law enforcement or security agencies under some conditions.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

Actually secret communications may be criminal or even treasonous; those whose communications are open to inspection may be less likely to be either. .Because of its facilitation of privacy, and the diminution of privacy attendant on its prohibition, cryptography is also of considerable interest to civil rights supporters.^ Cryptography has a long and interesting history, and has been the subject of considerable political controversy.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ It has been funded by several philanthropists interested in increased privacy on the Internet, including John Gilmore, co-founder of the Electronic Frontier Foundation, a leading online civil rights group.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

.Accordingly, there has been a history of controversial legal issues surrounding cryptography, especially since the advent of inexpensive computers has made widespread access to high quality cryptography possible.^ The Internet Architecture Board (IAB) and the Internet Engineering Steering Group (IESG) made a strong statement in favour of worldwide access to strong cryptography.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ Cryptography has a long and interesting history, and has been the subject of considerable political controversy.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

.In some countries, even the domestic use of cryptography is, or has been, restricted.^ Many nations restrict the export of cryptography and some restrict its use by their citizens or others within their borders.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ They would probably use some sort of encryption to ensure that even if the message was intercepted its contents would remain secret.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ Restrictions on the export of cryptography are not just US policy, though some consider the US at least partly to blame for the policies of other nations in this area.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

.Until 1999, France significantly restricted the use of cryptography domestically, though it has relaxed many of these.^ Many nations restrict the export of cryptography and some restrict its use by their citizens or others within their borders.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ In reality, cryptography - although obviously essential for the military and diplomatic services - has many commercial uses and applications.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ Restrictions on the export of cryptography are not just US policy, though some consider the US at least partly to blame for the policies of other nations in this area.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

.In China, a license is still required to use cryptography.^ Public key cryptography requires a fundamentally different type of cryptanalysis than is used for single key cryptanalysis.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.Many countries have tight restrictions on the use of cryptography.^ Many nations restrict the export of cryptography and some restrict its use by their citizens or others within their borders.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ In reality, cryptography - although obviously essential for the military and diplomatic services - has many commercial uses and applications.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

Among the more restrictive are laws in Belarus, Kazakhstan, Mongolia, Pakistan, Russia, Singapore, Tunisia, and Vietnam.[30]
.In the United States, cryptography is legal for domestic use, but there has been much conflict over legal issues related to cryptography.^ In the United States, cryptography is classed as a munition and the export of programs containing cryptosystems is tightly controlled.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ In modern, single key cryptography however, the units of information can be much larger.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.One particularly important issue has been the export of cryptography and cryptographic software and hardware.^ The resolution of this issue is regarded to be one of the most important for the future of e-commerce.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ US laws, as currently interpreted by the US government, forbid export of most cryptographic software from the US in machine-readable form without government permission.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

.Probably because of the importance of cryptanalysis in World War II and an expectation that cryptography would continue to be important for national security, many Western governments have, at some point, strictly regulated export of cryptography.^ The greatest triumphs of cryptanalysis occurred during the second world war - the Polish and British cracking of the Enigma ciphers and the American cryptanalysis of the Japanese RED, ORANGE and PURPLE ciphers.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ In November 1998 the US Government discontinued its usage of the DES system because what was considered secure upon the algorithms conception is no longer so.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ Because public key cryptography relies on "hard" mathematical problems, their cryptanalysis is essentially research into solving the underlying mathematical problems.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.After World War II, it was illegal in the US to sell or distribute encryption technology overseas; in fact, encryption was designated as auxiliary military equipment and put on the United States Munitions List.^ The US believes that its laws apply to its citizens everywhere, not just within the US. Providing technical assistance or advice to foreign "munitions" projects is illegal.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ In the United States, cryptography is classed as a munition and the export of programs containing cryptosystems is tightly controlled.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ It was undoubtedly this work which led to the United States superior position in cryptology during the second world war.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

[31] .Until the development of the personal computer, asymmetric key algorithms (i.e., public key techniques), and the Internet, this was not especially problematic.^ A could then encrypt messages with his public key and send them to either P or C. This system has the advantage that the person receiving the message knows that it must have come from A; however, both P and C can now decrypt the message.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ For public key techniques, there are extra overheads for larger keys, but they generally do not affect overall performance significantly.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ Public-key cryptography and computational number theory.
  • Lattice-based public-key cryptography 10 February 2010 13:51 UTC pqcrypto.org [Source type: Academic]

.However, as the Internet grew and computers became more widely available, high quality encryption techniques became well-known around the globe.^ The encryption boxes are standard PC's that use freely available Linux software that you can download over the Internet or install from a cheap CDROM. .
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ Within a matter of a few decades computers many more times powerful than those available today will be in use.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ As well as devising the Playfair cipher he also invented the Wheatstone bridge , a device for accurately measuring electrical resistance which became widely used in laboratories.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

As a result, export controls came to be seen to be an impediment to commerce and to research.

Export controls

.In the 1990s, there were several challenges to US export regulations of cryptography.^ Cryptography is legally a munition and export is tightly controlled under the EAR Export Administration Regulations.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ The Register : Symantec has stopped selling a password auditing tool to customers outside the US and Canada, citing US Government export regulations.
  • Discourse.net: Cryptography Archives 10 February 2010 13:51 UTC www.discourse.net [Source type: General]

^ Restrictions on the export of cryptography are not just US policy, though some consider the US at least partly to blame for the policies of other nations in this area.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

.One involved Philip Zimmermann's Pretty Good Privacy (PGP) encryption program; it was released in the US, together with its source code, and found its way onto the Internet in June 1991. After a complaint by RSA Security (then called RSA Data Security, Inc., or RSADSI), Zimmermann was criminally investigated by the Customs Service and the FBI for several years.^ DES is in the source code, because we need DES to implement our default encryption transform, Triple DES .
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ The encryption protocols for these boxes are called IPSEC (IP Security) .
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ RSA Data Security is coordinating the S/Wan (Secure Wide Area Network) project among more than a dozen vendors who use these protocols.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

No charges were ever filed, however.[32][33] .Also, Daniel Bernstein, then a graduate student at UC Berkeley, brought a lawsuit against the US government challenging some aspects of the restrictions based on free speech grounds.^ The Bernstein case challenges the export restrictions on Constitutional grounds.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ Restrictions on the export of cryptography are not just US policy, though some consider the US at least partly to blame for the policies of other nations in this area.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ The government had an external review of some aspects of this system done.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

The 1995 case Bernstein v. .United States ultimately resulted in a 1999 decision that printed source code for cryptographic algorithms and systems was protected as free speech by the United States Constitution.^ The project built and released the software outside the United States, avoiding US government regulations which prohibit good privacy protection.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ Strong Internet Privacy Software Free for Linux Users Worldwide Toronto, ON, April 14, 1999 - The Linux FreeS/WAN project today released free software to protect the privacy of Internet communications using strong encryption codes.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ This isn't a problem for my effort, because the cryptographic work is happening outside the United States.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

[34]
.In 1996, thirty-nine countries signed the Wassenaar Arrangement, an arms control treaty that deals with the export of arms and "dual-use" technologies such as cryptography.^ The Global Internet Liberty Campaign (GILC) has begun a campaign calling for the removal of cryptography controls from the Wassenaar Arrangement.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ Our goal in the FreeS/WAN project is to build just such "strong cryptographic technology" and to distribute it "for all Internet users in all countries".
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ Wassenaar Arrangement which restricts export of munitions and other tools of war.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

.The treaty stipulated that the use of cryptography with short key-lengths (56-bit for symmetric encryption, 512-bit for RSA) would no longer be export-controlled.^ DES has a 64-bit block size and uses a 56-bit key during encryption.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ In 1992, the Software Publishers Association reached agreement with the State Department to allow the export of software that contained RSA's RC2 and RC4 encryption algorithms, but only if the key size was limited to 40 bits as opposed to the 128 bit keys available for use within the US. This significantly reduced the level of privacy produced.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ Cryptography is legally a munition and export is tightly controlled under the EAR Export Administration Regulations.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

[35] .Cryptography exports from the US are now much less strictly regulated than in the past as a consequence of a major relaxation in 2000;[30] there are no longer very many restrictions on key sizes in US-exported mass-market software.^ In general, the restrictions apply even if the software is widely-disseminated or public-domain and even if it came from outside the US originally.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ Cryptography is legally a munition and export is tightly controlled under the EAR Export Administration Regulations.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ In November 1998 the US Government discontinued its usage of the DES system because what was considered secure upon the algorithms conception is no longer so.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.In practice today, since the relaxation in US export restrictions, and because almost every personal computer connected to the Internet, everywhere in the world, includes US-sourced web browsers such as Mozilla Firefox or Microsoft Internet Explorer, almost every Internet user worldwide has access to quality cryptography (i.e., when using sufficiently long keys with properly operating and unsubverted software, etc.^ A major problem in the practical use of single-key cryptography is the key distribution problem .
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ Anyone who runs Linux on a standalone PC will also be able to secure their network connections, without changing their application software or how they operate their computer from day to day.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ This works for all kinds of Internet traffic, including Web access, Telnet, FTP, email, IRC, Usenet, etc.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

) in their browsers; examples are Transport Layer Security or SSL stack. .The Mozilla Thunderbird and Microsoft Outlook E-mail client programs similarly can connect to IMAP or POP servers via TLS, and can send and receive email encrypted with S/MIME.^ To join this mailing list, send email to linux-ipsec-REQUEST@clinet.fi containing a line of text that says "subscribe linux-ipsec".
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ My intent is to send email to the mailing list when I update the page in any significant way, so subscribing to the list is an alternative.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

.Many Internet users don't realize that their basic application software contains such extensive cryptosystems.^ Our goal in the FreeS/WAN project is to build just such "strong cryptographic technology" and to distribute it "for all Internet users in all countries".
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ In reality, cryptography - although obviously essential for the military and diplomatic services - has many commercial uses and applications.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.These browsers and email programs are so ubiquitous that even governments whose intent is to regulate civilian use of cryptography generally don't find it practical to do much to control distribution or use of cryptography of this quality, so even when such laws are in force, actual enforcement is often effectively impossible.^ A major problem in the practical use of single-key cryptography is the key distribution problem .
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ Cryptography is legally a munition and export is tightly controlled under the EAR Export Administration Regulations.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ DES also became widely used in industry, especially regulated industries such as banking.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

NSA involvement

.Another contentious issue connected to cryptography in the United States is the influence of the National Security Agency on cipher development and policy.^ European cryptography dates from the Middle Ages during which it was developed by the Papal and Italian city states.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ As for the security and intelligence agencies of various nations, they may have had DES crackers for years, and theirs may be much faster.
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

^ We believe that such policies are against the interests of consumers and the business community, are largely irrelevant to issues of military security, and provide only a marginal or illusory benefit to law enforcement agencies, ...
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

.NSA was involved with the design of DES during its development at IBM and its consideration by the National Bureau of Standards as a possible Federal Standard for cryptography.^ The main thrust of development has been in the development of block ciphers, beginning with the LUCIFER project at IBM, a direct ancestor of DES (Data Encryption Standard).
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ European cryptography dates from the Middle Ages during which it was developed by the Papal and Italian city states.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ Originally developed by IBM under the name of LUCIFER, the American NSA (National Security Agency - the US equivalent of GCHQ) and the National Institute of Standards and Technology played a substantial role in the final stages of developing DES. DES is the most well known and widely used symmetric algorithm in the world.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

[36] .DES was designed to be resistant to differential cryptanalysis,[37] a powerful and general cryptanalytic technique known to NSA and IBM, that became publicly known only when it was rediscovered in the late 1980s.^ This is the general name for a method of attacking product ciphers called "differential cryptanalysis".
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

[38] According to Steven Levy, IBM rediscovered differential cryptanalysis,[39] but kept the technique secret at NSA's request. The technique became publicly known only when Biham and Shamir re-rediscovered and announced it some years later. .The entire affair illustrates the difficulty of determining what resources and knowledge an attacker might actually have.^ In a ciphertext only attack the cryptanalyst has only the encoded message from which to determine the plaintext, with no knowledge whatsoever of the actual message.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

Another instance of NSA's involvement was the 1993 Clipper chip affair, an encryption microchip intended to be part of the Capstone cryptography-control initiative. Clipper was widely criticized by cryptographers for two reasons. The cipher algorithm was then classified (the cipher, called Skipjack, though it was declassified in 1998 long after the Clipper initiative lapsed). The secret cipher caused concerns that NSA had deliberately made the cipher weak in order to assist its intelligence efforts. The whole initiative was also criticized based on its violation of Kerckhoffs' principle, as the scheme included a special escrow key held by the government for use by law enforcement, for example in wiretaps.[33]

Digital rights management

.Cryptography is central to digital rights management (DRM), a group of techniques for technologically controlling use of copyrighted material, being widely implemented and deployed at the behest of some copyright holders.^ Although single-key cryptography has been in use for centuries, public key cryptography is a relatively new invention with the first discussion about the subject in open literature being in 1976.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ E. C. Tan , P. C. Leong , L. T. Sio, Group-Access Control of Confidential Files in E-Commerce Management Using Shared-Secret Scheme, Electronic Commerce Research, v.2 n.1-2, p.151-158, January-April 2002 .
  • Cryptography and data security 10 February 2010 13:51 UTC portal.acm.org [Source type: Academic]

.In 1998, American President Bill Clinton signed the Digital Millennium Copyright Act (DMCA), which criminalized all production, dissemination, and use of certain cryptanalytic techniques and technology (now known or later discovered); specifically, those that could be used to circumvent DRM technological schemes.^ In using RSA it has always been suggested to use "strong" primes which have certain properties making their product especially difficult to factor using certain factoring methods.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ This example used small primes so it can be seen that the product, n , is not at all difficult to factor to retrieve the original primes.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

[40] This had a noticeable impact on the cryptography research community since an argument can be made that any cryptanalytic research violated, or might violate, the DMCA. Similar statutes have since been enacted in several countries and regions, including the implementation in the EU Copyright Directive. Similar restrictions are called for by treaties signed by World Intellectual Property Organization member-states.
.The United States Department of Justice and FBI have not enforced the DMCA as rigorously as had been feared by some, but the law, nonetheless, remains a controversial one.^ Attempts to set-up some sort of escrow key system such as what the United States government attempted with the clipper clip may be successful, or they may not.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ This has lead to some pretty strange decisions on the part of governments, particularly the United States government.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

One well-respected cryptography researcher, Niels Ferguson, has publicly stated[41] that he will not release some of his research into an Intel security design for fear of prosecution under the DMCA, and both Alan Cox (longtime number 2 in Linux kernel development) and Professor Edward Felten (and some of his students at Princeton) have encountered problems related to the Act. Dmitry Sklyarov was arrested during a visit to the US from Russia, and jailed for some months for alleged violations of the DMCA which had occurred in Russia, where the work for which he was arrested and charged was then, and when he was arrested, legal. In 2007, the cryptographic keys responsible for Blu Ray and HD DVD content scrambling were discovered and released onto the Internet. .Both times, the MPAA sent out numerous DMCA takedown notices, and there was a massive internet backlash as a result of the implications of such notices on fair use and free speech both legally protected in the US and in some other jurisdictions.^ Although field cipher systems such as the U.S. Signal Corps cipher disk lacked sophistication some complicated cipher systems were used for high-level communications by the end of the war.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

See also

Notes

  1. ^ Liddell and Scott's Greek-English Lexicon. Oxford University Press. (1984)
  2. ^ a b c d David Kahn, The Codebreakers, 1967, ISBN 0-684-83130-9.
  3. ^ Oded Goldreich, Foundations of Cryptography, Volume 1: Basic Tools, Cambridge University Press, 2001, ISBN 0-521-79172-3
  4. ^ "Cryptology (definition)". Merriam-Webster's Collegiate Dictionary (11th edition ed.). Merriam-Webster. http://www.merriam-webster.com/dictionary/cryptology. Retrieved 2008-02-01. 
  5. ^ Kama Sutra, Sir Richard F. Burton, translator, Part I, Chapter III, 44th and 45th arts.
  6. ^ Ibrahim A. Al-Kadi (April 1992), "The origins of cryptology: The Arab contributions”, Cryptologia 16 (2): 97–126
  7. ^ Hakim, Joy (1995). A History of Us: War, Peace and all that Jazz. New York: Oxford University Press. ISBN 0-19-509514-6. 
  8. ^ James Gannon, Stealing Secrets, Telling Lies: How Spies and Codebreakers Helped Shape the Twentieth Century, Washington, D.C., Brassey's, 2001, ISBN 1-57488-367-4.
  9. ^ a b c Whitfield Diffie and Martin Hellman, "New Directions in Cryptography", IEEE Transactions on Information Theory, vol. IT-22, Nov. 1976, pp: 644–654. (pdf)
  10. ^ a b c d e f AJ Menezes, PC van Oorschot, and SA Vanstone, Handbook of Applied Cryptography ISBN 0-8493-8523-7.
  11. ^ FIPS PUB 197: The official Advanced Encryption Standard.
  12. ^ NCUA letter to credit unions, July 2004
  13. ^ RFC 2440 - Open PGP Message Format
  14. ^ SSH at windowsecurity.com by Pawel Golen, July 2004
  15. ^ a b Bruce Schneier, Applied Cryptography, 2nd edition, Wiley, 1996, ISBN 0-471-11709-9.
  16. ^ National Institute of Standards and Technology
  17. ^ Whitfield Diffie and Martin Hellman, "Multi-user cryptographic techniques" [Diffie and Hellman, AFIPS Proceedings 45, pp109–112, June 8, 1976].
  18. ^ Ralph Merkle was working on similar ideas at the time and encountered publication delays, and Hellman has suggested that the term used should be Diffie-Hellman-Merkle aysmmetric key cryptography.
  19. ^ David Kahn, "Cryptology Goes Public", 58 Foreign Affairs 141, 151 (fall 1979), p. 153.
  20. ^ R. Rivest, A. Shamir, L. Adleman. A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. Communications of the ACM, Vol. 21 (2), pp.120–126. 1978. Previously released as an MIT "Technical Memo" in April 1977, and published in Martin Gardner's Scientific American Mathematical recreations column
  21. ^ Clifford Cocks. A Note on 'Non-Secret Encryption', CESG Research Report, 20 November 1973.
  22. ^ "Shannon": Claude Shannon and Warren Weaver, The Mathematical Theory of Communication, University of Illinois Press, 1963, ISBN 0-252-72548-4
  23. ^ Pascal Junod, "On the Complexity of Matsui's Attack", SAC 2001.
  24. ^ Dawn Song, David Wagner, and Xuqing Tian, "Timing Analysis of Keystrokes and Timing Attacks on SSH", In Tenth USENIX Security Symposium, 2001.
  25. ^ S. Brands, "Untraceable Off-line Cash in Wallets with Observers", In Advances in Cryptology — Proceedings of CRYPTO, Springer-Verlag, 1994.
  26. ^ László Babai. "Trading group theory for randomness". Proceedings of the Seventeenth Annual Symposium on the Theory of Computing, ACM, 1985.
  27. ^ S. Goldwasser, S. Micali, and C. Rackoff, "The Knowledge Complexity of Interactive Proof Systems", SIAM J. Computing, vol. 18, num. 1, pp. 186–208, 1989.
  28. ^ G. Blakley. "Safeguarding cryptographic keys." In Proceedings of AFIPS 1979, volume 48, pp. 313–317, June 1979.
  29. ^ A. Shamir. "How to share a secret." In Communications of the ACM, volume 22, pp. 612–613, ACM, 1979.
  30. ^ a b RSA Laboratories' Frequently Asked Questions About Today's Cryptography
  31. ^ Cryptography & Speech from Cyberlaw
  32. ^ "Case Closed on Zimmermann PGP Investigation", press note from the IEEE.
  33. ^ a b Levy, Steven (2001). "Crypto: How the Code Rebels Beat the Government — Saving Privacy in the Digital Age. Penguin Books. pp. 56. ISBN 0-14-024432-8. OCLC 48066852 48846639 244148644 48066852 48846639. 
  34. ^ Bernstein v USDOJ, 9th Circuit court of appeals decision.
  35. ^ The Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies
  36. ^ "The Data Encryption Standard (DES)" from Bruce Schneier's CryptoGram newsletter, June 15, 2000
  37. ^ Coppersmith, D. (May 1994). "The Data Encryption Standard (DES) and its strength against attacks" (PDF). IBM Journal of Research and Development 38 (3): 243. http://www.research.ibm.com/journal/rd/383/coppersmith.pdf. 
  38. ^ E. Biham and A. Shamir, "Differential cryptanalysis of DES-like cryptosystems", Journal of Cryptology, vol. 4 num. 1, pp. 3–72, Springer-Verlag, 1991.
  39. ^ Levy, pg. 56
  40. ^ Digital Millennium Copyright Act
  41. ^ http://www.macfergus.com/niels/dmca/cia.html

Further reading

  • Becket, B (1988). Introduction to Cryptology. Blackwell Scientific Publications. .ISBN 0-632-01836-4. OCLC 16832704.  Excellent coverage of many classical ciphers and cryptography concepts and of the "modern" DES and RSA systems.
  • Cryptography and Mathematics by Bernhard Esslinger, 200 pages, part of the free open-source package CrypTool, PDF download.
  • In Code: A Mathematical Journey by Sarah Flannery (with David Flannery).^ Lattices and Cryptography:An Overview of Recent Results with Emphasis on RSA and NTRU Cryptosystems PDF Presentation .
    • NYU Cryptography Seminar 10 February 2010 13:51 UTC www.cs.nyu.edu [Source type: Academic]

    .Popular account of Sarah's award-winning project on public-key cryptography, co-written with her father.
  • James Gannon, Stealing Secrets, Telling Lies: How Spies and Codebreakers Helped Shape the Twentieth Century, Washington, D.C., Brassey's, 2001, ISBN 1-57488-367-4.
  • Oded Goldreich, Foundations of Cryptography, in two volumes, Cambridge University Press, 2001 and 2004.
  • Introduction to Modern Cryptography by Jonathan Katz and Yehuda Lindell.^ A solution to the key distribution problem can be found in public key, or two-key, cryptography.
    • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

    ^ Heeralal Janwa , Oscar Moreno, McEliece Public Key Cryptosystems Using Algebraic-Geometric Codes, Designs, Codes and Cryptography, v.8 n.3, p.293-307, June 1996 .
    • Cryptography and data security 10 February 2010 13:51 UTC portal.acm.org [Source type: Academic]

    ^ For two-key cryptography to be possible a cryptosystem must have the following properties: .
    • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

    .[1].
  • Alvin's Secret Code by Clifford B. Hicks (children's novel that introduces some basic cryptography and cryptanalysis).
  • Ibrahim A. Al-Kadi, "The Origins of Cryptology: the Arab Contributions," Cryptologia, vol.^ Deavours, C. A., "Unicity Points in Cryptanalysis," Cryptologia Vol.
    • Cryptography and data security 10 February 2010 13:51 UTC portal.acm.org [Source type: Academic]

    ^ Sam, E., "Musical Cryptography," Cryptologia Vol.
    • Cryptography and data security 10 February 2010 13:51 UTC portal.acm.org [Source type: Academic]

    16, no. .2 (April 1992), pp. 97–126.
  • Handbook of Applied Cryptography by A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone CRC Press, (PDF download available), somewhat more mathematical than Schneier's Applied Cryptography.
  • Christof Paar, Jan Pelzl, Understanding Cryptography, A Textbook for Students and Practitioners. Springer, 2009. Very accessible introduction to practical cryptography for non-mathematicians.
  • Introduction to Modern Cryptography by Phillip Rogaway and Mihir Bellare, a mathematical introduction to theoretical cryptography including reduction-based security proofs.^ Within a matter of a few decades computers many more times powerful than those available today will be in use.
    • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

    ^ Obviously, to even approach an acceptable level of security, the route would have to be much more complicated than the one in this example.
    • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

    ^ Digraphs, for example, show a strong frequency distribution - TH occurs very often, about 20 times more often than HT and so on.
    • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

    .PDF download.
  • Cryptonomicon by Neal Stephenson (novel, WW2 Enigma cryptanalysis figures into the story, though not always realistically).
  • Johann-Christoph Woltag, 'Coded Communications (Encryption)' in Rüdiger Wolfrum (ed) Max Planck Encyclopedia of Public International Law (Oxford University Press 2009).^ Because public key cryptography relies on "hard" mathematical problems, their cryptanalysis is essentially research into solving the underlying mathematical problems.
    • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

    ^ Cryptanalysis of public key ciphers is therefore virtually indistinguishable from research into any other area of mathematics.
    • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

    ^ Cryptanalysis Types Of Cryptanalysis Types Of Cryptanalytic Attacks Frequency Tables Cryptanalysis Of Public Key Ciphers A Triumph of Cryptanalysis - Enigma What Was Enigma?
    • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

    *"Max Planck Encyclopedia of Public International Law". http://www.mpepil.com. , giving an overview of international law issues regarding cryptography.

External links


Quotes

Up to date as of January 14, 2010

From Wikiquote

.Cryptography is is the practice and study of hiding information.^ The basic functionality of cryptography is to hide information.
  • Public Key Cryptography 10 February 2010 13:51 UTC www.acm.org [Source type: Academic]

^ Practically everyone agrees that cryptography is an essential information security tool, and that it should be readily available to users.

^ Cryptanalysts practicing Cryptanalysis — revealing information hidden by cryptography using analytical and mathematical techniques, without the consent of the cryptographer.
  • Cryptography & Encryption 10 February 2010 13:51 UTC www.wilsonmar.com [Source type: Reference]

.In modern times cryptography is considered a branch of both mathematics and computer science and is affiliated closely with information theory, computer security and engineering.^ Cryptography is one of pillars of information security.
  • Guide to Cryptography - OWASP 10 February 2010 13:51 UTC www.owasp.org [Source type: Reference]

^ It might also be considered a branch of information security or of engineering .
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ Cryptography is a branch of mathematics that has powerful implications for data security.
  • MIDP Application Security 1: Design Concerns and Cryptography 10 February 2010 13:51 UTC developers.sun.com [Source type: FILTERED WITH BAYES]

Sourced

  • This method, seemingly very clever, actually played into our hands! And so it often happens that an apparently ingenious idea is in fact a weakness which the scientific cryptographer seizes on for his solution. .
  • Few false ideas have more firmly gripped the minds of so many intelligent men than the one that, if they just tried, they could invent a cipher that no one could break.^ They must have tried; the cipher was an American standard and widely used.
    • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

    ^ They say that a secret is not a secret if it is known to more than one person.
    • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

    ^ And since Bill is the only one who has his private key, no one other than Bill (and anybody else who he authorizes to use his private key) can read the encrypted message that I have sent to him.

    .
  • The multiple human needs and desires that demand privacy among two or more people in the midst of social life must inevitably lead to cryptology wherever men thrive and wherever they write.^ If you guys have seen David Kahn's Codebreakers, then you must understand that the subject of cryptography is deep in variable and can be seen as one of the genius things occuring in history.
    • Books about Cryptography 10 February 2010 13:51 UTC www.watermarker.com [Source type: General]

    ^ The bill will give police the power to demand decryption keys from anyone they suspect of possessing them, and failure to hand keys over can lead to a two-year jail sentence.
    • Discourse.net: Cryptography Archives 10 February 2010 13:51 UTC www.discourse.net [Source type: General]

    ^ Some people tend to use signatures more than they use encryption.
    • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

    .
  • "The magic words are squeamish ossifrage"
    • Plaintext of the message encoded in RSA-129, given in Martin Gardner's 1977 "Mathematical Games" column about RSA.
  • Feistel and Coppersmith rule.^ If you guys have seen David Kahn's Codebreakers, then you must understand that the subject of cryptography is deep in variable and can be seen as one of the genius things occuring in history.
    • Books about Cryptography 10 February 2010 13:51 UTC www.watermarker.com [Source type: General]

    ^ Novel techniques for confidentiality are interesting in part because of the current debate about cryptographic policy as to whether law enforcement should be given when authorized surreptitious access to the plaintext of encrypted messages.
    • Cryptography: Middle of Nowhere Collection 10 February 2010 13:51 UTC virtualschool.edu [Source type: FILTERED WITH BAYES]

    ^ The classic book on the history of cryptography is David Kahn's The Codebreakers .
    • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

    Sixteen rounds and one hell of an avalanche. .
    • Quoted by Stephan Eisvogel in de.comp.security
  • For the computer security community, the moral is obvious: if you are designing a system whose functions include providing evidence, it had better be able to withstand hostile review.^ Communications and Computer Security, 1994.

    ^ Cryptography is one of the most intimidating aspects of computer security, conjuring up, as it does, such concepts as hash functions and public-key infrastructures.

    ^ ColdFusion can leverage the algorithms, feedback modes, and padding methods of third-party Java security providers to strengthen its cryptography functions.
    • Guide to Cryptography - OWASP 10 February 2010 13:51 UTC www.owasp.org [Source type: Reference]

  • When a cryptanalyst starts out trying to analyze a new algorithm, his first thought is probably: "Yikes.^ Weaknesses are discovered in old ciphers that were previously thought to be secure, thus ratifying the approaches that cryptologists take to devise new algorithms.
    • Cryptography [Cigital Labs] 10 February 2010 13:51 UTC www.cigital.com [Source type: Academic]

    ^ The functions provided here in basConvert and basUnsignedWord (new revised as at 25 June 2008) can help you manage some of these issues in your code.
    • Cryptography Software Code in Visual Basic and C 10 February 2010 13:51 UTC www.di-mgt.com.au [Source type: Reference]

    ^ To use public-key cryptography to digitally sign a message, Alice first applies a hash algorithm to the message to create a message digest.
    • Cryptography Overview 10 February 2010 13:51 UTC msdn.microsoft.com [Source type: Reference]

    What a mess. .I'll never make sense of this". So there are all sorts of tricks to help you start to probe into the convoluted innards of the cipher.^ The advantage of transposition ciphers is that, though they preserve the standard frequency table of letters, the results make no sense.
    • Cryptography 10 February 2010 13:51 UTC www.skypoint.com [Source type: Original source]

    ^ But nobody seems to notice that there are all these things you get to do that you've never done before.
    • Discourse.net: Cryptography Archives 10 February 2010 13:51 UTC www.discourse.net [Source type: General]

    ^ However, there was a great risk inherent in this single-key system: if you lose that single key, then you risk losing all the information that was encrypted by that key.

    One of these is to attack a weakened version. .Later, he may be able to extend the attack to the full strength version; or, if this cannot be done, the reason why it can't at least gives some insight into the strengths and weaknesses of the cipher.
  • There is also a side benefit: the difference in strength made by even really subtle changes warns us just how tricky crypto can be...^ It also offers reasons why to use it and how to it.
    • Cryptography 10 February 2010 13:51 UTC csc.colstate.edu [Source type: FILTERED WITH BAYES]

    ^ That, in fact, appears to be why we can't solve the Babylonian cipher cited above: We don't have the first part of the ciphertext to give us some idea of what we're looking at!
    • Cryptography 10 February 2010 13:51 UTC www.skypoint.com [Source type: Original source]

    ^ It explains how they work and gives some examples of how they are used.
    • Cryptography 10 February 2010 13:51 UTC csc.colstate.edu [Source type: FILTERED WITH BAYES]

    .
    • R. Fleming in message <-0703971850220001@mg4-48.its.utas.edu.au> of sci.crypt
  • Due to the suspicious nature of crypto users I have a feeling DES will be with us forever, we will just keep adding keys and cycles...^ Furthermore, the single-key system always required that you transport the key needed to decrypt the encrypted message, which added a further risk that the key would be lost during transport.

    ^ To ensure that law enforcement officials could easily tap Clipper-encrypted messages, the government would keep copies of each of the Clipper decoding keys.

    ^ Keep in mind here that I used the same key to encrypt the message (i.e., numbers in the message to be replaced by the corresponding letter in the alphabet) as Bill used to decrypt the message.

    .
    • Colin Dooley, in message <34C5021A.ABD@medit3d.com> of sci.crypt
  • The NSA response was, "Well, that was interesting, but there aren't any ciphers like that."^ Brute force attacks on ciphers work very well on parallel hardware; in effect you can make them as fast as you like if you have the budget.
    • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

    ^ The IV in Block Cipher CBC Mode (2001) (186K) Can a non-crippie with a simple question get a simple authoritative answer on sci.crypt?
    • Ciphers By Ritter: Cryptography and Technology 10 February 2010 13:51 UTC ciphersbyritter.com [Source type: Academic]

    ^ Various interesting discussions from Usenet, typically from the sci.crypt newsgroup.
    • Ciphers By Ritter: Cryptography and Technology 10 February 2010 13:51 UTC ciphersbyritter.com [Source type: Academic]

    .
    • Gustavus J. Simmons, "The History of Subliminal Channels", in IEEE Journal on Selected Areas in Communication, pages 452-462, v.^ A Subliminal Channel in Secret Block Ciphers A. Young, M. Yung Selected Areas in Cryptography, August 9-10, 2004.
      • Cryptography [Cigital Labs] 10 February 2010 13:51 UTC www.cigital.com [Source type: Academic]

      ^ IEEE Selected Areas of Communication, 1(4), 458--466, 1990.
      • Cryptography FAQ (10/10: References) 10 February 2010 13:51 UTC www.faqs.org [Source type: Academic]

      ^ L. Harn , D. Huang, A Protocol for Establishing Secure Communication Channels in a Large Network, IEEE Transactions on Knowledge and Data Engineering, v.6 n.1, p.188-191, February 1994 .
      • Cryptography and data security 10 February 2010 13:51 UTC portal.acm.org [Source type: Academic]

      16, n. .4, 1998.
  • The real work in an attack, at least an attack against a well-designed cipher, is modifying the attack technique so that it works.^ It is difficult to make most computer applications work well on parallel machines, or to design specialised hardware to accelerate them.
    • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

    ^ If you are interested in the principles behind the design and attack of block ciphers, see this tutorial by Howard Heys and this course by David Wagner.
    • COS 433, Fall 2005: Home Page 10 February 2010 13:51 UTC www.cs.princeton.edu [Source type: FILTERED WITH BAYES]

    ^ The Value of Cryptanalysis (1998) (949K) A major discussion starting from Schneier's "Memo to the Amateur Cipher Designer" and continuing from there.
    • Ciphers By Ritter: Cryptography and Technology 10 February 2010 13:51 UTC ciphersbyritter.com [Source type: Academic]

    .Knudsen's papers are an excellent example of this; he is a master at making an attack work where others have failed.^ We might, for example, make the connection between A and C slightly more likely, while making other connections slightly less likely.
    • Cryonics and Cryptography 10 February 2010 13:51 UTC www.alcor.org [Source type: FILTERED WITH BAYES]

    ^ This book makes effective use of examples and figures to illustrate network infrastructure attacks from a theoretical point of view.
    • Books about Cryptography 10 February 2010 13:51 UTC www.watermarker.com [Source type: General]

    ^ If we assign the letters A through Z to the contacts on one face, and do the same to the contacts on the other face, then connecting the "P" on one face to a battery might make a voltage appear on (for example) the "H" on the other face.
    • Cryonics and Cryptography 10 February 2010 13:51 UTC www.alcor.org [Source type: FILTERED WITH BAYES]

    Differentials work where characteristics don't. Truncated differentials work where normal differentials don't. .Even this year's exciting find, impossible differentials, are simply another way at looking at a differential attack.^ It's called a one-way hash because it's computationally infeasible to find the original message from the digest or to create another message that produces the same result.
    • Cryptography Software Code in Visual Basic and C 10 February 2010 13:51 UTC www.di-mgt.com.au [Source type: Reference]

    ^ V. Another Way to Look at the Encryption Policy Debate: Individuals vs. Marketeers .

    ^ Section V (Another Way to Look at the Encryption Policy Debate: Individuals v.

    A cryptanalyst with a "menu" would have never found any of those attacks, and would have broken far fewer ciphers. .
    • , in message <35f52432.869733@news.visi.com> of sci.crypt.
  • The obvious mathematical breakthrough would be development of an easy way to factor large prime numbers.^ All in Good Time - By Jeff Forristal April 12, 2002; This article discusses using specialized hardware to factor encryption keys using large prime numbers.
    • Cryptography 10 February 2010 13:51 UTC csc.colstate.edu [Source type: FILTERED WITH BAYES]

    ^ As an illustration of this: imagine you were to take two very large prime numbers say, 200 digits long, and were then to multiply them together.
    • An intro to Elliptical Curve Cryptography 10 February 2010 13:51 UTC www.deviceforge.com [Source type: FILTERED WITH BAYES]

    ^ Design an efficient algorithm (polynomial in the number of bits in N) to determine if N is a perfect power, and if so, find its prime factorization.

    .
    • The first edition of The Road Ahead, , page 265.
  • The point of academic attacks is not exhibiting practical breaks; the point is that only a trained cryptographer can tell whether a given algorithm is secure or not.^ ETSI Security Algorithms Cryptography and Braid Groups David Hopwood's Standard Cryptographic Algorithm Naming Pages (including lots of algorithm details) Weaknesses in hash functions: "Finding Collisions in the Full SHA-1" (Wang et al.

    ^ ECC as the Answer for High Security and for the Future Consider these three facets of the problem, now: First, the fact that the security and practicality of a given asymmetric cryptosystems relies upon the difference in difficulty between doing a given operation and its inverse.
    • An intro to Elliptical Curve Cryptography 10 February 2010 13:51 UTC www.deviceforge.com [Source type: FILTERED WITH BAYES]

    ^ Practical Attacks on PGP - by Joel McNamara (1997), The paper describes several attacks that can compromise PGP security in the Windows Environment such as Operating System Attacks, Network Attacks, and Electronic Attacks.
    • Cryptography 10 February 2010 13:51 UTC csc.colstate.edu [Source type: FILTERED WITH BAYES]

    .The author of an algorithm says: "My cipher is secure, and trust me, I am an expert at this.^ Weaknesses are discovered in old ciphers that were previously thought to be secure, thus ratifying the approaches that cryptologists take to devise new algorithms.
    • Cryptography [Cigital Labs] 10 February 2010 13:51 UTC www.cigital.com [Source type: Academic]

    ^ The Illusion of Security (2000) (162K) Everyone trusts our well-known ciphers, but they should not.
    • Ciphers By Ritter: Cryptography and Technology 10 February 2010 13:51 UTC ciphersbyritter.com [Source type: Academic]

    ^ Today, however, we use ciphers in which the algorithm for encrypting and decrypting could be revealed to anybody without compromising the security of a particular message.
    • Quantum Cryptography: Privacy Through Uncertainty 10 February 2010 13:51 UTC www.csa.com [Source type: FILTERED WITH BAYES]

    .And to prove that I am a real good expert, I challenge other experts to find even the most impractical, academic flaw in my cipher".
  • Just like glue.^ They denied this to my face - even though I'd sat through the debate in the Lords, in the opposition experts' box.
    • Discourse.net: Cryptography Archives 10 February 2010 13:51 UTC www.discourse.net [Source type: General]

    ^ Now, the message 8-5-12-12-15 seems like gibberish and may not be understood by a hacker, even if she is able to intercept my message.

    ^ David Hopwood: "It would also be a weakness in the cipher if it were possible, given some subset of the plaintext/ciphertext pairs, to find other plaintext/ciphertext pairs...."
    • Ciphers By Ritter: Cryptography and Technology 10 February 2010 13:51 UTC ciphersbyritter.com [Source type: Academic]

    Commercial ads state that the foobar glue can stick an elephant to the ceiling. Who needs to stick an elephant to the ceiling? But if it can do that, people will trust its sticking strength. .
    • Thomas Pornin, in message <8rf05j$2np9$1@nef.ens.fr> of sci.crypt
  • We didn't do this with just a pencil and some paper.^ Anyone wanting to send confidential, or maybe even just personal, messages via e-mail needs to find some other means of protecting them.
    • An Introduction to Cryptography 10 February 2010 13:51 UTC www.isaca.org [Source type: FILTERED WITH BAYES]

    ^ A summarized message gives no clue to its meaning; it's just some sequence which equates to the value of the message.
    • Cryptography 10 February 2010 13:51 UTC www.skypoint.com [Source type: Original source]

    Lots of our notes are in pen. We didn't need to erase much.
    • Tim Hollebeek and John Viega, on breaking defective crypto in Netscape's mail password saver; quoted in RISKS Digest Vol. .20 Issue 68.
  • If you think cryptography is the answer to your problem, then you don't know what your problem is.^ If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology.
    • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

    ^ This works if you know the owner's voice, but, how do you manually verify the identity of someone you don't know?
    • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

    ^ This over-optimism may be inherent in cryptography for it was then, and remains today, fundamentally difficult to accurately know how vulnerable your system actually is.
    • Cryptography - GHN 10 February 2010 13:51 UTC www.ieeeghn.org [Source type: FILTERED WITH BAYES]

    • Peter G. Neumann, quoted in the New York Times, February 20 2001.

Unsourced

.
  • Linear improvements in compute power can't stand up to exponential improvements in difficulty.^ No one has proven that the strongest encryption obtainable today will hold up under tomorrow's computing power.
    • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

    • Anonymous
  • When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl. .
    • Anonymous
  • The law does not allow me to testify on any aspect of the National Security Agency, even to the Senate Intelligence Committee.^ The difficult question of how to communicate secret keys securely does not need to even be asked; the private keys are never communicated and there is no requirement that communication of public keys be done securely.
    • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

    ^ The National Security Agency also designed a more advanced chip called Capstone as part of the Multilevel Information System Security Initiative (MISSI).

    ^ They are more in step with the economic realities of the Information Age, while protecting our nations vital security and law enforcement needs.

    • Lt. General Lew Allen Jr., Director of the NSA. (Probably from The Puzzle Palace by James Bamford.)
    • .
  • The best system is to use a simple, well understood algorithm which relies on the security of a key rather than the algorithm itself.^ Early Unix systems used DES but used the password as key rather than as plaintext so the algorithm was not reversible [9] .
    • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

    ^ He can reply securely using her public key.
    • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

    ^ Decryption using the private key is as well.
    • An intro to Elliptical Curve Cryptography 10 February 2010 13:51 UTC www.deviceforge.com [Source type: FILTERED WITH BAYES]

    .This means if anybody steals a key, you could just roll another and they have to start all over.^ Such key storage systems are distinct from public key infrastructures for certification of public keys -- another kind of trusted service which a TTP could provide -- although the two services could be combined.
    • Report on Background and Issues of Cryptography Policy 10 February 2010 13:51 UTC www.cybercrime.gov [Source type: Reference]

    ^ All you need is a public key and a private key.
    • Public Key Cryptography 10 February 2010 13:51 UTC www.acm.org [Source type: Academic]

    ^ You could simply encrypt only to those keys which have been physically handed to you.
    • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

    .
    • Andrew Carol
  • Am I being overly harsh or do others think that the multi-thousand bit key is about sowing fear, uncertainty, and doubt for commercial gain?^ Ten Risks of PKI: What You're not Being Told about Public Key - Extremely interesting and well-written article titled, "Ten Risks of PKI: What You're not Being Told about Public Key Infrastructure."
    • Cryptography 10 February 2010 13:51 UTC csc.colstate.edu [Source type: FILTERED WITH BAYES]

    ^ We think of the keys as integers, but they are really just sequences of bits, say 1024.

    ^ Of course this also applies to any other cipher with only a 56-bit key .
    • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

    DES? Not big enough! Triple DES? Not big enough! IDEA? Not big enough! What you need is Dr. Phineas P. Snakeoil's mystery elixir! Filled with matrices and Galois fields to improve the digestion of dyspeptic managers everywhere! .Step right up and get a whole case full!^ If you have the resources, consider going one step further and setting up a mirror site for the whole munitions Linux crypto software archive.
    • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

    Don't ask what's inside ladies and gentlemen! It's a patent medicine that is only available here. .
    • Stephen M. Gardner
  • The NSA regularly lies to people who ask it for advice on export control.^ Bruce Schneier, Counterpane Systems The NSA regularly lies to people who ask it for advice on export control.
    • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

    .They have no reason not to; accomplishing their goal by any legal means is fine by them.^ They have no reason not to; accomplishing their goal by any legal means is fine by them.
    • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

    .Lying by government employees is legal.^ Lying by government employees is legal.
    • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

      • In cyberspace everyone will be anonymous for 15 minutes.
    • Graham Greenleaf
  • Cryptography, at least in its public embodiment, is finally, slowly, and painfully becoming a science. .Part of that evolution is the dawning of an understanding of exactly what cryptographic guarantees mean, and how delicate they can be.^ This paper discusses public key cryptographic algorithms and how they are used in practical E-commerce applications.
    • Public Key Cryptography 10 February 2010 13:51 UTC www.acm.org [Source type: Academic]

    ^ Active Boolean Function Nonlinearity Measurement in JavaScript (41K) A detailed discussion of cryptographic Boolean function nonlinearity, what it means and how it is computed, with active JavaScript panels to perform the computation.
    • Ciphers By Ritter: Cryptography and Technology 10 February 2010 13:51 UTC ciphersbyritter.com [Source type: Academic]

    .I think it's safe to say that not a single cryptographic claim made in any paper published before, oh, 1985 or so (perhaps even as late as 1990) could be fully justified today.^ GCHQ has released documents claiming they had developed public key cryptography before the publication of Diffie and Hellman's paper.
    • Cryptography - GHN 10 February 2010 13:51 UTC www.ieeeghn.org [Source type: FILTERED WITH BAYES]

    ^ It has also seen an increase in the number of unsubstantiated, wild claims made about so-called weaknesses in many cryptographic systems.
    • An Introduction to Cryptography 10 February 2010 13:51 UTC www.isaca.org [Source type: FILTERED WITH BAYES]

    .(Of course, the better work was usually almost correct, but the theoretical underpinning was simply not there to even state the claims in a way that could be properly formalized.^ Substates leading to a positive end state While it was almost impossible to envision in 1787 – or even in the 1830's – we now know that, as depicted in Figure 5 above, there was a sequence of substates that led to a new state in which slavery not only was abolished, but had no possibility of returning.
    • Soaring, Cryptography and Nuclear Weapons 10 February 2010 13:51 UTC nuclearrisk.org [Source type: Original source]

    ^ I just wish financialcryptography.com would format its RSS feed in a way my reader could parse better… .
    • Discourse.net: Cryptography Archives 10 February 2010 13:51 UTC www.discourse.net [Source type: General]

    ^ There is even a little math thrown in for good measure, in the explanation of how the algorithms work.
    • Cryptography 10 February 2010 13:51 UTC csc.colstate.edu [Source type: FILTERED WITH BAYES]

    ) .
    • Jerry Leichter
  • BTW, I learned a lovely new acronym today: "Law Enforcement Agency Key" -- LEAK.
    • Charles H. Lindsey
  • The notion that an anonymous posting needs to be traceable to its source is a product of the unification of the old time conservative desire to squelch free speech with the new fangled politically correct liberal desire to squelch free speech.^ This focuses attention on the classic dilemma of balancing individuals' and companies' rights to privacy with law enforcement agencies' claims that to combat crime, terrorism, etc., they need to be able to monitor all traffic over public networks.
    • An Introduction to Cryptography 10 February 2010 13:51 UTC www.isaca.org [Source type: FILTERED WITH BAYES]

    ^ These new liberalized laws adopted much of what had been proposed in the Security and Freedom Through Encryption Act.

    ^ Senator Judd Gregg (R-N.H.) is pushing legislation that would give law enforcement entities a "master key," granting full backdoor access to all encryption products made in the United States.
    • Cryptography 10 February 2010 13:51 UTC csc.colstate.edu [Source type: FILTERED WITH BAYES]

    • Perry E. Metzger
  • The right to speak PGP is the right to speak Navajo. .
      • So we must see that the balance we strike when we destroy all control over encryption is rather more complicated than the policemen let on when they talk about the crimes they would not have prevented without wiretapping.^ This focuses attention on the classic dilemma of balancing individuals' and companies' rights to privacy with law enforcement agencies' claims that to combat crime, terrorism, etc., they need to be able to monitor all traffic over public networks.
        • An Introduction to Cryptography 10 February 2010 13:51 UTC www.isaca.org [Source type: FILTERED WITH BAYES]

        ^ If the key is 128 bits long, attempting to crack the code without the key would be 4.7 sextillion (4,700,000,000,000,000,000,000) times more difficult than cracking a 56-bit key (which itself has 72 quadrillion possible combinations)!

        ^ For more details see the Blowfish VB Demo Page or, for a more complicated example showing CBC mode and raw encryption, see the Blowfish Extended VB Demo Page .
        • Cryptography Software Code in Visual Basic and C 10 February 2010 13:51 UTC www.di-mgt.com.au [Source type: Reference]

        .It is also about the crimes we will prevent when people may speak freely, everywhere, all the time.^ Thanks to all the people who have taken the time to write and suggest changes or improvements to the work on this and associated pages.
        • Cryptography Software Code in Visual Basic and C 10 February 2010 13:51 UTC www.di-mgt.com.au [Source type: Reference]

        ^ This code may be freely distributed with due acknowledgement to all its fathers.
        • Cryptography Software Code in Visual Basic and C 10 February 2010 13:51 UTC www.di-mgt.com.au [Source type: Reference]

        ^ FreeS/WAN automatically encrypts data as it crosses the Internet, to prevent unauthorized people from receiving or modifying it.
        • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

        The good that will come from that is hard to overestimate.
      • How long before we Americans are reduced to doing crypto with a deck of cards? .(See Bruce Schneier's Solitaire).
    • Mordy Ovits
  • Note to amateur cryptographers: simple analysis is a good thing, if it doesn't weaken the cipher.^ Designing a good cryptographic primitive — a block cipher , stream cipher or cryptographic hash — is indeed a tricky business, but for most applications designing new primitives is unnecessary.
    • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

    ^ Block ciphers are usual for things like encrypting disk blocks, or network traffic at the packet level (see IPsec ), or email messages ( PGP ).
    • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

    ^ Bruce Schneier in 2002 (see the references section) recommended the following key lengths for circa 2005 threats: .
    • Guide to Cryptography - OWASP 10 February 2010 13:51 UTC www.owasp.org [Source type: Reference]

    ... .It's better to be able to prove that an attack won't work than to have to guess that it won't because it's too much work.^ In hardware, mixing ciphers can be much faster than most other block cipher approaches because all mixings can operate simultaneously.
    • Ciphers By Ritter: Cryptography and Technology 10 February 2010 13:51 UTC ciphersbyritter.com [Source type: Academic]

    ^ This works much like a stream cipher, but it does not need to generate a pseudo-random stream because its key is a truly random stream as long as the message .
    • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

    ^ Though we are putting effort into protecting against active attacks, it's a much bigger job than merely providing strong encryption.
    • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

    .
    • Colin Plumb
  • The wire protocol guys don't worry about security because that's really a network protocol problem.^ If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology.
    • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

    ^ RSA Data Security is coordinating the S/Wan (Secure Wide Area Network) project among more than a dozen vendors who use these protocols.
    • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

    ^ The systems avoid the key distribution problem, but unfortunately their security depends on unproven mathematical assumptions about the intrinsic difficulty of certain operations.
    • Quantum Cryptography: Privacy Through Uncertainty 10 February 2010 13:51 UTC www.csa.com [Source type: FILTERED WITH BAYES]

    The network protocol guys don't worry about it because, really, it's an application problem. .The application guys don't worry about it because, after all, they can just use the IP address and trust the network.^ For example, in web browsers, the root Certification Authority keys are directly trusted because they were shipped by the manufacturer.
    • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

    ^ That estimate assumes they use the EFF's 1998 technology and just spend more money.
    • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

    ^ A side effect is that if a user uses the same password on multiple systems, they will encrypt differently because each system uses different salt.
    • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

      • There is a parallel between designing electronic commerce infrastructure today that uses weak cryptography (i.e. 40 or 56 bit keys) and, say, designing air traffic control systems in the '60s using two digit year fields. ... .Just because you can retire before it all blows up doesn't make it any less irresponsible.
    • Arnold G. Reinhold
  • In the design of cryptosystems, we must design something now for use in the future.^ It should be something already firmly embedded in your long-term memory, rather than something you make up from scratch.
    • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

    ^ Since all operations on the set must have a result that maps back into the set, if you add two numbers and get a result that would take you outside the set, you reduce the number so it maps back into the set.
    • An intro to Elliptical Curve Cryptography 10 February 2010 13:51 UTC www.deviceforge.com [Source type: FILTERED WITH BAYES]

    ^ Now the prime numbers actually employed in practical ECC implementations are quite large, so it's difficult to visualize this graph if you use the real kinds of numbers used.
    • An intro to Elliptical Curve Cryptography 10 February 2010 13:51 UTC www.deviceforge.com [Source type: FILTERED WITH BAYES]

    .We have only the published facts of the past to stand against all the secret research of the past and future for as long as a cipher is used.^ Until the 1970s, all (publicly known) cryptosystems used secret key or symmetric key cryptography methods.
    • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

    ^ Part of this question can only be answered by the individual: what value do we place on a long and healthy life starting some decades in the future?
    • Cryonics and Cryptography 10 February 2010 13:51 UTC www.alcor.org [Source type: FILTERED WITH BAYES]

    ^ All this means that millions of people worldwide have been exposed to the concept of encrypting messages to keep them secret and to the effect that breaking these ciphers can have.
    • An Introduction to Cryptography 10 February 2010 13:51 UTC www.isaca.org [Source type: FILTERED WITH BAYES]

    It is therefore necessary to speculate on future capabilities. .It is not acceptable to wait for a published attack before a weakness is considered in cipher design.^ If you are interested in the principles behind the design and attack of block ciphers, see this tutorial by Howard Heys and this course by David Wagner.
    • COS 433, Fall 2005: Home Page 10 February 2010 13:51 UTC www.cs.princeton.edu [Source type: FILTERED WITH BAYES]

    ^ Nor are the experts immune; Blaze and Schneier designed a cipher called MacGuffin [6] that was broken [7] before the end of the conference they presented it at.
    • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

    ^ This is one reason cryptographers routinely publish details of their designs and invite attacks.
    • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

    .It is instead necessary to try to perceive weaknesses which have not yet contributed to full attacks, and close them off.^ There was however a weakness in this cipher waiting to be exploited because the cyphertext produced by this method was vulnerable to the yet undiscovered statistical attack.
    • Cryptography - GHN 10 February 2010 13:51 UTC www.ieeeghn.org [Source type: FILTERED WITH BAYES]

    .
    • Terry Ritter
  • Key escrow to rule them all; key escrow to find them.
  • Key escrow to bring them all and in the darkness bind them.
  • In the land of surveillance where Big Brother lies.^ Key escrow is a technology that offers tools that would assure no individual absolute privacy or untraceable anonymity in all transactions.

    ^ Terry Ritter: "What I call a dynamic keying field is indeed described in one of the Feistel patents (now expired).
    • Ciphers By Ritter: Cryptography and Technology 10 February 2010 13:51 UTC ciphersbyritter.com [Source type: Academic]

    .
    • Peter Gutmann
  • Mary had a little key (It's all she could export),
  • and all the email that she sent was opened at the Fort.^ Mary had a little key (It's all she could export), and all the email that she sent was opened at the Fort.
    • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

    ^ New encryption laws for e-mail unlikely - Carrie Kirby; Interesting article that discusses the proposal to regulate email encryption by putting all keys in a database that could be accessed by officials if needed (key escrow).
    • Cryptography 10 February 2010 13:51 UTC csc.colstate.edu [Source type: FILTERED WITH BAYES]

    ^ Mary had a little key - she kept it in escrow, and every thing that Mary said, the feds were sure to know.
    • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

    .
    • Ron Rivest
  • Mary had a little key - she kept it in escrow,
  • and every thing that Mary said, the feds were sure to know.^ Mary had a little key - she kept it in escrow, and every thing that Mary said, the feds were sure to know.
    • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

    ^ Mary had a little key (It's all she could export), and all the email that she sent was opened at the Fort.
    • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

    ^ That usually matters relatively little if you know the key to the cipher, and the cipher is a simple one-to-one replacement; you can decrypt the message, fix the errors, and then correct the encrypted form.
    • Cryptography 10 February 2010 13:51 UTC www.skypoint.com [Source type: Original source]

    .
    • Sam Simpson
  • Crypto is not mathematics, but crypto can be highly mathematical, crypto can use mathematics, but good crypto can be done without a great reliance on complex mathematics.^ In an organization using PGP certificates without a PKI, it is the job of the CA to check the authenticity of all PGP certificates and then sign the good ones.
    • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

    ^ Since then the emphasis has shifted, and cryptography now makes extensive use of mathematics, primarily information theory , computational complexity , abstract algebra , and number theory .
    • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

    ^ A crypto quotes page attributes this to Sam Simpson .
    • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]

    .
    • W T Shaw
  • Child pornography -- I never heard of it as a problem five years ago, but now it's brought up constantly.^ Ten years ago law enforcement was scrambling to catch up with new technology.
    • Discourse.net: Cryptography Archives 10 February 2010 13:51 UTC www.discourse.net [Source type: General]

    I think it's the new Red-baiting. The people in Burma don't understand how it is that we are focusing our whole crypto policy on catching child pornographers. .If you think that cryptography is good for society you have to apologize and say that you are against child pornography...^ One would think, then, that strong cryptography would hold up rather well against even an extremely determined cryptanalyst.
    • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

    The fact that I even have to say that is an indication of how effective this Red-baiting is... .I think that we can't let our civil liberties for the society at large be determined by government policy towards a tiny segment of the criminal population.^ Use of this site is governed by our Terms of Service and Privacy Policy .
    • An intro to Elliptical Curve Cryptography 10 February 2010 13:51 UTC www.deviceforge.com [Source type: FILTERED WITH BAYES]

    .
  • I should be able to whisper something in your ear, even if your ear is 1000 miles away, and the government disagrees with that.^ It should be something already firmly embedded in your long-term memory, rather than something you make up from scratch.
    • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

    [GQ magazine in .England] quoted me on that -- they changed one letter.^ The code, produced by unwinding the tape, was a TRANSPOSITION cipher, that is, one where the letters remain the same but the order is changed.
    • Cryptography - GHN 10 February 2010 13:51 UTC www.ieeeghn.org [Source type: FILTERED WITH BAYES]

    .It said I should be able to whisper something in your car, even though I am 1000 miles away.^ It should be something already firmly embedded in your long-term memory, rather than something you make up from scratch.
    • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

    ^ A computer that has been turned off, or even dropped out the window of a car at 90 miles per hour, is still recognizable.
    • Cryonics and Cryptography 10 February 2010 13:51 UTC www.alcor.org [Source type: FILTERED WITH BAYES]

    I wonder what the people in England think of me. .
  • With PCs 1,000 times more powerful than they used to be, our encryption keys can and should be 1,000 times bigger too.^ Conventional encryption is about 1, 000 times faster than public key encryption.
    • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

    ^ Some people tend to use signatures more than they use encryption.
    • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

    ^ Symmetric keys are used for the encrypting of actual data because public key encryption is very slow, it is hundreds of times more efficient to just encrypt one small string with via public key and everything else via symmetric key than it is to encrypt the entire data stream with via public key.
    • Security and Cryptography Community FAQ - Dev Shed 10 February 2010 13:51 UTC forums.devshed.com [Source type: General]

    .That means cryptokeys of at least 56,000 bits.^ A 56-bit key creates 72 quadrillion (72,000,000,000,000,000) possible combinations.

    • Seen on developer.com

External links


Study guide

Up to date as of January 14, 2010

From Wikiversity

Welcome to the Cryptography
Cryptography can be classified into three areas:
  • Classical - before the 20th century, simple substitution and transposition ciphers played major roles
  • Modern - mechanized and digitized cryptography came into existance in the 20th century
  • Key exchanges - Public Key and Quantum cryptography
    • Diffie-Hellman key exchange and RSA in the last few decades has enabled mass secure transmissions and internet transactions
    • Quantum Cryptography - As quantum computers come into existance, algorithms and protocols are fast being developed for this new platform.

Contents

Resources

Wikibooks

Wikipedia articles

Quizes, tests, and exams

Other Wikiprojects


1911 encyclopedia

Up to date as of January 14, 2010

From LoveToKnow 1911

CRYPTOGRAPHY (from Gr. .KpinrTo , hidden, and 'y plcc4av, to write), or writing in cipher, called also steganography (from Gr.^ The wonderful word "steganography" (meaning hidden writing) has been applied to the new field.
  • DREI '97 Classroom Lesson Plans 10 February 2010 13:51 UTC dimacs.rutgers.edu [Source type: FILTERED WITH BAYES]

^ One idea is to not even bother encrypting the information but simply burying it in the DNA so it is well hidden, a technique called DNA steganography.
  • Technology Review: Blogs: arXiv blog: The emerging science of DNA cryptography 10 February 2010 13:51 UTC www.technologyreview.com [Source type: FILTERED WITH BAYES]

a covering), the art of writing in such a way as to be incomprehensible except to those who possess the .key to the system employed.^ One of the fundamental axioms of cryptography is that the enemy is in full possession of the details of the general cryptographic system, and lacks only the specific key data employed in the encryption.
  • Cryptography FAQ (08/10: Technical Miscellany) 10 February 2010 13:51 UTC www.faqs.org [Source type: FILTERED WITH BAYES]

^ The RSA system employs this fact to generate public and private key pairs.
  • An intro to Elliptical Curve Cryptography 10 February 2010 13:51 UTC www.deviceforge.com [Source type: FILTERED WITH BAYES]

The unravelling of the writing is called deciphering. .Cryptography having become a distinct art, Bacon (Lord Verulam) classed it (under the name ciphers) as a part of grammar.^ We begin with an overview of cryptography, including the fundamental concepts of encryption, material on classical ciphers and their cryptanalysis, and distinction between symmetric key and asymmetric (or public) key cryptography.

^ Charles Wheatstone invented what has become known as the Playfair cipher, having been publicized by his friend Lyon Playfair .
  • CME's Cryptography Timeline 10 February 2010 13:51 UTC world.std.com [Source type: FILTERED WITH BAYES]

^ (CNG is the replacement for CryptoAPI.) These classes have "Cng" as part of their names.
  • Cryptography Overview 10 February 2010 13:51 UTC msdn.microsoft.com [Source type: Reference]

.Secret modes of communication have been in use from the earliest times.^ Observe also that if one is dealing with a big network of communicating parties (say, a network of mail users) then it is impractical to use a distinct secret method of signing for every pair of users.
  • Springer Online Reference Works 10 February 2010 13:51 UTC eom.springer.de [Source type: FILTERED WITH BAYES]

^ Because these secret keys can be used once and thrown away, they replicate the “one-time cipher” approach that characterized encoded communications 50 years ago.
  • Quantum Cryptography 10 February 2010 13:51 UTC blog.pgp.com [Source type: General]

^ The mode of encryption used during Julius Caeser's time is very different from what we use today.
  • Basics of Cryptography - CryptoDox 10 February 2010 13:51 UTC cryptodox.com [Source type: FILTERED WITH BAYES]

.The Lacedemonians had a method called the scytale, from the staff employed in constructing and deciphering the message.^ The Scytale worked as follows -- a fabric was wrapped around a staff and a message was written on the cloth.
  • History of Cryptography and Secrecy Systems 10 February 2010 13:51 UTC www.dsm.fordham.edu [Source type: Academic]

^ The information that Bill used to decipher my encrypted message is called a key .

^ This device, a cylinder called a Scytale, was in the possession of both the sender and the recipient of the message.
  • Cryptography - GHN 10 February 2010 13:51 UTC www.ieeeghn.org [Source type: FILTERED WITH BAYES]

.When the Spartan ephors wished to forward their orders to their commanders abroad, they wound slantwise a narrow strip of parchment upon the 6KUTaXq so that the edges met close together, and the message was then added in such a way that the centre of the line of writing was on the edges of the parchment.^ Cryptography is a way to increase security by making messages difficult to read if they fall into the wrong hands.
  • 1.7.6 Cryptography 10 February 2010 13:51 UTC www.cs.sunysb.edu [Source type: Academic]

^ Given the availability of computers, it seems natural that such a course should have the students encrypting and decrypting messages with the commercial grade systems they are studying.
  • Maple worksheets for Cryptography 10 February 2010 13:51 UTC euler.slu.edu [Source type: Reference]

^ Write a program RandomPrime.java that takes a command-line argument N and prints out an N-bit integer that is (probably) prime.

.When unwound the scroll consisted of broken letters; and in that condition it was despatched to its destination, the general to whose hands it came deciphering it by means of a exactly corresponding to that used by the ephors.^ Failure to verify that the public key really does belong to Bob leaves open the possibility that Alice is using a key whose associated private key is in the hands of an enemy.
  • Chapter�13.�Cryptography 10 February 2010 13:51 UTC www.cgisecurity.com [Source type: FILTERED WITH BAYES]

^ Keep in mind here that I used the same key to encrypt the message (i.e., numbers in the message to be replaced by the corresponding letter in the alphabet) as Bill used to decrypt the message.

^ A key usually consists of two parts: A method and a specific piece of data used to apply the key -- usually, in cryptography, a set of letters and numbers used to conceal the message.
  • Cryptography 10 February 2010 13:51 UTC www.skypoint.com [Source type: Original source]

.Polybius has enumerated other methods of cryptography.^ Cryptography depends on a continuing stream of new insights and methods from number theory, arithmetic algebraic geometry, and other branches of algebra.
  • http://www.ipam.ucla.edu/programs/scws1/ 10 February 2010 13:51 UTC www.ipam.ucla.edu [Source type: Academic]

^ Data integrity and Non-Repudiation are achieved by means of digital signature, a method that includes performing cryptography among other things.

^ Merchants use cryptography, PGP, SSL, encrypted file transfer and other methods to protect your privacy.
  • Cryptography, PGP, and Your Privacy 10 February 2010 13:51 UTC www.sharefile.com [Source type: Reference]

The art was in use also amongst the Romans. .Upon the revival of letters methods of secret correspondence were introduced into private business, diplomacy, plots, &c.; and as the study of this art has always presented attractions to the ingenious, a curious body of literature has been the result.^ Utility which encodes and decodes binary files into five-letter code groups just like secret agents use.
  • Cryptography and Steganography 10 February 2010 13:51 UTC www.fourmilab.ch [Source type: Reference]

^ Cryptography (from Greek, "secret writing") – a study of mathematic methods of ensuring information confidentiality.
  • Cryptography | Exlade 10 February 2010 13:51 UTC www.exlade.com [Source type: General]

^ Cryptography is the art of keeping messages secret by using different methods.

John Trithemius (d. .1516), the abbot of Spanheim, was the first important writer on cryptography.^ Begun at the request of the Duke of Bavaria, this very early treatise on cryptography by the Abbot of Sponheim was probably first published in 1518, although the dedication is dated 1508.
  • WU Libraries Special Collections - Cryptography 10 February 2010 13:51 UTC library.wustl.edu [Source type: Reference]

.His Polygraphia, published in 1518, has passed through many editions, and has supplied the basis upon which subsequent writers have worked.^ Although he first published this work at Lyons in 1531, Trithemius apparently completed Steganographia sometime in 1500, and the work became known prior to the publication in 1518 of Polygraphiae, with which it is often confused.
  • WU Libraries Special Collections - Cryptography 10 February 2010 13:51 UTC library.wustl.edu [Source type: Reference]

^ Polygraphie became the basis of much subsequent work in cryptography.
  • WU Libraries Special Collections - Cryptography 10 February 2010 13:51 UTC library.wustl.edu [Source type: Reference]

^ No government should impede the free flow of encrypted data passing through its jurisdiction merely on the basis of cryptography policy.
  • Guidelines for Cryptography Policy 10 February 2010 13:51 UTC www.justice.gov [Source type: Reference]

.It was begun at the desire of the duke of Bavaria; but Trithemius did not at first intend to publish it, on the ground that it would be injurious to public interests.^ Although he first published this work at Lyons in 1531, Trithemius apparently completed Steganographia sometime in 1500, and the work became known prior to the publication in 1518 of Polygraphiae, with which it is often confused.
  • WU Libraries Special Collections - Cryptography 10 February 2010 13:51 UTC library.wustl.edu [Source type: Reference]

^ Begun at the request of the Duke of Bavaria, this very early treatise on cryptography by the Abbot of Sponheim was probably first published in 1518, although the dedication is dated 1508.
  • WU Libraries Special Collections - Cryptography 10 February 2010 13:51 UTC library.wustl.edu [Source type: Reference]

^ In 1518, a Benedictine monk named Johannes Trithemius wrote "Polygraphiae," the first published treatise on cryptography.
  • cryptography - Computer Definition 10 February 2010 13:51 UTC www.yourdictionary.com [Source type: General]
  • DSP DesignLine : Design Resource for Automotive Engineering 10 February 2010 13:51 UTC www.dspdesignline.com [Source type: FILTERED WITH BAYES]
  • The RF Edge : Design Resource for Automotive Engineering 10 February 2010 13:51 UTC www.rfid-world.com [Source type: FILTERED WITH BAYES]
  • EETimes Encyclopedia 10 February 2010 13:51 UTC www.eetimes.com [Source type: FILTERED WITH BAYES]
  • ChannelWeb Encyclopedia 10 February 2010 13:51 UTC www.crn.com [Source type: General]
  • Cryptography: Definition and additional resources from ZDNet 10 February 2010 13:51 UTC dictionary.zdnet.com [Source type: General]

A Steganographia published at Lyons (? 1551) and later at Frankfort (1606), is also attributed to him. .The next treatises of importance were those of Giovanni Battista della Porta, the Neapolitan mathematician, who wrote De furtivis litterarum notis, 1563; and of Blaise de Vigenere, whose Traite des chiffres appeared in Paris, 1587. Bacon proposed an ingenious system of cryptography on the plan of what is called the double cipher; but while thus lending to the art the influence of his great name, he gave an intimation as to the general opinion formed of it and as to the classes of men who used it.^ Cryptography is the making of a cipher system and the breaking of a cipher system is called cryptanalysis.
  • Introduction to Cryptography 10 February 2010 13:51 UTC www.bletchleypark.net [Source type: FILTERED WITH BAYES]

^ GIOVANNI BATTISTA DELLA PORTA (1535?-1615) De Fvrtivis Literarvm Notis.
  • WU Libraries Special Collections - Cryptography 10 February 2010 13:51 UTC library.wustl.edu [Source type: Reference]

^ Cryptography - Cipher systems .
  • cryptology -- Britannica Online Encyclopedia 10 February 2010 13:51 UTC www.britannica.com [Source type: Reference]

For when prosecuting the earl of Somerset in the matter of the poisoning of Overbury, he urged it as an aggravation of the crime that the earl and Overbury "had cyphers and jargons for the king and queen and all the great men, - things seldom used but either by princes and their ambassadors and ministers, or by such as work or practise against or, at least, upon princes." Other eminent Englishmen were afterwards connected with the art. .John Wilkins, subsequently bishop of Chester, published in 1641 an anonymous treatise entitled Mercury, or The Secret and Swift Messenger, - a small but comprehensive work on the subject, and a timely gift to the diplomatists and leaders of the Civil War.^ Out with the Old; In with the New By John Traenkenschuh on January 3, 2010 No Comments Time to think through last year's work and this year's goals .
  • InformIT: Cryptography: Beginning with a Simple Communication Game > A Communication Game 10 February 2010 13:51 UTC www.informit.com [Source type: FILTERED WITH BAYES]
  • InformIT: Cryptography with Java > Cryptographic Keys 10 February 2010 13:51 UTC www.informit.com [Source type: Reference]

^ Prodomo includes an early illustrated description of a cipher employing musical notation, a method initially proposed by John Wilkins, Bishop of Chester, in his Mercury; or, The Secret and Swift Messenger (London, 1641).
  • WU Libraries Special Collections - Cryptography 10 February 2010 13:51 UTC library.wustl.edu [Source type: Reference]

^ Also if a code is used many times, an enemy is quite likely to work out that "John" means "dawn" or whatever; there is no long-term security.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

.The deciphering of many of the royalist papers of that period, such as the letters that fell into the hands of the parliament at the battle of Naseby, has by Henry Stubbe been charged on the celebrated mathematician Dr John Wallis (Athen.^ In recent wars, messages were sent in alphabet cipher to ensure that the messages would not be read if they fell into enemy hands.
  • Advanced Military Cryptography Book 10 February 2010 13:51 UTC hamcall.net [Source type: Reference]

^ We are not aware of any FTP sites for such software, but there are many papers on the subject.
  • Cryptography FAQ (08/10: Technical Miscellany) 10 February 2010 13:51 UTC www.faqs.org [Source type: FILTERED WITH BAYES]

Oxon.
iii. .1072), whose connexion with the subject of cipher-writing is referred to by himself in the Oxford edition of his mathematical works, 1689, p.^ He also includes a reference to cryptanalysis, noting ``Well-known writings on the subject are in the possession of the people.''
  • CME's Cryptography Timeline 10 February 2010 13:51 UTC world.std.com [Source type: FILTERED WITH BAYES]

^ This first edition of his encyclopaedic work on the subject includes historical sections on deciphering, and on cryptography in the ancient world.
  • WU Libraries Special Collections - Cryptography 10 February 2010 13:51 UTC library.wustl.edu [Source type: Reference]

659; as also by John Davys. .Dr Wallis elsewhere states that this art, formerly scarcely known to any but the secretaries of princes, &c., had grown very common and familiar during the civil commotions, "so that now there is scarce a person of quality but is more or less acquainted with it, and doth, as there is occasion, make use of it."^ Again, the framework contains a lot of powerful functionality, and again there is an application block that makes it all a bit easier to use.
  • Goto 100 - Development with Visual Basic : Cryptography 10 February 2010 13:51 UTC blogs.msdn.com [Source type: General]

^ The mode of encryption used during Julius Caeser's time is very different from what we use today.
  • Basics of Cryptography - CryptoDox 10 February 2010 13:51 UTC cryptodox.com [Source type: FILTERED WITH BAYES]

^ As the number of users and messages increase the more keys are used, thus increasing the chance of making mistakes or exposing patterns and vulnerabilities.
  • Introduction to Cryptography 10 February 2010 13:51 UTC www.bletchleypark.net [Source type: FILTERED WITH BAYES]

.Subsequent writers on the subject are John Falconer (Cryptomenysis patefacta), 1685; John Davys (An Essay on the Art of Decyphering: in which is inserted a Discourse of Dr Wallis), 1737; Philip Thicknesse (A Treatise on the Art of Decyphering and of Writing in Cypher), I 772; William Blair (the writer of the comprehensive article "Cipher" in Rees's Cyclopaedia), 1819; and G. von Marten (Coors diplomatique), 180r (a fourth edition of which appeared in 1851).^ John Falconer was a distant relative of David Hume's family, and a supporter of King James II. Held in high regard by Philip Thicknesse (1719-1792), the works of Falconer on secret writing and the conveying of concealed messages include Cryptomenysis Patefacta and Rules for Explaning and Decyphering all Manner of Secret Writing (London, 1692).
  • WU Libraries Special Collections - Cryptography 10 February 2010 13:51 UTC library.wustl.edu [Source type: Reference]

^ Thicknesse notes that he was moved to write this treatise by a comment concerning the neglect of the art of deciphering in the Advancement of Learning by Francis Bacon (1561-1626), who had proposed a system of cryptography based on the so-called double cipher.
  • WU Libraries Special Collections - Cryptography 10 February 2010 13:51 UTC library.wustl.edu [Source type: Reference]

^ Home > Articles > Cryptography 101 What is Cryptography Cryptography is the art and science of secret writing.
  • Basics of Cryptography and Encryption 10 February 2010 13:51 UTC www.diserio.com [Source type: FILTERED WITH BAYES]

.Perhaps the best modern work on this subject is the Kryptographik of J. L. Kliiber (Tubingen, 1809), who was drawn into the investigation by inclination and official circumstances.^ Finally, students who have not previously taken a course in modern cryptography may have to work harder and do more outside reading in order to keep up.
  • CMSC 858K --- Advanced Topics in Theory of Computing: Cryptography 10 February 2010 13:51 UTC www.cs.umd.edu [Source type: FILTERED WITH BAYES]

^ Into the Digital Age · How the Digital Encryption Standard (DES) Works · A Cunning Plan Perhaps?
  • http://www.worldalmanacforkids.com/WAKI-ViewArticle.aspx?pin=s-1001175&article_id=479&chapter_id=9&chapter_title=Numbers&article_title=Deciphering_Cryptography 10 February 2010 13:51 UTC www.worldalmanacforkids.com [Source type: FILTERED WITH BAYES]

.In this work the different methods of cryptography are classified.^ Over time many different approaches to cryptography have been used ranging from basic shifting of alphabetical letters to complex mechanical and electronic encryption methods.
  • Cryptography Basics - Techotopia 10 February 2010 13:51 UTC www.techotopia.com [Source type: Reference]

^ In the US, for example, exporting strong cryptography remains illegal; cryptographic methods and techniques are classified as munitions.
  • Cryptography/History - Wikibooks, collection of open-content textbooks 10 February 2010 13:51 UTC en.wikibooks.org [Source type: FILTERED WITH BAYES]

^ Cryptography is the art of keeping messages secret by using different methods.

Amongst others of lesser merit who have treated of this art may be named Gustavus Selenus (i.e. Augustus, duke of Brunswick), 1624; Cospi, translated by Niceron in 1641; the marquis of Worchester, 1659; Kircher, 1663; Schott, 1665; Ludwig Heinrich Hiller, 1682; Comiers, 1690; Baring, 1737; Conrad, 1739, &c. See also a paper on Elizabethan Cipher-books by A. J. Butler in the Bibliographical Society's Transactions, London, 1901.
.Schemes of cryptography are endless in their variety.^ Figure 3: A certificate is made up of a server URL and a server public key Encryption Using Asymmetric Cryptography Asymmetric encryption schemes are used in a variety of applications.
  • An intro to Elliptical Curve Cryptography 10 February 2010 13:51 UTC www.deviceforge.com [Source type: FILTERED WITH BAYES]

.Bacon lays down the following as the "virtues" to be looked for in them: - "that they be not laborious to write and read; that they be impossible to decipher; and, in some cases, that they be without suspicion."^ Someone can look at everything that goes down the line, but they can’t change it without you knowing about it.” The actual hashing technique gets more involved, but it follows this basic idea.
  • Security Goes Beyond Cryptography | ECN: Electronic Component News 10 February 2010 13:51 UTC www.ecnmag.com [Source type: FILTERED WITH BAYES]

^ If I told people on the ALS forums that I was looking forward to some of this, they'd think I was crazy.
  • Discourse.net: Cryptography Archives 10 February 2010 13:51 UTC www.discourse.net [Source type: General]

^ Write a Binary File 3.45/5 How to read and write a binary file in C# and some of its applications.
  • Visual C# Kicks - Free CSharp .NET Programming Source Code and Tutorials 10 February 2010 13:51 UTC www.vcskicks.com [Source type: Reference]

.These principles are more or less disregarded by all the modes that have been advanced, including that of Bacon himself, which has been unduly extolled by his admirers as "one of the most ingenious methods of writing in cypher, and the most difficult to be decyphered, of any yet contrived" (Thicknesse, p.^ On the other hand, the requirement ii) is apparently more difficult to satisfy because should know something about the way generates the signature, and yet it should be impossible for to generate 's signature.
  • Springer Online Reference Works 10 February 2010 13:51 UTC eom.springer.de [Source type: FILTERED WITH BAYES]

^ In the SwissQuantum network, QKD equipments were deployed in less than a day, with most of the time spent in traffic jams whilst travelling from one site to the other.
  • Quantum Cryptography - Swiss Quantum 10 February 2010 13:51 UTC www.swissquantum.com [Source type: FILTERED WITH BAYES]

^ Factoring is one of a class of difficult problems, called NP problems, that many mathematicians believe are fundamentally hard, though they have not yet proved this.
  • Safety in numbers 10 February 2010 13:51 UTC plus.maths.org [Source type: FILTERED WITH BAYES]

13).
.The simplest and commonest of all the ciphers is that in which the writer selects in place of the proper letters certain other letters in regular advance.^ When regarding the eight selected cryptography libraries, one would expect all libraries to contain approximately the same core cipher implementation, as all calculation results have to be equal .
  • Blog Entries Tagged with 'cryptography' - idlebox.net 10 February 2010 13:51 UTC idlebox.net [Source type: FILTERED WITH BAYES]

^ But cipher selection cannot be solely based on speed, other parameters like (perceived) strength and age are more important.
  • Blog Entries Tagged with 'cryptography' - idlebox.net 10 February 2010 13:51 UTC idlebox.net [Source type: FILTERED WITH BAYES]

^ Back to cryptology: if we use simple letter substitution, with the same new letter always taking the place of the same old letter, then certain patterns will clue the would-be code cracker.
  • Exploring Groups and Codes (1 of 4) 10 February 2010 13:51 UTC www.4dsolutions.net [Source type: Academic]

.This method of transposition was used by Julius Caesar.^ For example, the famous Roman emperor Julius Caesar used a cipher to protect the messages to his troops.
  • CryptoDox - CryptoDox 10 February 2010 13:51 UTC cryptodox.com [Source type: FILTERED WITH BAYES]

^ Julius Caesar, to encrypt his messages, used a simple substitution, usually a three-letter offset (i.e.
  • Cryptography 10 February 2010 13:51 UTC www.skypoint.com [Source type: Original source]

^ Julius Caesar: He developed the first use of a substitution alphabet for ciphers.
  • Enchanted Mind - Creative Cryptography 10 February 2010 13:51 UTC www.enchantedmind.com [Source type: FILTERED WITH BAYES]

He, "per quartam elementorum literam," wrote d for a, e for b, and so on. There are instances of this arrangement in the Jewish rabbis, and even in the sacred writers. An illustration of it occurs in Jeremiah (xxv. .26), where the prophet, to conceal the meaning of his prediction from all but the initiated, writes Sheshak instead of Babel (Babylon), the place meant; i.e. in place of using the second and twelfth letters of the Hebrew alphabet (b, b, 1) from the beginning, he wrote the second and twelfth (sh, sh, k) from the end.^ Over time many different approaches to cryptography have been used ranging from basic shifting of alphabetical letters to complex mechanical and electronic encryption methods.
  • Cryptography Basics - Techotopia 10 February 2010 13:51 UTC www.techotopia.com [Source type: Reference]

^ The simple Caesar-cypher encryption that replaces each English letter with the one 13 places forward or back along the alphabet, so that "The butler did it!"
  • Cryptography < Others < Bin-Co 10 February 2010 13:51 UTC www.bin-co.com [Source type: FILTERED WITH BAYES]

^ Back to cryptology: if we use simple letter substitution, with the same new letter always taking the place of the same old letter, then certain patterns will clue the would-be code cracker.
  • Exploring Groups and Codes (1 of 4) 10 February 2010 13:51 UTC www.4dsolutions.net [Source type: Academic]

.To this kind of cipher-writing Buxtorf gives the name Athbash (from a the first letter of the Hebrew alphabet, and th the last; b the second from the beginning, and h the second from the end).^ Two different test programs were written: the first to verify cipher implementations against each other, the second to perform timed speed tests on the ciphers exported by the different libraries.
  • Blog Entries Tagged with 'cryptography' - idlebox.net 10 February 2010 13:51 UTC idlebox.net [Source type: FILTERED WITH BAYES]

^ Also between 1953 and 1973, the CIA opened and photographed almost 250000 first class letters within the US from which it compiled a database of almost 1.5 million names.
  • Cryptography & Encryption 10 February 2010 13:51 UTC www.cyber-rights.org [Source type: FILTERED WITH BAYES]

^ That, in fact, appears to be why we can't solve the Babylonian cipher cited above: We don't have the first part of the ciphertext to give us some idea of what we're looking at!
  • Cryptography 10 February 2010 13:51 UTC www.skypoint.com [Source type: Original source]

.Another Jewish cabalism of like nature was called Albam; of which an example is in Isaiah vii.^ If you like to see how they are doing in .NET, search your MSDN examples for the excellent example file called PublicKey.cs!
  • CodeProject: Cryptography in .NET. Free source code and programming help 10 February 2010 13:51 UTC www.codeproject.com [Source type: FILTERED WITH BAYES]

^ These are examples of still another use of cryptography, or of something that looks (impressively if misleadingly) like it.
  • Cryptography/History - Wikibooks, collection of open-content textbooks 10 February 2010 13:51 UTC en.wikibooks.org [Source type: FILTERED WITH BAYES]

^ Another more recent example is called SKIPJACK .
  • An Introduction to Cryptography. 10 February 2010 13:51 UTC home.earthlink.net [Source type: FILTERED WITH BAYES]

6, where Tabeal is written for Remaliah. .In its adaptation to English this method of transposition, of which there are many modifications, is comparatively easy to decipher.^ There are many ways to do this, which are more or less effective, but I want to offer a rather new and absolutely secure method: neural cryptography.
  • CodeProject: Neural Cryptography. Free source code and programming help 10 February 2010 13:51 UTC www.codeproject.com [Source type: FILTERED WITH BAYES]

^ So we can conclude that there exist infinitely many such n which will be factored by Fermat's method in step k > = k_0 for any given natural number k_0."
  • MPKC 2003: Mathematics of Public-Key Cryptography 10 February 2010 13:51 UTC mpkc2003.mwisc.org [Source type: Academic]

A rough key may be derived from an examination of the respective quantities of letters in a type-founder's bill, or a printer's "case." The decipherer's first business is to classify the letters of the secret message in the order of their frequency. .The letter that occurs oftenest is e; and the next in order of frequency is t.^ Also traced to Ibn al-Duraihim is an exposition on and worked example of cryptanalysis, including the use of tables of letter frequencies and sets of letters which can not occur together in one word.
  • CME's Cryptography Timeline 10 February 2010 13:51 UTC world.std.com [Source type: FILTERED WITH BAYES]

^ The letters of the English alphabet, listed in order of frequence of use: .
  • Cryptography & Encryption 10 February 2010 13:51 UTC www.wilsonmar.com [Source type: Reference]

.The following groups come after these, separated from each other by degrees of decreasing recurrence: - a, o, n, i; r, s, h; d, 1; c, w, u, m; f, y, g, p, b; v, k; x, q, j, z.^ In the following sections, we will lay down the main points that these competing groups have put forth.

.All the single letters must be a, I or O. Letters occurring together are ee, oo, ff, ii, ss, &c.^ Also traced to Ibn al-Duraihim is an exposition on and worked example of cryptanalysis, including the use of tables of letter frequencies and sets of letters which can not occur together in one word.
  • Cryptography - GHN 10 February 2010 13:51 UTC www.ieeeghn.org [Source type: FILTERED WITH BAYES]
  • CME's Cryptography Timeline 10 February 2010 13:51 UTC world.std.com [Source type: FILTERED WITH BAYES]

^ All 26 filters are combined to form a single filter that has no overlaps, as each letter in the alphabet has a unique representation in the ciphertext.
  • An Introduction to Cryptography. 10 February 2010 13:51 UTC home.earthlink.net [Source type: FILTERED WITH BAYES]

.The commonest words of two letters are (roughly arranged in the order of their frequency) of, to, in, it, is, be, he, by, or, as, at, an, so, &c.^ There is a HELP file for these two letter frequency analyzer notebooks.
  • Cryptography 10 February 2010 13:51 UTC pages.central.edu [Source type: FILTERED WITH BAYES]

^ Think of the word dog and all of the ways one could arrange the letters -- dog, dgo, odg, ogd, dgo, odg -- this anagram is a simple example of transpostion.
  • History of Cryptography and Secrecy Systems 10 February 2010 13:51 UTC www.dsm.fordham.edu [Source type: Academic]

^ The letters of the English alphabet, listed in order of frequence of use: .
  • Cryptography & Encryption 10 February 2010 13:51 UTC www.wilsonmar.com [Source type: Reference]

.The commonest words of three letters are the and and (in great excess), for, are, but, all, not, &c.; and of four letters - that, with, from, have, this, they, &c.^ As all crypto schemes so far examined are letter ciphers (they work on one letter at a time), each letter would be encrypted, then that encrypted letter would be encrypted again, and so on.
  • An Introduction to Cryptography. 10 February 2010 13:51 UTC home.earthlink.net [Source type: FILTERED WITH BAYES]

^ The above example was encrypted using a modified Caesar cipher: The bulk of the message was shifted three letters (standard Caesar), but every fifth letter (in this case, the first letter of IS and the P in CIPHER) were encrypted with a Caesar shift of four letters instead of three.
  • Cryptography 10 February 2010 13:51 UTC www.skypoint.com [Source type: Original source]

^ The reason why a substitution of three letters, and not four, two or six, was chosen has never been explained.
  • Cryptography - GHN 10 February 2010 13:51 UTC www.ieeeghn.org [Source type: FILTERED WITH BAYES]

.Familiarity with the composition of the language will suggest numerous other points that are of value to the decipherer.^ If I wanted to I could have assigned numerical values for all the other characters on a keyboard, but for simplicity I will only assign numerical values to the letters in the alphabet in this project.

.He may obtain other hints from Poe's tale called The Gold Bug. As to messages in the continental languages constructed upon this system of transposition, rules for deciphering may be derived from Breithaupt's Ars decifratoria (1737), and other treatises.^ Thicknesse notes that he was moved to write this treatise by a comment concerning the neglect of the art of deciphering in the Advancement of Learning by Francis Bacon (1561-1626), who had proposed a system of cryptography based on the so-called double cipher.
  • WU Libraries Special Collections - Cryptography 10 February 2010 13:51 UTC library.wustl.edu [Source type: Reference]

^ In the language of cryptography, codes are called the ciphers , uncoded messages are called plaintext , and coded messages are called ciphertext .

^ For hints on how to proceed from here, the interested reader, as well as studying texts on cryptography, might want to examine the various accounts of the deciphering of Linear B and other ancient languages.
  • Cryptography 10 February 2010 13:51 UTC www.skypoint.com [Source type: Original source]

.Bacon remarks that though ciphers were commonly in letters and alphabets yet they might be in words.^ Check the final letters of the cipher’s words.
  • Enchanted Mind - Creative Cryptography 10 February 2010 13:51 UTC www.enchantedmind.com [Source type: FILTERED WITH BAYES]

^ Factoring is one of a class of difficult problems, called NP problems, that many mathematicians believe are fundamentally hard, though they have not yet proved this.
  • Safety in numbers 10 February 2010 13:51 UTC plus.maths.org [Source type: FILTERED WITH BAYES]

^ Later, his text "Steganographia" described a cipher in which each letter is represented by words in successive columns of text, designed to hide inconspicuously inside a seemingly pious book of prayer.
  • The RF Edge : Design Resource for Automotive Engineering 10 February 2010 13:51 UTC www.rfid-world.com [Source type: FILTERED WITH BAYES]
  • EETimes Encyclopedia 10 February 2010 13:51 UTC www.eetimes.com [Source type: FILTERED WITH BAYES]
  • ChannelWeb Encyclopedia 10 February 2010 13:51 UTC www.crn.com [Source type: General]
  • Cryptography: Definition and additional resources from ZDNet 10 February 2010 13:51 UTC dictionary.zdnet.com [Source type: General]

.Upon this basis codes have been constructed, classified words taken from dictionaries being made to represent complete ideas.^ He invented a steganographic cipher in which each letter was represented as a word taken from a succession of columns.
  • CME's Cryptography Timeline 10 February 2010 13:51 UTC world.std.com [Source type: FILTERED WITH BAYES]

.In recent years such codes have been adapted by merchants and others to communications by telegraph, and have served the purpose not only of keeping business affairs private, but also of reducing the excessive cost of telegraphic messages to distant markets.^ First was the DES (Data Encryption Standard) submitted by IBM, at the invitation of the National Bureau of Standards (now NIST), in an effort to develop secure electronic communication facilities for businesses such as banks and other large financial organizations.
  • Cryptography/History - Wikibooks, collection of open-content textbooks 10 February 2010 13:51 UTC en.wikibooks.org [Source type: FILTERED WITH BAYES]

^ The purpose of a cryptographic scheme is to allow authorized people to communicate without permitting unauthorized people to understand what the message; that is, to be able to transmit these messages in such a way that even if the message falls into the hands of an adversary, it is useless to them.
  • An Introduction to Cryptography. 10 February 2010 13:51 UTC home.earthlink.net [Source type: FILTERED WITH BAYES]

^ Cryptography defined as "the science and study of secret writing," concerns the ways in which communications and data can be encoded to prevent disclosure of their contents through eavesdropping or message interception, using codes (2), ciphers (3), and other methods, so that only certain people can see the real message.
  • Cryptography & Encryption 10 February 2010 13:51 UTC www.cyber-rights.org [Source type: FILTERED WITH BAYES]

Obviously this class of ciphers presents greater difficulties to the skill of the decipherer.
.Figures and other characters have been also used as letters; and with them ranges of numerals have been combined as the representatives of syllables, parts of words, words themselves, and complete phrases.^ Over time many different approaches to cryptography have been used ranging from basic shifting of alphabetical letters to complex mechanical and electronic encryption methods.
  • Cryptography Basics - Techotopia 10 February 2010 13:51 UTC www.techotopia.com [Source type: Reference]

^ Traditional techniques date back for centuries, and use operations of coding (use of alternative words or phrases), transposition (reordering of plaintext), and substitution (alteration of plaintext characters).
  • Quantum Cryptography: Privacy Through Uncertainty 10 February 2010 13:51 UTC www.csa.com [Source type: FILTERED WITH BAYES]

^ Later, his text "Steganographia" described a cipher in which each letter is represented by words in successive columns of text, designed to hide inconspicuously inside a seemingly pious book of prayer.
  • DSP DesignLine : Design Resource for Automotive Engineering 10 February 2010 13:51 UTC www.dspdesignline.com [Source type: FILTERED WITH BAYES]
  • The RF Edge : Design Resource for Automotive Engineering 10 February 2010 13:51 UTC www.rfid-world.com [Source type: FILTERED WITH BAYES]
  • EETimes Encyclopedia 10 February 2010 13:51 UTC www.eetimes.com [Source type: FILTERED WITH BAYES]
  • ChannelWeb Encyclopedia 10 February 2010 13:51 UTC www.crn.com [Source type: General]
  • Cryptography: Definition and additional resources from ZDNet 10 February 2010 13:51 UTC dictionary.zdnet.com [Source type: General]

.Under this head must be placed the despatches of Giovanni Michael, the Venetian ambassador to England in the reign of Queen Mary, documents which have only of late years been deciphered.^ It must be noted that use of an authentication protocol establishes the identities of the parties only at the instance that the protocol took place.
  • An Introduction to Cryptography 10 February 2010 13:51 UTC www.isaca.org [Source type: FILTERED WITH BAYES]

^ Cryptography, cryptanalysis, and secret agent betrayal featured in the Babington plot during the reign of Queen Elizabeth I which led to the execution of Mary, Queen of Scots.
  • Cryptography/History - Wikibooks, collection of open-content textbooks 10 February 2010 13:51 UTC en.wikibooks.org [Source type: FILTERED WITH BAYES]

^ The Man Who Deciphered Linear B Andrew Robinson This book traces the achievements of Michael Ventris in deciphering the 3,500 year old Linear B script.

.Many of the private letters and papers from the pen of Charles I.^ Solutions to the distributed generation of private keys for discrete-log based cryptosystems have been known for several years and used in a variety of protocols and in many research papers.
  • CIS: Threshold Cryptography 10 February 2010 13:51 UTC groups.csail.mit.edu [Source type: FILTERED WITH BAYES]

and his queen, who were adepts in the use of ciphers, are of the same description. .One of that monarch's letters, a document of considerable interest, consisting entirely of numerals purposely complicated, was in 1858 deciphered by Professor Wheatstone, the inventor of the ingenious crypto - machine, and printed by the Philobiblon Society.^ It consists chiefly of numerous tables of alphabets and signs, and of facsimiles of scripts and documents written in abbreviated forms.
  • WU Libraries Special Collections - Cryptography 10 February 2010 13:51 UTC library.wustl.edu [Source type: Reference]

^ As all crypto schemes so far examined are letter ciphers (they work on one letter at a time), each letter would be encrypted, then that encrypted letter would be encrypted again, and so on.
  • An Introduction to Cryptography. 10 February 2010 13:51 UTC home.earthlink.net [Source type: FILTERED WITH BAYES]

^ PGP is a piece of software (actually it's an entire suite of tools) that enables one to encrypta and decrypt documents, drives, etc.

.Other letters of the like character have been published in the First Report of the Royal Commission on Historical Manuscripts (1870).^ If I wanted to I could have assigned numerical values for all the other characters on a keyboard, but for simplicity I will only assign numerical values to the letters in the alphabet in this project.

^ If, on the other hand, the "plaintext" produced by a proposed solution is "rough," i.e., the distribution of letters has the unlikely peaks and troughs of English text, then the proposed solution is very likely right.
  • Cryonics and Cryptography 10 February 2010 13:51 UTC www.alcor.org [Source type: FILTERED WITH BAYES]

^ Here, instead of a preset rule to always substitute each letter with another letter, each time a character is shown, a certain other character is written.
  • An Introduction to Cryptography. 10 February 2010 13:51 UTC home.earthlink.net [Source type: FILTERED WITH BAYES]

.In the second and subsequent reports of the same commission several keys to ciphers have been catalogued, which seem to refer themselves to the methods of cryptography under notice.^ In fact, much of the security offered by cryptography depends on appropriate handling of keys, for the algorithms themselves are publicly published.
  • InformIT: Cryptography with Java > Cryptographic Keys 10 February 2010 13:51 UTC www.informit.com [Source type: Reference]

^ Member Review Malicious Cryptography outlines how a virus could contain and use a cryptographic public key, and speculates on the kind of attacks that might use this method.
  • cryptography Content at ZDNet UK 10 February 2010 13:51 UTC www.zdnet.co.uk [Source type: General]

^ White Papers Applying public-key cryptography constitutes an attractive solution and until now there are several proposed models.
  • cryptography Content at ZDNet UK 10 February 2010 13:51 UTC www.zdnet.co.uk [Source type: General]

In this connexion also should be mentioned the "characters," which the diarist Pepys drew up when clerk to Sir George Downing and secretary to the earl of Sandwich and to the admiralty, and which are frequently mentioned in his journal. .Pepys describes one of them as "a great large character," over which he spent much time, but which was at length finished, 25th April 1660; "it being," says he, "very handsomely done and a very good one in itself, but that not truly alphabetical."^ In the SwissQuantum network, QKD equipments were deployed in less than a day, with most of the time spent in traffic jams whilst travelling from one site to the other.
  • Quantum Cryptography - Swiss Quantum 10 February 2010 13:51 UTC www.swissquantum.com [Source type: FILTERED WITH BAYES]

^ The book is written very much as a handbook and is therefore quite reasonable as a reference but not particularly good for first-time reading on the subject.
  • Algorithms in the Real World: Cryptography 10 February 2010 13:51 UTC www.cs.cmu.edu [Source type: Academic]

^ Most cryptographic operations are based on fairly simple equations using very large numbers, numbers much larger than an int or a long .
  • MIDP Application Security 1: Design Concerns and Cryptography 10 February 2010 13:51 UTC developers.sun.com [Source type: FILTERED WITH BAYES]

.Shorthand marks and other arbitrary characters have also been largely imported into cryptographic systems to represent both letters and words, but more commonly the latter.^ Later, his text "Steganographia" described a cipher in which each letter is represented by words in successive columns of text, designed to hide inconspicuously inside a seemingly pious book of prayer.
  • DSP DesignLine : Design Resource for Automotive Engineering 10 February 2010 13:51 UTC www.dspdesignline.com [Source type: FILTERED WITH BAYES]
  • The RF Edge : Design Resource for Automotive Engineering 10 February 2010 13:51 UTC www.rfid-world.com [Source type: FILTERED WITH BAYES]
  • ChannelWeb Encyclopedia 10 February 2010 13:51 UTC www.crn.com [Source type: General]
  • Cryptography: Definition and additional resources from ZDNet 10 February 2010 13:51 UTC dictionary.zdnet.com [Source type: General]

^ On the other hand, it is not known what values of rank r are possible for elliptic curves over Q. The "folklore" conjecture is that the rank can be arbitrary large.
  • Algorithmics Research Group 10 February 2010 13:51 UTC tcs.uj.edu.pl [Source type: Reference]

^ Military Cryptanalysis, Part I, Monoalphabetic Substitution Systems (Cryptographic Series, C-30) William F. Friedman Find out more from Amazon.co.uk or Amazon.com .

.This plan is said to have been first put into use by the old Roman poet Ennius.^ The earliest known use of cryptography is found in non-standard hieroglyphs carved into monuments from Egypt's Old Kingdom (ca 4500 years ago).
  • Cryptography/History - Wikibooks, collection of open-content textbooks 10 February 2010 13:51 UTC en.wikibooks.org [Source type: FILTERED WITH BAYES]

^ The earliest known use of cryptography is found in non-standard hieroglyphs carved into monuments from Egypt's Old Kingdom (ca 4500+ years ago).
  • Cryptography - GHN 10 February 2010 13:51 UTC www.ieeeghn.org [Source type: FILTERED WITH BAYES]

^ Before you encrypt the message, it is first turned into a number by using a standard method such as ASCII where the characters are replaced by binary digits.
  • Safety in numbers 10 February 2010 13:51 UTC plus.maths.org [Source type: FILTERED WITH BAYES]

It formed the basis of the method of Cicero's freedman, Tiro, who seems to have systematized the labours of his predecessors. .A large quantity of these characters have been engraved in Gruter's Inscriptiones. The correspondence of Charlemagne was in part made up of marks of this nature.^ Some of these have now been published, and the inventors (James H. Ellis, Clifford Cocks, and Malcolm Williamson) have made public select parts of their work.
  • Cryptography - GHN 10 February 2010 13:51 UTC www.ieeeghn.org [Source type: FILTERED WITH BAYES]

.In Rees's Cyclopaedia specimens were engraved of the cipher used by Cardinal Wolsey at the court of Vienna in 1524, of that used by Sir Thomas Smith at Paris in 1563, and of that of Sir Edward Stafford in 1586; in all of which arbitrary marks are introduced.^ All modern ciphers use keys together with plain text as the input to produce cipher text.
  • 15 Seconds : Crash Course in Cryptography 10 February 2010 13:51 UTC www.15seconds.com [Source type: FILTERED WITH BAYES]

^ Data Encryption Standard (DES), introduced as a standard in the late 1970's, was the most commonly used cipher in the 1980's and early 1990's.
  • A Gentle Introduction to Cryptography | WebProNews 10 February 2010 13:51 UTC www.webpronews.com [Source type: FILTERED WITH BAYES]

^ Giovan Batista Belaso introduced the notion of using a passphrase as the key for a repeated polyalphabetic cipher.
  • CME's Cryptography Timeline 10 February 2010 13:51 UTC world.std.com [Source type: FILTERED WITH BAYES]

.The first English system of shorthand - Bright's Characterie, 1588 - almost belongs to the same category of ciphers.^ One of the most famous field ciphers ever was a fractionation system - the ADFGVX cipher which was employed by the German Army during the first world war.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ During the first world war both sides employed cipher systems almost exclusively for tactical communications while code systems were still used mainly for high-command and diplomatic communications.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ In a fractionation system a substitution is first made from symbols in the plaintext to multiple symbols (usually pairs, in which case the cipher is called a biliteral cipher) in the ciphertext, which is then superencrypted by a transposition.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.A favourite system of Charles I., used by him during the year 1646, was one made up of an alphabet of twenty-four letters, which were represented by four simple strokes varied in length, slope and position.^ However, no progress was made during the first four years.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ For this simple example I will convert the letter to a value describing its position in the alphabet.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ In recent years, researchers have found many practical applications for these theoretical results, and so we will also discuss their impact along the way and how one may use the theory to design secure systems.

This alphabet is engraved in Clive's Linear System of Shorthand (1830), having been found amongst the royal manuscripts in the British Museum. .An interest attaches to this cipher from the fact that it was employed in the well-known letter addressed by the king to the earl of Glamorgan, in which the former made concessions to the Roman Catholics of Ireland.^ Julius Caesar (100-44 B.C.) protected government communications with a simple fixed shifting of letters of the normal Roman alphabet as well as transliteration of Latin letters into Greek and a number of other simple ciphers.
  • http://www.worldalmanacforkids.com/WAKI-ViewArticle.aspx?pin=s-1001175&article_id=479&chapter_id=9&chapter_title=Numbers&article_title=Deciphering_Cryptography 10 February 2010 13:51 UTC www.worldalmanacforkids.com [Source type: FILTERED WITH BAYES]

^ I share his concerns and I have accordingly made my position known by sending an open letter to the relevant part of the DTI. .

^ Colin Dooley, in message <34C5021A.ABD@medit3d.com> of sci.crypt The NSA response was, "Well, that was interesting, but there aren't any ciphers like that."
  • Cryptography - Wikiquote 10 February 2010 13:51 UTC en.wikiquote.org [Source type: Original source]

.Complications have been introduced into ciphers by the employment of "dummy" letters, - "nulls and insignificants," as Bacon terms them.^ There are many devices by which a message can be concealed from the casual reader, e.g., invisible writing, but the term cryptography strictly applies to translating messages into cipher or code.
  • cryptography Facts, information, pictures | Encyclopedia.com articles about cryptography 10 February 2010 13:51 UTC www.encyclopedia.com [Source type: Academic]

^ The ADFGVX system was put into service by the Germans near the end of WW-I. This was a cipher which performed a substitution (through a keyed array), fractionation and then transposition of the letter fractions.
  • CME's Cryptography Timeline 10 February 2010 13:51 UTC world.std.com [Source type: FILTERED WITH BAYES]

^ He also used tansliteration of Latin into Greek letters and a number of other simple ciphers.
  • CME's Cryptography Timeline 10 February 2010 13:51 UTC world.std.com [Source type: FILTERED WITH BAYES]

.Other devices have been introduced to perplex the decipherer, such as spelling words backwards, making false divisions between words, &c.^ Some speak by changing the beginning and end of words, others by adding unnecessary letters between every syllable of a word, and so on.
  • CME's Cryptography Timeline 10 February 2010 13:51 UTC world.std.com [Source type: FILTERED WITH BAYES]

^ We might, for example, make the connection between A and C slightly more likely, while making other connections slightly less likely.
  • Cryonics and Cryptography 10 February 2010 13:51 UTC www.alcor.org [Source type: FILTERED WITH BAYES]

^ In addition, there are differences between different kinds of cryptographic algorithms that introduce some complexities (such as algorithm parameters and initialization vectors, which we'll discuss later).
  • Object Computing, Inc. - Java News Brief - December 2003 10 February 2010 13:51 UTC www.ociweb.com [Source type: Reference]

.The greatest security against the decipherer has been found in the use of elaborate tables of letters, arranged in the form of the multiplication table, the message being constructed by the aid of preconcerted key-words.^ What it means is that a key that can be easily compromised, computed, guessed, or found by trial and error with reasonable effort offers little or no security, no matter how secure the algorithm.
  • InformIT: Cryptography with Java > Cryptographic Keys 10 February 2010 13:51 UTC www.informit.com [Source type: Reference]

^ But Digital signatures are much more difficult to forge than a hand-written signature since they are created by encrypting a hash of the message being sent using his/her private key.
  • Cryptography & Encryption 10 February 2010 13:51 UTC www.wilsonmar.com [Source type: Reference]

^ In other words, a regular rule is used to transcribe one letter to another, perhaps a rotation.
  • An Introduction to Cryptography. 10 February 2010 13:51 UTC home.earthlink.net [Source type: FILTERED WITH BAYES]

.Details of the working of these ciphers may be found in the treatises named in this article.^ Full details are beyond the scope of this article, and may be found in [ 10 ].
  • Cryptography 10 February 2010 13:51 UTC www.santafe.edu [Source type: FILTERED WITH BAYES]

^ If you're interested in this topic, these articles may be helpful: .
  • Network Security and Cryptography 10 February 2010 13:51 UTC www.developers.net [Source type: FILTERED WITH BAYES]

^ REFERENCES Note: OCR errors may be found in this Reference List extracted from the full text article.
  • Quantum cryptography 10 February 2010 13:51 UTC portal.acm.org [Source type: Academic]

.The deciphering of them is one of the most difficult of tasks.^ One important task for this book is to establish various quantitative meanings for "easy," "difficult" or even "impossible."
  • InformIT: Cryptography: Beginning with a Simple Communication Game > A Communication Game 10 February 2010 13:51 UTC www.informit.com [Source type: FILTERED WITH BAYES]

.A method of this kind is explained in the Latin and English lives of Dr John Barwick, whose correspondence with Hyde, afterwards earl of Clarendon, was carried on in cryptography.^ Member Review Malicious Cryptography outlines how a virus could contain and use a cryptographic public key, and speculates on the kind of attacks that might use this method.
  • cryptography Content at ZDNet UK 10 February 2010 13:51 UTC www.zdnet.co.uk [Source type: General]

In a letter dated 10th February 1659/60, Hyde, alluding to the skill of his political opponents in deciphering, says that "nobody needs to fear them, if they write carefully in good cyphers." In his next he allays his correspondent's apprehensiveness as to the deciphering of their letters.
."I confess to you, as I am sure no copy could be gotten of any of my cyphers from hence, so I did not think it probable that they could be got on your side the water.^ You invent your probabilities as you wish.
  • Technology Review: Blogs: arXiv blog: The emerging science of DNA cryptography 10 February 2010 13:51 UTC www.technologyreview.com [Source type: FILTERED WITH BAYES]

^ For example, if you order merchandise online by typing your credit card number, you should be sure that no one else can tap into the line, capture the information and use it for their own purposes.
  • Cryptography 10 February 2010 13:51 UTC www.harley.com [Source type: General]

^ These probably won't be in you're required textbooks list for school, but could make a big difference in your understanding and passion for knowledge.
  • Amazon.com: The Cryptography Community 10 February 2010 13:51 UTC www.amazon.com [Source type: General]

.But I was as confident, till you tell me you believe it, that the devil himself cannot decypher a letter that is well written, or find that Poo stands for Sir H. Vane.^ If you cannot find it in your in-box, please check your bulk or junk folders.
  • Cryptography - Webmonkey 10 February 2010 13:51 UTC www.webmonkey.com [Source type: General]

^ You cannot distribute or reproduce any of the files or code found in this site separately by any means without the express written permission of the author.
  • Cryptography Software Code in Visual Basic and C 10 February 2010 13:51 UTC www.di-mgt.com.au [Source type: Reference]

^ Next, you would find the leftmost row beginning with the letter "A" and find the intersection point with the top most row with the letter "N" which happens to be the ciphertext letter "N".
  • History of Cryptography and Secrecy Systems 10 February 2010 13:51 UTC www.dsm.fordham.edu [Source type: Academic]

.I have heard of many of the pretenders to that skill, and have spoken with some of them, but have found them all to be mountebanks; nor did I ever hear that more of the King's letters that were found at Naseby, than those which they found decyphered, or found the cyphers in which they were writ, were decyphered.^ Herbert Yardley , in The American Black Chamber Few false ideas have more firmly gripped the minds of so many intelligent men than the one that, if they just tried, they could invent a cipher that no one could break.
  • Cryptography - Wikiquote 10 February 2010 13:51 UTC en.wikiquote.org [Source type: Original source]

^ So we must see that the balance we strike when we destroy all control over encryption is rather more complicated than the policemen let on when they talk about the crimes they would not have prevented without wiretapping.
  • Cryptography - Wikiquote 10 February 2010 13:51 UTC en.wikiquote.org [Source type: Original source]

^ (In a long sample, you can estimate that the total number of letters is about equal to the total divided by 11.7; that's the "average value" of a letter in English, which tends to use the letters early in the alphabet more often than those late in the alphabet.
  • Cryptography 10 February 2010 13:51 UTC www.skypoint.com [Source type: Original source]

.And I very well remember that in the volume they published there was much left in cypher which could not be understood, and which I believe they would have explained if it had been in their power."^ They might change to something more secure, so it is very much in the attacker's interest to keep the break secret.
  • Cryptography - encyclopedia article - Citizendium 10 February 2010 13:51 UTC en.citizendium.org [Source type: FILTERED WITH BAYES]

^ In order for this to operate they would both have to know a secret key which could be used to encrypt the data.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ However, the example they set could be very damaging for other groups—and populations—if their confidence is misplaced.
  • CERIAS : Posts tagged cryptography 10 February 2010 13:51 UTC www.cerias.purdue.edu [Source type: FILTERED WITH BAYES]

.An excellent modification of the key-word principle was constructed by Admiral Sir Francis Beaufort.^ Admiral Sir Francis Beaufort's cipher (a variant of what's called ``Vigenère'') was published by his brother, after the admiral's death in the form of a 4x5 inch card.
  • CME's Cryptography Timeline 10 February 2010 13:51 UTC world.std.com [Source type: FILTERED WITH BAYES]

.Ciphers have been constructed on the principle of altering the places of the letters without changing their powers.^ Transposition ciphers rearrange the letters of the plaintext without changing the letters themselves.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ The code, produced by unwinding the tape, was a TRANSPOSITION cipher, that is, one where the letters remain the same but the order is changed.
  • Cryptography - GHN 10 February 2010 13:51 UTC www.ieeeghn.org [Source type: FILTERED WITH BAYES]

^ The Caesar cipher, for example, changed each letter in the message by "adding" a constant.
  • Cryonics and Cryptography 10 February 2010 13:51 UTC www.alcor.org [Source type: FILTERED WITH BAYES]

.The message is first written Chinese-wise, upward and downward, and the letters are then combined in given rows from left to right.^ Each letter is converted into two numbers, the first is the row in which the letter can be found and the second is the column.
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

^ So if we line up all 26 letters of the English alphabet with 13 in the first row and 13 in the second, as follows, .
  • Cryptography 10 February 2010 13:51 UTC www.skypoint.com [Source type: Original source]

^ Think of a combination lock: To open it, you must know how all combination locks work (right to the first digit, left to the second, right to the third) and the combination (23-16-21, or whatever).
  • Cryptography 10 February 2010 13:51 UTC www.skypoint.com [Source type: Original source]

.In the celebrated cipher used by the earl of Argyll when plotting against James II., he altered the positions of the words.^ By World War II mechanical and electromechanical cryptographic cipher machines were in wide use, but they were impractical manual systems.
  • Cryptography/History - Wikibooks, collection of open-content textbooks 10 February 2010 13:51 UTC en.wikibooks.org [Source type: FILTERED WITH BAYES]

^ By selecting which rotors were used and by setting the initial rotational position of each rotor in the machine, the user could select a unique and hopefully difficult-to- cryptanalyze cipher.
  • Cryonics and Cryptography 10 February 2010 13:51 UTC www.alcor.org [Source type: FILTERED WITH BAYES]

^ We have only the published facts of the past to stand against all the secret research of the past and future for as long as a cipher is used.
  • Cryptography - Wikiquote 10 February 2010 13:51 UTC en.wikiquote.org [Source type: Original source]

.Sentences of an indifferent nature were constructed, but the real meaning of the message was to be gathered from words, placed at certain intervals.^ In enciphering, each letter of the message is replaced by another letter or figure; in encoding, syllables, words, or whole sentences are treated.
  • cryptography Facts, information, pictures | Encyclopedia.com articles about cryptography 10 February 2010 13:51 UTC www.encyclopedia.com [Source type: Academic]

^ Cryptography is a technique used to hide the meaning of a message and is derived from the Greek word kryptos (hidden).
  • History of Cryptography and Secrecy Systems 10 February 2010 13:51 UTC www.dsm.fordham.edu [Source type: Academic]

.This method, which is connected with the name of Cardan, is sometimes called the trellis or cardboard cipher.^ The algorithm which the roman emperor caesar used allegedly, and now called caesar cipher is a the typical monoalphabetic method .

^ Symmetric cipher keys are sometimes called secret keys or private keys.
  • MIDP Application Security 1: Design Concerns and Cryptography 10 February 2010 13:51 UTC developers.sun.com [Source type: FILTERED WITH BAYES]

^ This is the general name for a method of attacking product ciphers called "differential cryptanalysis".
  • Cryptology 10 February 2010 13:51 UTC www.ridex.co.uk [Source type: Reference]

.The wheel-cipher, which is an Italian invention, the stringcipher, the circle-cipher and many others are fully explained, with the necessary diagrams, in the authorities named above - more particularly by Kliiber in his Kryptographik.^ A lot more information on the AES and other block ciphers can be found on the web page for Eli Biham's modern cryptology course .
  • COS 433, Fall 2005: Home Page 10 February 2010 13:51 UTC www.cs.princeton.edu [Source type: FILTERED WITH BAYES]

^ There are many other ways to check your system for compromise, but they get more specific to the system/software.
  • Security and Cryptography Community FAQ - Dev Shed 10 February 2010 13:51 UTC forums.devshed.com [Source type: General]

^ SCV Cryptomanager operates in various ciphering and public cryptography systems like DES, AES, RSA, ECDSA and many others.
  • AES cryptography downloads at VicMan 10 February 2010 13:51 UTC www.vicman.net [Source type: Reference]

(J.
E. B.)


Wikibooks

Up to date as of January 23, 2010

From Wikibooks, the open-content textbooks collection

Welcome to Cryptography.
.Cryptography is the study of transforming information in order to make it secure from unintended recipients or use.^ Cryptography is one of pillars of information security.
  • Guide to Cryptography - OWASP 10 February 2010 13:51 UTC www.owasp.org [Source type: Reference]

^ Cryptography is the art of "extreme information security."

^ The 1989 report by the OECD Secretariat, Information Network Security , included a review of cryptography technology and policy issues.
  • Report on Background and Issues of Cryptography Policy 10 February 2010 13:51 UTC www.cybercrime.gov [Source type: Reference]

Part I: Introducing Cryptography
  1. Introduction to Cryptography
  2. History of Cryptography
    1. Classical Cryptography
    2. Contemporary Cryptography
    3. Cryptography in Popular Culture
    4. Timeline of Notable Events
  3. Fundamental Concepts
    1. Goals of Cryptography
    2. Goals of Cryptanalysis
    3. Role of Cryptography in Computer Security
    4. Symmetric Ciphers
    5. Asymmetric Ciphers
    6. Hashes
    7. Key Distribution and Authentication
    8. Common flaws and weaknesses
Part II: Designing Ciphers
  1. The Basic Principles
  2. Little Secrets Hide Bigger Secrets
  3. Open Algorithms and the Value of Peer-Review
  4. Think Like a Cryptanalyst
  5. Mathematical Background
  6. Computer Security is More Than Encryption
  7. Unbroken is Not Necessarily Unbreakable
Part III: Breaking Ciphers
  1. The Basic Principles
  2. Weaknesses
    1. Proportionality of Secrecy
      1. Length of the key
      2. Quality of Random Source
      3. Plaintext effect on Ciphertext
    2. Statistical Leaking
    3. Faulty Implementation
    4. Inadequate Peer-Review
    5. Social Engineering and Coercion
  3. Attacks
    1. Brute-Force Attack
    2. Frequency Analysis
    3. Index of Coincidence
    4. Linear Cryptanalysis
    5. Differential Cryptanalysis
    6. Meet in the Middle Attack
  4. Breaking Hash Algorithms
    1. Collisions
      1. Generating
      2. Exploiting
    2. Attacks
      1. Birthday Attack
  5. How Historical Systems Were Broken
    1. Transposition Ciphers
    2. Caesar Cipher
    3. Enigma Machine
    4. Permutation Cipher
    5. Vigenère Cipher
Part IV: Using Ciphers
.
  1. Applying Cryptography
    1. Digital Signatures
      1. Introduction to Digital Signatures
      2. DSA
    2. Database protection
    3. E-Cash
    4. E-Voting
    5. DRM
    6. Biometrics
    7. Anonymity
  2. Classical Ciphers
    1. Beale Cipher
    2. Transposition Ciphers
    3. Caesar Cipher
    4. Atbash Cipher
    5. Autokey Cipher
    6. Playfair Cipher
    7. Polyalphabetic Substitution
    8. S-box
    9. Scytale
    10. Substitution Cipher
    11. Permutation Cipher
    12. Affine Cipher
    13. Vigenère cipher
  3. Contemporary Ciphers
    1. Symmetric Ciphers
      1. Enigma Machine
      2. Pontifex cipher
      3. One-Time Pads
      4. Ciphersaber
      5. Data Encryption Standard (DES)
      6. Advanced Encryption Standard
    2. Asymmetric Ciphers
      1. Overview
      2. RSA
      3. ElGamal
      4. Elliptic Curve
    3. Hashes
      1. MD5
      2. SHA-1
      3. RIPEMD-160
      4. Tiger
  4. Protocols
    1. Authentication protocols
      1. eg.^ Secure digital signatures Digital signatures play a major role in authenticating and validating other PGP users' keys.
        • How PGP works 10 February 2010 13:51 UTC www.pgpi.org [Source type: FILTERED WITH BAYES]

        ^ You will learn about the DES (Data Encryption Standard), and about the many people that made such things possible.
        • Books about Cryptography 10 February 2010 13:51 UTC www.watermarker.com [Source type: General]

        ^ Full password protection (incorporating SHA-1 hashing algorithm).

        .Kerberos
    2. Key exchange protocols
      1. Diffie-Hellman
    3. Secure Communications
      1. eg.^ The most common key agreement protocol is Diffie-Hellman.
        • MIDP Application Security 1: Design Concerns and Cryptography 10 February 2010 13:51 UTC developers.sun.com [Source type: FILTERED WITH BAYES]

        ^ Lastly, we have key exchange algorithms (such as Diffie-Hellman for SSL).
        • Guide to Cryptography - OWASP 10 February 2010 13:51 UTC www.owasp.org [Source type: Reference]

        ^ See also: Diffie-Hellman, public key .
        • GuardianEdge Glossary: Cryptography 10 February 2010 13:51 UTC www.guardianedge.com [Source type: Academic]

        SSL, SSH
Part V: Cryptography and Society
  1. The Changing Nature of Cryptographic Use
  2. Cryptography, Governments and Laws
  3. Expectations of Normal Users
Part VI: Miscellaneous
  1. Future Possibilities
    1. Quantum Cryptography
    2. Faster, More Parallel Linear Computers
  2. Glossary of Terms
  3. Further Reading
  4. Appendix A: Mathematical background
    1. Number Theory
    2. Group Theory
    3. Computational Complexity
currently ungrouped
    1. Tabula Recta
    2. Commitment schemes
    3. Random Number Generation
    4. Zero-knowledge proofs
Almost all of these topics have articles about them in Wikipedia (there are about 50-100 crypto related articles) so many sections could be imported.
Perhaps this needs a little Discussion.--RobKohr 17:14, 22 Nov 2004 (UTC)
  • Cryptography/Scratch pad - a mid-way ground for importing articles from wikipedia.
Pages to be merged into the text.
Sources: .Wikipedia:cryptography, Wikipedia:Transposition cipher, Wikipedia:Caesar cipher, Wikipedia:Frequency analysis, Wikipedia:Brute-force search.^ The advantage of transposition ciphers is that, though they preserve the standard frequency table of letters, the results make no sense.
  • Cryptography 10 February 2010 13:51 UTC www.skypoint.com [Source type: Original source]

^ Although cryptography is not a panacea, the majority of security breaches do not come from brute force computation but from exploiting mistakes in implementation.
  • Guide to Cryptography - OWASP 10 February 2010 13:51 UTC www.owasp.org [Source type: Reference]

^ A brute force search of such a cipher's keyspace is 2 16 times faster than a similar search against DES. The EFF's machine can do a brute-force search of a 40-bit key space in seconds .
  • History and politics of cryptography 10 February 2010 13:51 UTC www.freeswan.org [Source type: FILTERED WITH BAYES]


Simple English

Cryptography (also known as cryptology; comes from Greek κρυπτός, kryptos, "hidden, secret"; and γράφω, gráphō, "I write", or -λογία, -logia, respectively)[1] is the practice and study of hiding information; the science used to try to keep information secret and safe.

It has been used for over 2000 years. In modern times, cryptography can be a part of mathematics and computer science, and is related to information theory, computer security, and engineering. Cryptography can be used to protect all different kinds of information. Things that use cryptography include keeping information secret on bank cards, computer passwords, and the internet.

Contents

Using Cryptography

When a message is sent using cryptography, it is changed (or encrypted) before it is sent. The change makes the message hard to read. If someone wants to read it, they need to change it back (or decrypt it). How to change it back is a secret. Both the person that sends the message and the one that gets it should know the secret way to change it, but other people should not be able to.

Types of Cryptography

Different types of cryptography can be easier or harder to use and can hide the secret better or worse.

Computers

Computers can do hard math very fast, and because of this they can do very strong encryption. Examples are computer algorithms like RSA, AES, Blowfish, and many others. Using good algorithms like these can make it very hard to read the information that is sent.

People

People are better at patterns, changing order of words or letters, and using words with different meanings. Because people are slower than computers, any cryptography they use can probably be broken if enough of the secret way to change it is known.

Simple forms of cryptography that people can do are Caesar ciphers and Straddling checkerboard, but there are lots more.

References

  1. Liddell and Scott's Greek-English Lexicon. Oxford University Press. (1984)

Other websites


Citable sentences

Up to date as of December 25, 2010

Here are sentences from other pages on Cryptography, which are similar to those in the above article.








Got something to say? Make a comment.
Your name
Your email address
Message