Your search keyword '"PUBLIC key cryptography"' showing total 63 results

1. Cryptanalytic Attacks and Countermeasures on RSA.

Author

Dubey, Manish Kant, Ratan, Ram, Verma, Neelam, and Saxena, Pramod Kumar

Abstract

RSA cryptosystem is based on the difficulty of factoring large integers. It is used in encryption as well as in digital signature for providing security and authenticity of information. RSA is employed in various security applications. RSA has been extensively analyzed for flaws and cryptanalytic attacks but it is still considered secure due to adequate countermeasures and improvements reported. In this paper, we present a brief overview on RSA, discuss various flaws and cryptanalytic attacks including applicability of genetic algorithm and some countermeasures to overcome from certain flaws and cryptanalytic attacks. The review study shows that RSA is a most popular secure asymmetric cryptosystem and its strength would remain intact until availability of quantum computers. [ABSTRACT FROM AUTHOR]

Published

2014

2. Concurrent-Secure Blind Signature Scheme Without Random Oracles.

Author

Xin, Liu

Subjects

PUBLIC key cryptography, COMMUNICATION, DATA extraction, POLYNOMIALS, RANDOM effects model

Abstract

In the context of blind signature schemes, how to devise efficient and concurrent-secure blind signature scheme without random oracles has been a very active research topic. Recently, Gjøsteen et al. proposed a round-optimal blind signature scheme in the registered public key model. Unfortunately, this scheme has the drawback that the costs of computation and communication of its signing protocol are linear in the size of the message to be signed. The main contribution of this paper is a revised scheme which is built on the Zhou-Lin signature scheme, the compilation technique of Damgård et al., and Arita's straight-line extractable commitment scheme. The salient features of the new scheme are that the costs of computation and communication of its signing protocol do not depend on the size of the message to be signed. In addition, the resultant signature is very short and has an efficient verification process. Moreover, thanks to the technique of straight-line extraction, the security reduction algorithm is efficient and run in strictly polynomial-time. [ABSTRACT FROM AUTHOR]

Published

2013

3. Efficient and Flexible Co-processor for Server-Based Public Key Cryptography Applications.

Author

Laue, Ralf

Abstract

This work presents a SoC-based co-processor for public key cryptography and server application. Because of the focus on the server side, high throughput was chosen as metric for efficiency instead of low latency as usually done in literature. This becomes important in light of the second goal, which is flexibility regarding the supported cryptographic schemes. Starting with an unified view on the abstraction levels of different public key cryptographic schemes and an overview on their parallelization possibilities, parallelization is applied in a more refined way than usually done in literature: It is examined on each abstraction level which degree of parallelization still aids throughput without sacrificing flexibility. [ABSTRACT FROM AUTHOR]

Published

2011

4. Horizontal Correlation Analysis on Exponentiation.

Author

Clavier, Christophe, Feix, Benoit, Gagnerot, Georges, Roussellet, Mylène, and Verneuil, Vincent

Abstract

We introduce in this paper a technique in which we apply correlation analysis using only one execution power curve during an exponentiation to recover the whole secret exponent manipulated by the chip. As in the Big Mac attack from Walter, longer keys may facilitate this analysis and success will depend on the arithmetic coprocessor characteristics. We present the theory of the attack with some practical successful results on an embedded device and analyze the efficiency of classical countermeasures with respect to our attack. Our technique, which uses a single exponentiation curve, cannot be prevented by exponent blinding. Also, contrarily to the Big Mac attack, it applies even in the case of regular implementations such as the square and multiply always or the Montgomery ladder. We also point out that DSA and Diffie-Hellman exponentiations are no longer immune against CPA. Then we discuss the efficiency of known countermeasures, and we finally present some new ones. [ABSTRACT FROM AUTHOR]

Published

2010

5. Faster Montgomery Modular Multiplication without Pre-computational Phase For Some Classes of Finite Fields.

Author

Akleylek, Sedat, Cenk, Murat, and Özbudak, Ferruh

Abstract

In this paper, we give faster versions of Montgomery modular multiplication algorithm without pre-computational phase for GF(p) and GF(2m) which can be considered as a generalization of [3], [4] and [5]. We propose sets of moduli different than [3], [4] and [5] which can be used in PKC applications. We show that one can obtain efficient Montgomery modular multiplication architecture in view of the number of AND gates and XOR gates by choosing proposed sets of moduli. We eliminate precomputational phase with proposed sets of moduli. These methods are easy to implement for hardware. [ABSTRACT FROM AUTHOR]

Published

2010

6. Signcryption with Non-interactive Non-repudiation without Random Oracles.

Author

Fan, Jia, Zheng, Yuliang, and Tang, Xiaohu

Abstract

Non-repudiation is a very important requirement of signcryption. It ensures that a sender cannot deny the fact that he has signcrypted a message. Non-interactive non-repudiation enables a receiver to settle a repudiation dispute with the help of a judge without the need to engage in costly multi-round interactive communications with the judge. In this paper, we strengthen Malone-Lee΄s security model for signcryption with non-interactive non-repudiation by introducing two additional, more subtle and useful security requirements, one about the unforgeability and the other about the confidentiality of non-repudiation evidence. A further contribution of this paper is to design a concrete signcryption scheme that admits provable security without random oracles in our strengthened security model for signcryption. [ABSTRACT FROM AUTHOR]

Published

2010

7. NTRU-Like Public Key Cryptosystems beyond Dedekind Domain up to Alternative Algebra.

Author

Malekian, Ehsan and Zakerolhosseini, Ali

Abstract

The main purpose of this paper is to illustrate the fundamental concepts behind the NTRU public key cryptosystem can be extended to a broader algebra than Dedekind domains and the NTRU underlying ring may be replaced by a non-commutative or even non-associative algebra. To cross the border of Dedekind or Euclidean domains, we prove that it is possible to extend NTRU to the algebra of polynomials with coefficients in the non-commutative ring of quaternions as well as the non-associative octonions algebra (a power-associative and alternative algebra of dimension eight over a principal ideal domain). We also demonstrate that the security of the proposed non-associative cryptosystem relies on the intractability of shortest vector problem in a certain type of lattice. The least advantage of the non-associativity of the underlying algebra is that the resulting lattice is not fully classified under Convolutional Modular Lattice (CML). To the best of our knowledge, no non-associative public key cryptosystem based on non-associative algebra has been proposed in the literature. [ABSTRACT FROM AUTHOR]

Published

2010

8. Publishing Upper Half of RSA Decryption Exponent.

Author

Maitra, Subhamoy, Sarkar, Santanu, and Sen Gupta, Sourav

Abstract

In the perspective of RSA, given small encryption exponent e (e.g., e = 216 + 1), the top half of the decryption exponent d can be narrowed down within a small search space. This fact has been previously exploited in RSA cryptanalysis. On the contrary, here we propose certain schemes to exploit this fact towards efficient RSA decryption. [ABSTRACT FROM AUTHOR]

Published

2010

9. ID Based Cryptography and Anonymity in Delay/Disruption Tolerant Networks.

Author

Ahmad, Naveed, Cruickshank, Haitham, and Sun, Zhili

Abstract

Due to the rapid development in technology, every network, application needs full time connectivity without disruption and delays. The Delay/Disruption Tolerant Networking (DTN) concept is suitable for applications such as rural and disaster areas networks, animal and environmental monitoring plus others. However, due to the shared and unsecured nature of such challenged networks a good cryptographic framework needed in DTN. Identity Based Cryptography (IBC) compares favorably with traditional public key cryptography while generating public key on a fly as required. In this paper, we will provide anonymity solution in DTN using IBC. This has the advantage over public key cryptography with respect to end-to-end confidentiality. Also we use pseudonyms to provide anonymity and hide the identity of the end user. [ABSTRACT FROM AUTHOR]

Published

2010

10. Simple Power Analysis on Exponentiation Revisited.

Author

Courrège, Jean-Christophe, Feix, Benoit, and Roussellet, Mylène

Abstract

Power Analysis has been studied since 1998 when P. Kocher et al. presented the first attack. From the initial Simple Power Analysis more complex techniques have been designed and studied during the previous decade such as Differential and Correlation Power Analysis. In this paper we revisit Simple Power Analysis which is at the heart of side channel techniques. We aim at showing its true efficiency when studied rigorously. Based on existing Chosen Message attacks we explain in this paper how particular message values can reveal the secret exponent manipulated during a modular exponentiation with a single power consumption curve. We detail the different ways to achieve this and then show that some blinded exponentiations can still be threatened by Simple Power Analysis depending on the implementation. Finally we will give advice on countermeasures to prevent such enhanced Simple Power Analysis techniques. [ABSTRACT FROM AUTHOR]

Published

2010

11. A New Hard Problem over Non-commutative Finite Groups for Cryptographic Protocols.

Author

Moldovyan, Dmitriy N. and Moldovyan, Nikolay A.

Abstract

A new computationally difficult problem defined over non-commutative finite groups is proposed as cryptographic primitive. The problem is used to construct public key agreement protocol and algorithms for public and commutative encryption. Finite non-commutative groups of the four-dimension vectors over the ground field are constructed and investigated as primitives for implementing the protocols and algorithms based on the proposed difficult problem. [ABSTRACT FROM AUTHOR]

Published

2010

12. Cryptanalysis of the Niederreiter Public Key Scheme Based on GRS Subcodes.

Author

Wieschebrink, Christian

Abstract

In this paper a new structural attack on the McEliece/Niederreiter public key cryptosystem based on subcodes of generalized Reed-Solomon codes proposed by Berger and Loidreau is described. It allows the reconstruction of the private key for almost all practical parameter choices in polynomial time with high probability. [ABSTRACT FROM AUTHOR]

Published

2010

13. Hardware-Based Public-Key Cryptography with Public Physically Unclonable Functions.

Author

Beckmann, Nathan and Potkonjak, Miodrag

Abstract

A physically unclonable function (PUF) is a multiple-input, multiple-output, large entropy physical system that is unreproducible due to its structural complexity. A public physically unclonable function (PPUF) is a PUF that is created so that its simulation is feasible but requires very large time even when ample computational resources are available. Using PPUFs, we have developed conceptually new secret key exchange and public key protocols that are resilient against physical and side channel attacks and do not employ unproven mathematical conjectures. Judicious use of PPUF hardware sharing, parallelism, and provably correct partial simulation enables 1016 advantage of communicating parties over an attacker, requiring over 500 of years of computation even if the attacker uses all global computation resources. [ABSTRACT FROM AUTHOR]

Published

2009

14. Secure Multi-party Computation Minimizing Online Rounds.

Author

Choi, Seung Geol, Elbaz, Ariel, Malkin, Tal, and Yung, Moti

Abstract

Multi-party secure computations are general important procedures to compute any function while keeping the security of private inputs. In this work we ask whether preprocessing can allow low latency (that is, small round) secure multi-party protocols that are universally-composable (UC). In particular, we allow any polynomial time preprocessing as long as it is independent of the exact circuit and actual inputs of the specific instance problem to solve, with only a bound k on the number of gates in the circuits known. To address the question, we first define the model of ˵Multi-Party Computation on Encrypted Data″ (mp-ced), implicitly described in [FH96],[JJ00],[CDN01],[DN03]. In this model, computing parties establish a threshold public key in a preprocessing stage, and only then private data, encrypted under the shared public key, is revealed. The computing parties then get the computational circuit they agree upon and evaluate the circuit on the encrypted data. The ]> model is interesting since it is well suited for modern computing environments, where many repeated computations on overlapping data are performed. We present two different round-efficient protocols in this model: The first protocol generates k garbled gates in the preprocessing stage and requires only two (online) rounds. The second protocol generates a garbled universal circuit of size O(k logk) in the preprocessing stage, and requires only one (online) round (i.e., an obvious lower bound), and therefore it can run asynchronously. Both protocols are secure against an active, static adversary controlling any number of parties. When the fraction of parties the adversary can corrupt is less than half, the adversary cannot force the protocols to abort. The ]> model is closely related to the general Multi-Party Computation (mpc) model and, in fact, both can be reduced to each other. The first (resp. second) protocol above naturally gives protocols for three-round (resp. two-round) universally composable ]> secure against active, static adversary controlling any number of parties (with preprocessing). [ABSTRACT FROM AUTHOR]

Published

2009

15. Reducing Memory Requirements for Combinatorial Attacks on NTRU via Multiple Birthdays.

Author

Overbeck, R.

Abstract

In this paper we view the possibilities to lance a multiple (iterative) birthday attack on NTRU. Recently Wagner΄s algorithm for the generalized birthday problem [9] allowed to speed-up several combinatorial attacks. However, in the case of NTRU we can not hope to to apply Wagner΄s algorithm directly, as the search space does not behave nicely. In this paper we show that we can nevertheless draw profit from a multiple birthday approach. Our approach allows us to attack ees251ep6 parameter set on a computer with only 252 Bits of memory and about 29 times faster as with Odlyzko΄s combinatorial attack – this is an improvement factor about 243 in space complexity. We thus contradict the common believe, that in comparison to computational requirements, the ˵storage requirement is by far the larger obstacle″ [3] to attack NTRU by combinatorial attacks. Further, our attack is about 27 times faster than the space-reduced variant from [3] employing the same amount of memory. [ABSTRACT FROM AUTHOR]

Published

2009

16. On the Security of an Efficient ID-based Partially Blind Signature Scheme.

Author

Yuh-Min Tseng, Tsu-Yang Wu, and Jui-Di Wu

Subjects

DIGITAL signatures, COMPUTER security, IDENTIFICATION, PUBLIC key cryptography, ELLIPTIC curves, BILINEAR transformation method

Abstract

A partially blind signature is a variant of the blind signature. The partially blind signature scheme allows a signer to sign a partially blind message that explicitly includes the pre-agreed information. In 2005, Chow et al. first proposed an ID-based partially blind signature scheme with bilinear pairings. ID-based public key systems with bilinear pairings defined on elliptic curves offer a flexible approach to achieve both simplifying the certificate management and reducing the computational cost. However, their scheme is time-consuming for requesters (or clients) with mobile devices. In 2007, Hu and Huang proposed an efficient ID-based partially blind signature scheme based on bilinear pairings. They claimed that the proposed scheme is provably secure under the random oracle model. However, this paper shows that the Hu-Huang scheme suffers from forgery attacks. [ABSTRACT FROM AUTHOR]

Published

2008

17. Cryptanalysis of MOR and Discrete Logarithms in Inner Automorphism Groups.

Author

Korsten, Anja

Abstract

The MOR cryptosystem was introduced in 2001 as a new public key cryptosystem based on non-abelian groups. This paper demonstrates that the complexity of breaking MOR based on groups of the form ]> ( ]> a finite abelian group) is (with respect to polynomial reduction) not higher than the complexity of the discrete logarithm problem in small extension fields of . Additionally we consider the construction of a generic attack on MOR. [ABSTRACT FROM AUTHOR]

Published

2008

18. Public-Key Locally-Decodable Codes.

Author

Hemenway, Brett and Ostrovsky, Rafail

Abstract

In this paper we introduce the notion of a Public-Key Encryption Scheme that is also a Locally-Decodable Error-Correcting Code (PKLDC). In particular, we allow any polynomial-time adversary to read the entire ciphertext, and corrupt a constant fraction of the bits of the entire ciphertext. Nevertheless, the decoding algorithm can recover any bit of the plaintext with all but negligible probability by reading only a sublinear number of bits of the (corrupted) ciphertext. We give a general construction of a PKLDC from any Semantically-Secure Public Key Encryption (SS-PKE) and any Private Information Retrieval (PIR) protocol. Since Homomorphic encryption implies PIR, we also show a reduction from any Homomorphic encryption protocol to PKLDC. Applying our construction to the best known PIR protocol (that of Gentry and Ramzan), we obtain a PKLDC, which for messages of size n and security parameter k achieves ciphertexts of size ]> , public key of size ]> , and locality of size ]> . This means that for messages of length n = ω(k2 + ε), we can decode a bit of the plaintext from a corrupted ciphertext while doing computation sublinear in n. [ABSTRACT FROM AUTHOR]

Published

2008

19. Linear Bandwidth Naccache-Stern Encryption.

Author

Chevallier-Mames, Benoȋt, Naccache, David, and Stern, Jacques

Abstract

The Naccache-Stern (ns) knapsack cryptosystem is an original yet little-known public-key encryption scheme. In this scheme, the ciphertext is obtained by multiplying public-keys indexed by the message bits modulo a prime p. The cleartext is recovered by factoring the ciphertext raised to a secret power modulo p. ns encryption requires a multiplication per two plaintext bits on the average. Decryption is roughly as costly as an rsa decryption. However, ns features a bandwidth sublinear in log p, namely log p/ log log p. As an example, for a 2048-bit prime p, ns encryption features a 233-bit bandwidth for a 59-kilobyte public key size. This paper presents new ns variants achieving bandwidths linear in log p. As linear bandwidth claims a public-key of size log3p/ log log p, we recommend to combine our scheme with other bandwidth optimization techniques presented here. For a 2048-bit prime p, we obtain figures such as 169-bit plaintext for a 10-kilobyte public key, 255-bit plaintext for a 20-kilobyte public key or a 781-bit plaintext for a 512-kilobyte public key. Encryption and decryption remain unaffected by our optimizations: As an example, the 781-bit variant requires 152 multiplications per encryption. [ABSTRACT FROM AUTHOR]

Published

2008

20. Cryptography Adapted to the New European Area of Higher Education.

Author

Queiruga Dios, A., Hernández Encinas, L., and Queiruga, D.

Abstract

A new experience for teaching Cryptography to engineering students is shown. The aim is to give them a better understanding of secure and cryptographic algorithms by using Maple software, in a graduate-level course. In this paper we discuss how to structure, define, and implement a web-based course as a part of the traditional classes, according to the convergence of the European Higher Education Project. The proposed course facilitates the use of new Information and Communication Technologies. [ABSTRACT FROM AUTHOR]

Published

2008

21. Multi-Application Authentication based on Multi-Agent System.

Author

Somchart Fugkeaw, Piyawit Manpanpanich, and Sekpon Juntapremjitt

Subjects

PUBLIC key infrastructure (Computer security), AUTHENTICATION (Law), ELECTRONIC data processing, PUBLIC key cryptography, SMART cards

Abstract

This paper proposes an authentication approach to support multi-clients in using a multi-application based environment. The approach is primarily based on the public key infrastructure (PKI) authentication scheme and the multi-agent technique. A key pair and a certificate issued by the Certification Authority (CA) are normally kept in a smart card or a token in order to enforce two-factor authentication. Both key pair and certificate are deployed to encrypt/decrypt electronic data or transaction, or sign/authenticate the sender and the recipient. We apply the Single Sign-On (SSO) and the Multi-Agent System (MAS) concepts to facilitate the authentication and the authorization process in order to work with multi-applications and multi-clients more dynamically and efficiently. The agent system is functioned when each client requests to sign on and it is responsible for validating a client certificate, granting an access role to the client, and controlling a concurrent use of applications. [ABSTRACT FROM AUTHOR]

Published

2007

22. Multi-Application Authentication based on Multi-Agent System.

Author

Fugkeaw, Somchart, Manpanpanich, Piyawit, and Juntapremjitt, Sekpon

Subjects

KEYSTROKE timing authentication, CERTIFICATE authority, PUBLIC key cryptography, DATA encryption, ARTIFICIAL intelligence

Abstract

This paper proposes an authentication approach to support multi-clients in using a multi-application based environment. The approach is primarily based on the public key infrastructure (PKI) authentication scheme and the multi-agent technique. A key pair and a certificate issued by the Certification Authority (CA) are normally kept in a smart card or a token in order to enforce two-factor authentication. Both key pair and certificate are deployed to encrypt/decrypt electronic data or transaction, or sign/authenticate the sender and the recipient. We apply the Single Sign-On (SSO) and the Multi-Agent System (MAS) concepts to facilitate the authentication and the authorization process in order to work with multi-applications and multi-clients more dynamically and efficiently. The agent system is functioned when each client requests to sign on and it is responsible for validating a client certificate, granting an access role to the client, and controlling a concurrent use of applications. [ABSTRACT FROM AUTHOR]

Published

2007

23. An Analysis of Public Key Cryptography based Techniques in Wireless Sensor Networks.

Author

Kausar, Firdous and Masood, Ashraf

Subjects

PUBLIC key cryptography, SENSOR networks, COMPUTER network security, DATA encryption, NATIONAL security

Abstract

Sensor networks, consisting of sensor devices equipped with energy limited batteries, have been widely used for surveillance and monitoring environment. Security is critical for sensor networks used in military, homeland security and other hostile environments. Previous research on sensor network security mainly use symmetric key cryptography but now interest in using public-key cryptography for securing sensor networks is increasing. Many researchers have tried to provide security by using only symmetric key mechanisms thinking that public key cryptosystems are not feasible to implement in these networks because they are constrained with less resources. The contribution of this work is a detailed study of several public key cryptography based techniques in WSNs. Our analysis revealed that the public key schemes based on elliptic curve cryptography (ECC) are more feasible in WSNs. [ABSTRACT FROM AUTHOR]

Published

2007

24. Efficient and Secure Public-Key Cryptosystems.

Author

Catalano, Dario, Cramer, Ronald, Crescenzo, Giovanni, Darmgård, Ivan, Pointcheval, David, and Takagi, Tsuyoshi

Subjects

PUBLIC key cryptography, CRYPTOGRAPHY, DATA encryption, PUBLIC key infrastructure (Computer security), IPSEC (Computer network protocol)

Abstract

Nowadays, RSA cryptosystem is used for practical security applications, e.g., SSL, IPSEC, PKI, etc. Elliptic curve cryptosystem has focused on the implementation on memory constraint environments due to its small key size. In this chapter we describe an overview of efficient algorithms applied to RSA cryptosystem and EC cryptosystem. On the other hand, novel attacks on the efficient implementation have been proposed, namely timing attack, side channel attacks, fault attack, etc. These attacks can break the secret key of the underlying cryptosystem, if the implementation method is not carefully considered. We also explain several attacks related to efficient implementation, and present countermeasures against them. [ABSTRACT FROM AUTHOR]

Published

2005

25. Provable Security for Public Key Schemes.

Author

Catalano, Dario, Cramer, Ronald, Crescenzo, Giovanni, Darmgård, Ivan, Pointcheval, David, and Takagi, Tsuyoshi

Subjects

PUBLIC key cryptography, CRYPTOGRAPHY, DATA encryption, ELECTRONIC commerce, COMPUTER network security

Abstract

Since the appearance of public-key cryptography in the Diffie-Hellman seminal paper, many schemes have been proposed, but many have been broken. Indeed, for a long time, the simple fact that a cryptographic algorithm had withstood cryptanalytic attacks for several years was considered as a kind of validation. But some schemes took a long time before being widely studied, and maybe thereafter being broken. A much more convincing line of research has tried to provide “provable” security for cryptographic protocols, in a complexity theory sense: if one can break the cryptographic protocol, one can efficiently solve the underlying problem. Unfortunately, this initially was a purely theoretical work: very few practical schemes could be proven in this so-called “standard model” because such a security level rarely meets with efficiency. Ten years ago, Bellare and Rogaway proposed a trade-off to achieve some kind of validation of efficient schemes, by identifying some concrete cryptographic objects with ideal random ones. The most famous identification appeared in the so-called “random-oracle model”. More recently, another direction has been taken to prove the security of efficient schemes in the standard model (without any ideal assumption) by using stronger computational assumptions. In these lectures, we focus on practical asymmetric protocols together with their “reductionist” security proofs, mainly in the random-oracle model. We cover the two main goals that public-key cryptography is devoted to solve: authentication with digital signatures, and confidentiality with public-key encryption schemes. [ABSTRACT FROM AUTHOR]

Published

2005

26. Cryptanalysis of a Public Key Cryptosystem Proposed at ACISP 2000.

Author

Youssef, Amr and Gong, Guang

Abstract

At ACISP 2000, Yoo et al proposed a fast public key cryptosystem using matrices over a ring. The authors claim that the security of their system is based on the RSA problem. In this paper we present a heuristic attack that enables us to recover the private key from the public key. In particular, we show that breaking the system can be reduced to finding a short vector in a lattice which can be achieved using the L3-lattice reduction algorithm. [ABSTRACT FROM AUTHOR]

Published

2001

27. The Role of the Virus Scanner and Encryption.

Subjects

COMPUTER network security, DATA encryption, PUBLIC key cryptography, COMPUTER viruses, SCANNING systems, DATA protection

Abstract

The article discusses the two key network security related areas--virus scanners and encryption. A virus is a program that reproduces its own code, placing its code in other programs so that when those programs are executed the infection spreads. Although not technically a virus, there are three additional types of malicious software that a good virus scanner will check. These include logicbombs, worms and Trojan horses. According to several virus-scanning programs there are thousands of identified code which perform different types of malicious function. One of the most popular methods used by virus developers to replicate their code is to name their program as an external command file with the extension .COM when the real command program has the same name but the extension .EXE. The public key encryption dates to 1976. The private key is known only to the user and is not distributed. In comparison, the public key can be published or distributed at will. The public key is used to encrypt a message that is then transmitted to the party that developed the public-private key pair.

Published

2001

28. How to Guard the Guards Themselves.

Author

Yung, Moti

Abstract

The first 20 years of modern cryptography dealt with various cryptosystems, their modeling and their security, while assuming the availability of secure keys. Theses keys were the guards of security and based on their unavailability to the adversary, security was proved. In the last decade or so, however, as cryptography has been employed in practice, the realization that keys (the guards of security) needs to be guarded as well was realized and cryptosystems and algorithms have to be designed to take this into consideration. I will review some major directions in this research area. [ABSTRACT FROM AUTHOR]

Published

2009

29. Protocols Guide: Network Security Technologies and Protocols: AAA Protocols: Kerberos: Network Authentication Protocol.

Subjects

COMPUTER network protocols, CLIENT/SERVER computing, PUBLIC key cryptography, DATA encryption, COMPUTER networks

Abstract

Information on Kerberos, a network authentical protocol, from a chapter of the book "Network Protocols Handbook," Fourth Edition, is presented. It describes how Kerberos provide strong authentication for client/server applications through the use of secret-key cryptography. It outlines the steps involved in the authentication process, along with the protocol structure of Kerberos. It also cites some related protocols.

Published

2007

30. Root Certificate.

Subjects

COMPUTER security, PUBLIC key cryptography, COMPUTER network security, DATA encryption, CRYPTOGRAPHY

Abstract

An encyclopedia entry for "Root Certificate" is presented. It is the certificate for which the subject is a root. In terms of public key infrastructure, it is the self-signed public-key certificate at the top of a certification hierarchy.

Published

2007

31. Public Key Cryptography.

Subjects

DEFINITIONS, PUBLIC key cryptography, DATA encryption

Abstract

A definition of the term "public key cryptography" is presented. Also known as asymmetric cryptography, it is based on the mathematic scheme developed by cryptographers Whitfield Diffie and Martin Hellman. According to the article, the public key cryptography process allows users to encrypt a message and send it to another person without prior key exchange.

Published

2007

32. DomainKeys.

Subjects

PUBLIC key cryptography, SPAM email, PHISHING, COMPUTER security

Abstract

An encyclopedia entry for "DomainKeys" is presented. In computer security, this term refers to an anti-spam/phishing technology developed by Yahoo. It uses a form of public key cryptography to authenticate the sender's domain. This allows the receiver to filter emails and identify spam. It is noted that email servers generate a public/private key pair for outgoing emails.

Published

2007

33. PKINIT.

Subjects

DEFINITIONS, COMPUTER security, PUBLIC key cryptography, DATA encryption, CRYPTOGRAPHY

Abstract

A definition of the computer security term "PKINIT" is presented. It refers to an extension to Kerberos that adds public key cryptography.

Published

2007

34. X.509.

Subjects

COMPUTER network protocols, COMPUTER network architectures, DATA transmission systems, PUBLIC key cryptography, DATA encryption, COMPUTER security

Abstract

An encyclopedia entry for "X.509" is presented. It refers to an ITU-T standard for public key infrastructure (PKI). Among other things, this protocol specifies standard formats for public key certificates and a certification path validation algorithm. This standard was initially issued in 1998 and has begun in association with the X.500 standard.

Published

2007

35. Signed Document Markup Language.

Subjects

DOCUMENT markup languages, TEXT processing (Computer science), DIGITAL signatures, DATA encryption, PUBLIC key cryptography, COMPUTER network security

Abstract

An encyclopedia entry for "Signed Document Markup Language" is presented. It refers to a specification of a generic method for digitally signing a document, a section of a document or multiple documents together. It can be applied in Web pages, e-mail messages or any text based documents. For the specification to work, it needs public key cryptography.

Published

2007

36. RSA Cryptography Standard.

Subjects

DEFINITIONS, PUBLIC key cryptography, CRYPTOGRAPHY, DIGITAL signatures, DATA encryption, COMPUTER security

Abstract

A definition of the term "RSA Cryptography Standard" is presented. The term refers to a Public-Key Cryptography Standard that outlines the encryption of data using the RSA algorithm. It is used in the development of digital signatures and digital envelopes. It is also employed to describe a syntax for RSA public keys and private keys.

Published

2007

37. Public-Key Cryptography Standards.

Subjects

PUBLIC key cryptography, STANDARDS, COMPUTER software industry, COMPUTER security

Abstract

An encyclopedia entry for "Public-Key Cryptography Standards" (PKCS) is presented. These are specifications produced by RSA Laboratories with the help of secure system developers worldwide. Its documents have been widely implemented and contributions from the PKCS series have become part of many formal and de facto standards.

Published

2007

38. Public Key Infrastructure.

Subjects

DEFINITIONS, PUBLIC key cryptography, DATA encryption

Abstract

A definition of the term "public key infrastructure (PKI)" is presented. It refers to a system based on the Public Key Cryptography concepts to provide public key creation and management for users to encrypt data and exchange keys effectively. It is noted that the PKI architecture is defined by the U.S. National Institute of Standards and Technology (NIST) and the Internet standard groups.

Published

2007

39. Public Key Encryption.

Subjects

DEFINITIONS, PUBLIC key cryptography, DATA encryption, COMPUTER security, INTERNET

Abstract

A definition of the term "public key encryption" is presented. It is the popular synonym for asymmetric cryptography. The two keys required in the public-key encryption process are the public key and the private key. The keys are required for a person who need to exchange sensitive data document over the Internet.

Published

2007

40. PKCS #7.

Subjects

PUBLIC key cryptography, DATA encryption, CRYPTOGRAPHY, PUBLIC key infrastructure (Computer security), COMPUTER security

Abstract

An encyclopedia entry on "Public-Key Cryptography Standards #7" (PKCS #7) is presented. It refers to a specification for crytographic message syntax and is used to sign and/or encrypt messages under a Public Key Infrastructure (PKI). It formed the basis for S/MIME, an updated Cryptographic Message Syntax Standard (CMS).

Published

2007

41. Personal Information Exchange Syntax Standard.

Subjects

COMPUTER security standards, PUBLIC key cryptography, PERSONAL information management, DATA encryption, SECURITY systems

Abstract

An encyclopedia entry for "Personal Information Exchange Syntax Standard" is presented. It refers to a Public-Key Cryptography Standard (PKCS) which specifies a portable format for storing or transporting the private keys and certificates of a user. Diskettes, smart cards and PCMCIA cards are examples of portable formats.

Published

2007

42. Perfect Forward Secrecy or Public-Key Forward Secrecy.

Subjects

PUBLIC key cryptography, COMPUTER security, DATA encryption, COMPUTER network security, CRYPTOGRAPHY

Abstract

An encyclopedia entry about "perfect forward secrecy or public-key forward secrecy" is presented. It refers to the property that discloses long-term secret keying material that is used to derive an agreed ephemeral key which does not compromise the secrecy of agreed keys from earlier operations.

Published

2007

43. Password-Based Crystography Standard.

Subjects

COMPUTER security standards, PUBLIC key cryptography, DATA encryption, COMPUTER passwords, ACCESS control

Abstract

A reference entry for "password-based crystography standard," in relation to computer security, is presented. It refers to a Public-Key Crystography Standard (PKCS) which defines a technique for encrypting a string with a secret key that is derived from a password.

Published

2007

44. Modification Detection Code.

Subjects

DEFINITIONS, CRYPTOGRAPHY, DATA encryption, CRYPTOGRAMS, PUBLIC key cryptography

Abstract

A definition of the term "Modification Detection Code" is presented. This refers to a short piece of cryptographic checksums used to authenticate a message. It is also considered integrity check-values, message integrity code, or message authentication code.

Published

2007

45. Local Registration Authority.

Subjects

PUBLIC key cryptography, DATA encryption, COMPUTER security, COMPUTER network security, COMPUTER systems

Abstract

A reference entry for "Local Registration Authority" (LRA) is presented. It is an intermediate registration authority (RA) in a public key infrastructure (PKI).

Published

2007

46. Extended-Certificate Syntax Standard.

Subjects

PUBLIC key cryptography, STANDARDS, DIGITAL certificates, DATA encryption, CRYPTOGRAPHY

Abstract

An encyclopedia entry for "Extended-Certificate Syntax Standard" (ECSS) is presented. It is a Public-Key Cryptography Standard (PKCS) that deals with extended certificates, which are made up of the X.509 certificate plus additional attributes. According to the article, the additional attributes and the X.509 certificate can be verified using a single public-key operation.

Published

2007

47. Encryption Certificate.

Subjects

PUBLIC key cryptography, TERMS & phrases, DATA protection, DATA encryption, COMPUTER security

Abstract

A definition of the term "Encryption Certificate" is presented. Also called a public-key certificate, an encryption certificate contains a public key that is intended to be used for encrypting data, rather than for verifying digital signatures or performing other cryptographic functions.

Published

2007

48. Elliptical Curve Cryptography.

Subjects

PUBLIC key cryptography, ELLIPTIC curves, EQUATIONS, PRIME numbers, DATA encryption

Abstract

A definition of the term "Elliptical Curve Cryptography" (ECC) is presented. ECC refers to a public key encryption technique based on elliptic curve theory that can be used to create faster, smaller and more efficient cryptographic keys. Such keys are generated through the properties of the elliptic curve equation instead of the traditional method of generation as the product of very large prime numbers.

Published

2007

49. Diffie-Hellman Key Exchange.

Subjects

CRYPTOGRAPHY, DATA encryption, DATA transmission systems, PUBLIC key cryptography, COMPUTER security

Abstract

A definition of the term "Diffie-Hellman Key Exchange" is presented. It refers to a public key cryptography protocol based on the Diffie-Hellman algorithm that allows two parties to establish a shared secret over insecure communications channels. It is utilized within Internet Key Exchange to establish session keys.

Published

2007

50. Data Key.

Subjects

DEFINITIONS, DATA encryption, COMPUTER network security, PUBLIC key cryptography, CRYPTOGRAPHY

Abstract

A definition of the term "data key" is presented. In cryptography, it refers to a variable value that is applied to a string or block of text to encrypt or decrypt it. Data key is used to encrypt or decrypt data only and is not used to encrypt or decrypt other keys, as some encryption formulas call for.

Published

2007