|
Known-key Distinguishing Attack
In cryptography, a known-key distinguishing attack is an attack model against symmetric ciphers, whereby an attacker who knows the key can find a structural property in cipher, where the transformation from plaintext to ciphertext is not random. There is no common formal definition for what such a transformation may be. The chosen-key distinguishing attack is strongly related, where the attacker can choose a key to introduce such transformations. These attacks do not directly compromise the confidentiality of ciphers, because in a classical scenario, the key is unknown to the attacker. Known-/chosen-key distinguishing attacks apply in the "open key model" instead. They are known to be applicable in some situations where block ciphers are converted to hash functions, leading to practical collision attacks against the hash. Known-key distinguishing attacks were first introduced in 2007 by Lars Knudsen and Vincent Rijmen in a paper that proposed such an attack against 7 out of 10 rou ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Cryptography
Cryptography, or cryptology (from "hidden, secret"; and ''graphein'', "to write", or ''-logy, -logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of Adversary (cryptography), adversarial behavior. More generally, cryptography is about constructing and analyzing Communication protocol, protocols that prevent third parties or the public from reading private messages. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, information security, electrical engineering, digital signal processing, physics, and others. Core concepts related to information security (confidentiality, data confidentiality, data integrity, authentication, and non-repudiation) are also central to cryptography. Practical applications of cryptography include electronic commerce, Smart card#EMV, chip-based payment cards, digital currencies, password, computer passwords, and military communications. ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Feistel Cipher
In cryptography, a Feistel cipher (also known as Luby–Rackoff block cipher) is a symmetric structure used in the construction of block ciphers, named after the German-born physicist and cryptographer Horst Feistel, who did pioneering research while working for IBM; it is also commonly known as a Feistel network. A large number of block ciphers use the scheme, including the US Data Encryption Standard, the Soviet/Russian GOST and the more recent Blowfish and Twofish ciphers. In a Feistel cipher, encryption and decryption are very similar operations, and both consist of iteratively running a function called a " round function" a fixed number of times. History Many modern symmetric block ciphers are based on Feistel networks. Feistel networks were first seen commercially in IBM's Lucifer cipher, designed by Horst Feistel and Don Coppersmith in 1973. Feistel networks gained respectability when the U.S. Federal Government adopted the DES (a cipher based on Lucifer, with cha ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Pseudorandom Permutation
In cryptography, a pseudorandom permutation (PRP) is a function that cannot be distinguished from a random permutation (that is, a permutation selected at random with uniform probability, from the family of all permutations on the function's domain) with practical effort. Definition Let ''F'' be a mapping \left\^n \times \left\^s \rightarrow \left\^n. ''F'' is a PRP if and only if * For any K \in \left\^s, F_K is a bijection from \left\^n to \left\^n, where F_K(x)=F(x,K). * For any K \in \left\^s, there is an "efficient" algorithm to evaluate F_K(x) for any x \in \left\^n,. * For all probabilistic polynomial-time distinguishers D: \left, Pr\left(D^(1^n) = 1\right) - Pr\left(D^(1^n) = 1\right) \ < \varepsilon(s), where is chosen uniformly at random and is chosen uniformly at random from the set of permutations on ''n''-bit strings. A pseudorandom permutation family is a collection of pseudorandom permutations, where a specific p ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Distinguishing Attack
In cryptography, a distinguishing attack is any form of cryptanalysis on data encrypted by a cipher that allows an attacker to distinguish the encrypted data from random data. Modern symmetric-key ciphers are specifically designed to be immune to such an attack. In other words, modern encryption schemes are pseudorandom permutations and are designed to have ciphertext indistinguishability. If an algorithm is found that can distinguish the output from random faster than a brute force search, then that is considered a break of the cipher. A similar concept is the known-key distinguishing attack, whereby an attacker knows the key and can find a structural property in the cipher, where the transformation from plaintext to ciphertext is not random. Overview To prove that a cryptographic function is safe, it is often compared to a random oracle. If a function were a random oracle, then an attacker is not able to predict any of the output of the function. If a function is distinguishable ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Phelix
Phelix is a high-speed stream cipher with a built-in single-pass message authentication code (MAC) functionality, submitted in 2004 to the eSTREAM contest by Doug Whiting, Bruce Schneier, Stefan Lucks, and Frédéric Muller. The cipher uses only the operations of addition modulo 232, exclusive or, and rotation by a fixed number of bits. Phelix uses a 256-bit key and a 128-bit cryptographic nonce, nonce, claiming a design strength of 128 bits. Concerns have been raised over the ability to recover the secret key if the cipher is used incorrectly. Performance Phelix is optimised for 32-bit platforms. The authors state that it can achieve up to eight cycles per byte on modern x86-based processors. FPGA Hardware performance figures published in the paper "Review of stream cipher candidates from a low resource hardware perspective" are as follows: Helix Phelix is a slightly modified form of an earlier cipher, Helix, published in 2003 by Niels Ferguson, Doug Whiting, Bruce Schn ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Skein (hash Function)
Skein is a cryptographic hash function and one of five finalists in the NIST hash function competition. Entered as a candidate to become the SHA-3 standard, the successor of SHA-1 and SHA-2, it ultimately lost to NIST hash candidate Keccak. The name Skein refers to how the Skein function intertwines the input, similar to a wikt:skein, skein of yarn. History Skein was created by Bruce Schneier, Niels Ferguson, Stefan Lucks, Doug Whiting, Mihir Bellare, Tadayoshi Kohno, Jon Callas and Jesse Walker. Skein is based on the Threefish tweakable block cipher, tweakable block cipher compressed using Unique Block Iteration (UBI) chaining mode, a variant of the Matyas–Meyer–Oseas hash mode, while leveraging an optional low-overhead argument-system for flexibility. Skein's algorithm and a reference implementation was given to public domain. Functionality Skein supports internal state sizes of 256, 512 and 1024 bits, and arbitrary output sizes. The authors claim 6.1 cycles per by ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Threefish
Threefish is a symmetric-key tweakable block cipher designed as part of the Skein hash function, an entry in the NIST hash function competition. Threefish uses no S-boxes or other table lookups in order to avoid cache timing attacks; The paper in which Threefish was introduced. its nonlinearity comes from alternating additions with exclusive ORs. In that respect, it is similar to Salsa20, TEA, and the SHA-3 candidates CubeHash and BLAKE. Threefish and the Skein hash function were designed by Bruce Schneier, Niels Ferguson, Stefan Lucks, Doug Whiting, Mihir Bellare, Tadayoshi Kohno, Jon Callas, and Jesse Walker. "Threefish is unpatented, and the source code is uncopyrighted and license-free; it is free for all uses." Description of the cipher Threefish works on words of 64 bits (unsigned Little endian integers). w \in \ is the number of plaintext words and also of key words. The tweak consists of two words. All additions and subtractions are defined modulo 2^. Key schedule ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Asiacrypt
The International Association for Cryptologic Research (IACR) is a non-profit scientific organization that furthers research in cryptology and related fields. The IACR was organized at the initiative of David Chaum at the CRYPTO '82 conference. Activities The IACR organizes and sponsors three annual flagship conferences, four area conferences in specific sub-areas of cryptography, and one symposium: * Crypto (flagship) * Eurocrypt (flagship) * Asiacrypt (flagship) * Fast Software Encryption (FSE) * Public Key Cryptography (PKC) * Cryptographic Hardware and Embedded Systems (CHES) * Theory of Cryptography (TCC) * Real World Crypto Symposium (RWC) Several other conferences and workshops are held in cooperation with the IACR. Starting in 2015, selected summer schools will be officially sponsored by the IACR. CRYPTO '83 was the first conference officially sponsored by the IACR. The IACR publishes the ''Journal of Cryptology'', in addition to the proceedings of its conference and wo ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Block Size (cryptography)
In modern cryptography, symmetric key ciphers are generally divided into stream ciphers and block ciphers. Block ciphers operate on a fixed length string of bits. The length of this bit string is the block size. Both the input ( plaintext) and output (ciphertext) are the same length; the output cannot be shorter than the input this follows logically from the pigeonhole principle and the fact that the cipher must be reversibleand it is undesirable for the output to be longer than the input. Until the announcement of NIST's AES contest, the majority of block ciphers followed the example of the DES in using a block size of 64 bits (8 bytes). However, the birthday paradox In probability theory, the birthday problem asks for the probability that, in a set of randomly chosen people, at least two will share the same birthday. The birthday paradox is the counterintuitive fact that only 23 people are needed for that ... indicates that after accumulating several blocks equal ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Advanced Encryption Standard
The Advanced Encryption Standard (AES), also known by its original name Rijndael (), is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001. AES is a variant of the Rijndael block cipher developed by two Belgium, Belgian cryptographers, Joan Daemen and Vincent Rijmen, who submitted a proposal to NIST during the Advanced Encryption Standard process, AES selection process. Rijndael is a family of ciphers with different key size, key and Block size (cryptography), block sizes. For AES, NIST selected three members of the Rijndael family, each with a block size of 128 bits, but three different key lengths: 128, 192 and 256 bits. AES has been adopted by the Federal government of the United States, U.S. government. It supersedes the Data Encryption Standard (DES), which was published in 1977. The algorithm described by AES is a symmetric-key algorithm, meaning the same key is used for both encrypting ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Attack Model
In cryptanalysis, attack models or attack types are a classification of cryptographic attacks specifying the kind of access a Cryptanalysis, cryptanalyst has to a system under attack when attempting to "break" an Encryption, encrypted message (also known as ''ciphertext'') generated by the system. The greater the access the cryptanalyst has to the system, the more useful information they can get to utilize for breaking the cypher. In cryptography, a sending party uses a cipher to encryption, encrypt (transform) a secret ''plaintext'' into a ''ciphertext'', which is sent over an insecure communication channel to the receiving party. The receiving party uses an inverse cipher to decryption, decrypt the ciphertext to obtain the plaintext. A secret knowledge is required to apply the inverse cipher to the ciphertext. This secret knowledge is usually a short number or string called a ''cryptographic key, key''. In a cryptographic attack a third party cryptanalyst analyzes the ciphertex ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Vincent Rijmen
Vincent Rijmen (; born 16 October 1970) is a Belgium, Belgian cryptographer and one of the two designers of the Rijndael, the Advanced Encryption Standard. Rijmen is also the co-designer of the WHIRLPOOL cryptographic hash function, and the block ciphers Anubis (cipher), Anubis, KHAZAD, Square (cipher), Square, NOEKEON and SHARK. In 1993, Rijmen obtained a degree in electronics engineering at the Katholieke Universiteit Leuven. Afterwards, he was a PhD student at the ESAT/COSIC lab of the K.U.Leuven. In 1997, Rijmen finished his doctoral dissertation titled ''Cryptanalysis and design of iterated block ciphers''. After his PhD he did postdoctoral work at the COSIC lab, on several occasions collaborating with Joan Daemen. One of their joint projects resulted in the algorithm Rijndael, which in October 2000 was selected by the National Institute for Standards and Technology (NIST) to become the Advanced Encryption Standard (AES). Since 1 August 2001, Rijmen has been working as chie ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
