|
Deterministic Encryption
A deterministic encryption scheme (as opposed to a probabilistic encryption scheme) is a cryptosystem which always produces the same ciphertext for a given plaintext and encryption key, key, even over separate executions of the encryption algorithm. Examples of deterministic encryption algorithms include RSA (algorithm), RSA cryptosystem (without encryption padding), and many block ciphers when used in electronic codebook, ECB mode or with a constant initialization vector. Leakage Deterministic encryption can leak information to an eavesdropper, who may recognize known ciphertexts. For example, when an adversary learns that a given ciphertext corresponds to some interesting message, they can learn something every time that ciphertext is transmitted. To gain information about the meaning of various ciphertexts, an adversary might perform a statistical analysis of messages transmitted over an encrypted channel, or attempt to correlate ciphertexts with observed actions (e.g., no ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Encryption
In Cryptography law, cryptography, encryption (more specifically, Code, encoding) is the process of transforming information in a way that, ideally, only authorized parties can decode. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Despite its goal, encryption does not itself prevent interference but denies the intelligible content to a would-be interceptor. For technical reasons, an encryption scheme usually uses a pseudo-random encryption Key (cryptography), key generated by an algorithm. It is possible to decrypt the message without possessing the key but, for a well-designed encryption scheme, considerable computational resources and skills are required. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients but not to unauthorized users. Historically, various forms of encryption have been used to aid in cryptography. Early encryption ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Public Key Cryptography
Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic algorithms based on mathematical problems termed one-way functions. Security of public-key cryptography depends on keeping the private key secret; the public key can be openly distributed without compromising security. There are many kinds of public-key cryptosystems, with different security goals, including digital signature, Diffie–Hellman key exchange, public-key key encapsulation, and public-key encryption. Public key algorithms are fundamental security primitives in modern cryptosystems, including applications and protocols that offer assurance of the confidentiality and authenticity of electronic communications and data storage. They underpin numerous Internet standards, such as Transport Layer Security (TLS), SSH, S/MIME, and ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Format-preserving Encryption
In cryptography, format-preserving encryption (FPE), refers to encrypting in such a way that the output (the ciphertext) is in the same format as the input (the plaintext). The meaning of "format" varies. Typically only finite sets of characters are used; numeric, alphabetic or alphanumeric. For example: * Encrypting a 16-digit credit card number so that the ciphertext is another 16-digit number. * Encrypting an English word so that the ciphertext is another English word. * Encrypting an ''n''-bit number so that the ciphertext is another ''n''-bit number (this is the definition of an ''n''-bit block cipher). For such finite domains, and for the purposes of the discussion below, the cipher is equivalent to a permutation of ''N'' integers where ''N'' is the size of the domain. Motivation Restricted field lengths or formats One motivation for using FPE comes from the problems associated with integrating encryption into existing applications, with well-defined data models. A typica ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Convergent Encryption
Convergent encryption, also known as content hash keying, is a cryptosystem that produces identical ciphertext from identical plaintext files. This has applications in cloud computing to remove duplicate files from storage without the provider having access to the encryption keys. The combination of deduplication and convergent encryption was described in a backup system patent filed by Stac Electronics in 1995. This combination has been used by Farsite, Permabit, Freenet, MojoNation, GNUnet, flud, and the Tahoe Least-Authority File Store. The system gained additional visibility in 2011 when cloud storage provider Bitcasa announced they were using convergent encryption to enable de-duplication of data in their cloud storage service. Overview # The system computes a cryptographic hash of the plaintext in question. # The system then encrypts the plaintext by using the hash as a key. # Finally, the hash itself is stored, encrypted with a key chosen by the user. Known A ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Ciphertext Indistinguishability
Ciphertext indistinguishability is a property of many encryption schemes. Intuitively, if a cryptosystem possesses the property of indistinguishability, then an adversary will be unable to distinguish pairs of ciphertexts based on the message they encrypt. The property of indistinguishability under chosen plaintext attack is considered a basic requirement for most provably secure public key cryptosystems, though some schemes also provide indistinguishability under chosen ciphertext attack and adaptive chosen ciphertext attack. Indistinguishability under chosen plaintext attack is equivalent to the property of semantic security, and many cryptographic proofs use these definitions interchangeably. A cryptosystem is considered ''secure in terms of indistinguishability'' if no adversary, given an encryption of a message randomly chosen from a two-element message space determined by the adversary, can identify the message choice with probability significantly better than that of rand ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Semantic Security
In cryptography, a semantically secure cryptosystem is one where only negligible information about the plaintext can be feasibly extracted from the ciphertext. Specifically, any probabilistic, polynomial-time algorithm (PPTA) that is given the ciphertext of a certain message m (taken from any distribution of messages), and the message's length, cannot determine any partial information on the message with probability non-negligibly higher than all other PPTA's that only have access to the message length (and not the ciphertext). S. Goldwasser and S. MicaliProbabilistic encryption & how to play mental poker keeping secret all partial information Annual ACM Symposium on Theory of Computing, 1982. This concept is the computational complexity analogue to Shannon's concept of perfect secrecy. Perfect secrecy means that the ciphertext reveals no information at all about the plaintext, whereas semantic security implies that any information revealed cannot be feasibly extracted. Goldreic ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Random Oracle
In cryptography, a random oracle is an oracle (a theoretical black box) that responds to every ''unique query'' with a (truly) random response chosen uniformly from its output domain. If a query is repeated, it responds the same way every time that query is submitted. Stated differently, a random oracle is a mathematical function chosen uniformly at random, that is, a function mapping each possible query to a (fixed) random response from its output domain. Random oracles first appeared in the context of complexity theory, in which they were used to argue that complexity class separations may face relativization barriers, with the most prominent case being the P vs NP problem, two classes shown in 1981 to be distinct relative to a random oracle almost surely. They made their way into cryptography by the publication of Mihir Bellare and Phillip Rogaway in 1993, which introduced them as a formal cryptographic model to be used in reduction proofs. They are typically used when ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Crypto (conference)
The International Association for Cryptologic Research (IACR) is a non-profit scientific organization that furthers research in cryptology and related fields. The IACR was organized at the initiative of David Chaum at the CRYPTO '82 conference. Activities The IACR organizes and sponsors three annual flagship conferences, four area conferences in specific sub-areas of cryptography, and one symposium: * Crypto (flagship) * Eurocrypt (flagship) * Asiacrypt (flagship) * Fast Software Encryption (FSE) * Public Key Cryptography (PKC) * Cryptographic Hardware and Embedded Systems (CHES) * Theory of Cryptography (TCC) * Real World Crypto Symposium (RWC) Several other conferences and workshops are held in cooperation with the IACR. Starting in 2015, selected summer schools will be officially sponsored by the IACR. CRYPTO '83 was the first conference officially sponsored by the IACR. The IACR publishes the ''Journal of Cryptology'', in addition to the proceedings of its conference and w ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Semantically Secure
In cryptography, a semantically secure cryptosystem is one where only negligible information about the plaintext can be feasibly extracted from the ciphertext. Specifically, any PP (complexity), probabilistic, polynomial-time algorithm (PPTA) that is given the ciphertext of a certain message m (taken from any distribution of messages), and the message's length, cannot determine any partial information on the message with probability non-negligibly higher than all other PPTA's that only have access to the message length (and not the ciphertext).Shafi Goldwasser, S. Goldwasser and Silvio Micali, S. MicaliProbabilistic encryption & how to play mental poker keeping secret all partial information Annual ACM Symposium on Theory of Computing, 1982. This concept is the computational complexity analogue to Claude Shannon, Shannon's concept of perfect secrecy. Perfect secrecy means that the ciphertext reveals no information at all about the plaintext, whereas semantic security implies that any ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Initialization Vector
In cryptography, an initialization vector (IV) or starting variable is an input to a cryptographic primitive being used to provide the initial state. The IV is typically required to be random or pseudorandom, but sometimes an IV only needs to be unpredictable or unique. Randomization is crucial for some encryption schemes to achieve semantic security, a property whereby repeated usage of the scheme under the same cryptographic key, key does not allow an attacker to infer relationships between (potentially similar) segments of the encrypted message. For block ciphers, the use of an IV is described by the Block cipher mode of operation, modes of operation. Some cryptographic primitives require the IV only to be non-repeating, and the required randomness is derived internally. In this case, the IV is commonly called a cryptographic nonce, nonce (a number used only once), and the primitives (e.g. Block_cipher_mode_of_operation#CBC, CBC) are considered ''stateful'' rather than ''randomiz ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Probabilistic Encryption
Probabilistic encryption is the use of randomness in an encryption algorithm, so that when encrypting the same message several times it will, in general, yield different ciphertexts. The term "probabilistic encryption" is typically used in reference to public key encryption algorithms; however various symmetric key encryption algorithms achieve a similar property (e.g., block ciphers when used in a chaining mode such as CBC), and stream ciphers such as Freestyle which are inherently random. To be semantically secure, that is, to hide even partial information about the plaintext, an encryption algorithm must be probabilistic. History The first provably-secure probabilistic public-key encryption scheme was proposed by Shafi Goldwasser and Silvio Micali, based on the hardness of the quadratic residuosity problem and had a message expansion factor equal to the public key size. More efficient probabilistic encryption algorithms include Elgamal, Paillier, and various constructi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Electronic Codebook
In cryptography, a block cipher mode of operation is an algorithm that uses a block cipher to provide information security such as confidentiality or authenticity. A block cipher by itself is only suitable for the secure cryptographic transformation (encryption or decryption) of one fixed-length group of bits called a block. A mode of operation describes how to repeatedly apply a cipher's single-block operation to securely transform amounts of data larger than a block. Most modes require a unique binary sequence, often called an initialization vector (IV), for each encryption operation. The IV must be non-repeating, and for some modes must also be random. The initialization vector is used to ensure that distinct ciphertexts are produced even when the same plaintext is encrypted multiple times independently with the same key. Block ciphers may be capable of operating on more than one block size, but during transformation the block size is always fixed. Block cipher modes op ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
