The following outline is provided as an overview of and topical guide to cryptography:

Cryptography Cryptography, or cryptology (from grc, , translit=kryptós "hidden, secret"; and ''graphein'', "to write", or ''-logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of adver ...

(or cryptology) – practice and study of hiding

information Information is an abstract concept that refers to that which has the power to inform. At the most fundamental level information pertains to the interpretation of that which may be sensed. Any natural process that is not completely random ...

. Modern cryptography intersects the disciplines of mathematics,

computer science Computer science is the study of computation, automation, and information. Computer science spans theoretical disciplines (such as algorithms, theory of computation, information theory, and automation) to practical disciplines (includi ...

, and

engineering Engineering is the use of scientific principles to design and build machines, structures, and other items, including bridges, tunnels, roads, vehicles, and buildings. The discipline of engineering encompasses a broad range of more speciali ...

. Applications of cryptography include ATM cards, computer passwords, and electronic commerce.

Essence of cryptography

Cryptographer Cryptography, or cryptology (from grc, , translit=kryptós "hidden, secret"; and ''graphein'', "to write", or ''-logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of adver ...

Encryption In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can de ...

decryption In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can deci ...

Cryptographic key A key in cryptography is a piece of information, usually a string of numbers or letters that are stored in a file, which, when processed through a cryptographic algorithm, can encode or decode cryptographic data. Based on the used method, the key ...

* Cipher *

Ciphertext In cryptography, ciphertext or cyphertext is the result of encryption performed on plaintext using an algorithm, called a cipher. Ciphertext is also known as encrypted or encoded information because it contains a form of the original plaintext ...

Plaintext In cryptography, plaintext usually means unencrypted information pending input into cryptographic algorithms, usually encryption algorithms. This usually refers to data that is transmitted or stored unencrypted. Overview With the advent of com ...

* Code *

Tabula recta In cryptography, the ''tabula recta'' (from Latin ''tabula rēcta'') is a square table of alphabets, each row of which is made by shifting the previous one to the left. The term was invented by the German author and monk Johannes TrithemiusSal ...

Alice and Bob Alice and Bob are fictional characters commonly used as placeholders in discussions about cryptographic systems and protocols, and in other science and engineering literature where there are several participants in a thought experiment. The Al ...

Uses of cryptographic techniques

Commitment scheme A commitment scheme is a cryptographic primitive that allows one to commit to a chosen value (or chosen statement) while keeping it hidden to others, with the ability to reveal the committed value later.Oded Goldreich (2001). Foundations of Crypt ...

s *

Secure multiparty computation Secure multi-party computation (also known as secure computation, multi-party computation (MPC) or privacy-preserving computation) is a subfield of cryptography with the goal of creating methods for parties to jointly compute a function over their ...

Electronic voting Electronic voting (also known as e-voting) is voting that uses electronic means to either aid or take care of casting and counting ballots. Depending on the particular implementation, e-voting may use standalone ''electronic voting machines'' ( ...

Authentication Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicatin ...

* Digital signatures *

Crypto system In cryptography, a cryptosystem is a suite of cryptographic algorithms needed to implement a particular security service, such as confidentiality (encryption). Typically, a cryptosystem consists of three algorithms: one for key generation, one f ...

s * Dining cryptographers problem *

Anonymous remailer An anonymous remailer is a server that receives messages with embedded instructions on where to send them next, and that forwards them without revealing where they originally came from. There are cypherpunk anonymous remailers, mixmaster anonym ...

Pseudonymity A pseudonym (; ) or alias () is a fictitious name that a person or group assumes for a particular purpose, which differs from their original or true name ( orthonym). This also differs from a new name that entirely or legally replaces an individu ...

Onion routing Onion routing is a technique for anonymous communication over a computer network. In an onion network, messages are encapsulated in layers of encryption, analogous to layers of an onion. The encrypted data is transmitted through a series of net ...

* Digital currency *

Secret sharing Secret sharing (also called secret splitting) refers to methods for distributing a secret among a group, in such a way that no individual holds any intelligible information about the secret, but when a sufficient number of individuals combine t ...

Indistinguishability obfuscation In cryptography, indistinguishability obfuscation (abbreviated IO or iO) is a type of software obfuscation with the defining property that obfuscating any two programs that compute the same mathematical function results in programs that cannot b ...

Branches of cryptography

Multivariate cryptography Multivariate cryptography is the generic term for asymmetric cryptographic primitives based on multivariate polynomials over a finite field F. In certain cases those polynomials could be defined over both a ground and an extension field. If th ...

Post-quantum cryptography In cryptography, post-quantum cryptography (sometimes referred to as quantum-proof, quantum-safe or quantum-resistant) refers to cryptographic algorithms (usually public-key algorithms) that are thought to be secure against a cryptanalytic attack ...

Quantum cryptography Quantum cryptography is the science of exploiting quantum mechanical properties to perform cryptographic tasks. The best known example of quantum cryptography is quantum key distribution which offers an information-theoretically secure solution ...

Steganography Steganography ( ) is the practice of representing information within another message or physical object, in such a manner that the presence of the information is not evident to human inspection. In computing/electronic contexts, a computer file, ...

Visual cryptography Visual cryptography is a cryptographic technique which allows visual information (pictures, text, etc.) to be encrypted in such a way that the decrypted information appears as a visual image. One of the best-known techniques has been credited to M ...

History of cryptography

* Japanese cryptology from the 1500s to Meiji *

World War I cryptography With the rise of easily-intercepted wireless telegraphy, codes and ciphers were used extensively in World War I. The decoding by British Naval intelligence of the Zimmermann telegram helped bring the United States into the war. Trench codes wer ...

World War II cryptography Cryptography was used extensively during World War II because of the importance of radio communication and the ease of radio interception. The nations involved fielded a plethora of code and cipher systems, many of the latter using rotor machines. ...

Reservehandverfahren ( en, Reserve Hand Procedure) was a German Naval World War II hand-cipher system used as a backup method when no working Enigma machine was available. The cipher had two stages: a transposition followed by bigram substitution. In the transpo ...

Venona project The Venona project was a United States counterintelligence program initiated during World War II by the United States Army's Signal Intelligence Service (later absorbed by the National Security Agency), which ran from February 1, 1943, until Octob ...

Ultra adopted by British military intelligence in June 1941 for wartime signals intelligence obtained by breaking high-level encrypted enemy radio and teleprinter communications at the Government Code and Cypher School (GC&CS) at Bletchley Park. ' ...

Ciphers

Classical

Substitution

* Monoalphabetic substitution ** Caesar cipher ***

ROT13 ROT13 ("rotate by 13 places", sometimes hyphenated ROT-13) is a simple letter substitution cipher that replaces a letter with the 13th letter after it in the alphabet. ROT13 is a special case of the Caesar cipher which was developed in ancient R ...

Affine cipher The affine cipher is a type of monoalphabetic substitution cipher, where each letter in an alphabet is mapped to its numeric equivalent, encrypted using a simple mathematical function, and converted back to a letter. The formula used means that eac ...

Atbash cipher Atbash ( he, אתבש; also transliterated Atbaš) is a monoalphabetic substitution cipher originally used to encrypt the Hebrew alphabet. It can be modified for use with any known writing system with a standard collating order. Encryption T ...

** Keyword cipher *

Polyalphabetic substitution A polyalphabetic cipher substitution, using multiple substitution alphabets. The Vigenère cipher is probably the best-known example of a polyalphabetic cipher, though it is a simplified special case. The Enigma machine is more complex but is sti ...

Vigenère cipher The Vigenère cipher () is a method of encrypting alphabetic text by using a series of interwoven Caesar ciphers, based on the letters of a keyword. It employs a form of polyalphabetic substitution. First described by Giovan Battista Bella ...

** Autokey cipher ** Homophonic substitution cipher * Polygraphic substitution **

Playfair cipher The Playfair cipher or Playfair square or Wheatstone–Playfair cipher is a manual symmetric encryption technique and was the first literal digram substitution cipher. The scheme was invented in 1854 by Charles Wheatstone, but bears the name of ...

Hill cipher In classical cryptography, the Hill cipher is a polygraphic substitution cipher based on linear algebra. Invented by Lester S. Hill in 1929, it was the first polygraphic cipher in which it was practical (though barely) to operate on more than t ...

Transposition

* Scytale *

Grille Grill or grille may refer to: Food * Barbecue grill, a device or surface used for cooking food, usually fuelled by gas or charcoal, or the part of a cooker that performs this function * Flattop grill, a cooking device often used in restaurants, ...

Permutation cipher In cryptography, a transposition cipher is a method of encryption which scrambles the positions of characters (''transposition'') without changing the characters themselves. Transposition ciphers reorder units of plaintext (typically characters or ...

VIC cipher Vic (; es, Vic or Pancracio Celdrán (2004). Diccionario de topónimos españoles y sus gentilicios (5ª edición). Madrid: Espasa Calpe. p. 843. ISBN 978-84-670-3054-9. «Vic o Vich (viquense, vigitano, vigatán, ausense, ausetano, ausonense): ...

– complex hand cypher used by at least one Soviet spy in the early 1950s; it proved quite secure for the time

Modern symmetric-key algorithms

* A5/1 & A5/2 – ciphers specified for the

GSM The Global System for Mobile Communications (GSM) is a standard developed by the European Telecommunications Standards Institute (ETSI) to describe the protocols for second-generation ( 2G) digital cellular networks used by mobile devices such ...

cellular telephone standard * BMGL * Chameleon *

FISH Fish are aquatic, craniate, gill-bearing animals that lack limbs with digits. Included in this definition are the living hagfish, lampreys, and cartilaginous and bony fish as well as various extinct related groups. Approximately 95% of ...

– by Siemens AG * WWII 'Fish' cyphers ** Geheimfernschreiber – WWII mechanical onetime pad by

Siemens AG Siemens AG ( ) is a German multinational conglomerate corporation and the largest industrial manufacturing company in Europe headquartered in Munich with branch offices abroad. The principal divisions of the corporation are ''Industry'', ''E ...

, called STURGEON by

Bletchley Park Bletchley Park is an English country house and estate in Bletchley, Milton Keynes ( Buckinghamshire) that became the principal centre of Allied code-breaking during the Second World War. The mansion was constructed during the years followin ...

Pike Pike, Pikes or The Pike may refer to: Fish * Blue pike or blue walleye, an extinct color morph of the yellow walleye ''Sander vitreus'' * Ctenoluciidae, the "pike characins", some species of which are commonly known as pikes * ''Esox'', genus of ...

– improvement on FISH by Ross Anderson ** Schlusselzusatz – WWII mechanical onetime pad by Lorenz, called ''tunny'' by

HELIX A helix () is a shape like a corkscrew or spiral staircase. It is a type of smooth space curve with tangent lines at a constant angle to a fixed axis. Helices are important in biology, as the DNA molecule is formed as two intertwined helic ...

ISAAC Isaac; grc, Ἰσαάκ, Isaák; ar, إسحٰق/إسحاق, Isḥāq; am, ይስሐቅ is one of the three patriarchs of the Israelites and an important figure in the Abrahamic religions, including Judaism, Christianity, and Islam. He was th ...

– intended as a PRNG *

Leviathan Leviathan (; he, לִוְיָתָן, ) is a sea serpent noted in theology and mythology. It is referenced in several books of the Hebrew Bible, including Psalms, the Book of Job, the Book of Isaiah, the Book of Amos, and, according to some ...

* LILI-128 * MUGI –

CRYPTREC CRYPTREC is the Cryptography Research and Evaluation Committees set up by the Japanese Government to evaluate and recommend cryptographic techniques for government and industrial use. It is comparable in many respects to the European Union's NESSIE ...

recommendation * MULTI-S01 -

recommendation *

One-time pad In cryptography, the one-time pad (OTP) is an encryption technique that cannot be cracked, but requires the use of a single-use pre-shared key that is not smaller than the message being sent. In this technique, a plaintext is paired with a ran ...

– Vernam and Mauborgne, patented 1919; an extreme stream cypher *

Panama Panama ( , ; es, link=no, Panamá ), officially the Republic of Panama ( es, República de Panamá), is a transcontinental country spanning the southern part of North America and the northern part of South America. It is bordered by Co ...

RC4 In cryptography, RC4 (Rivest Cipher 4, also known as ARC4 or ARCFOUR, meaning Alleged RC4, see below) is a stream cipher. While it is remarkable for its simplicity and speed in software, multiple vulnerabilities have been discovered in RC4, ren ...

(ARCFOUR) – one of a series by Professor Ron Rivest of

MIT The Massachusetts Institute of Technology (MIT) is a private land-grant research university in Cambridge, Massachusetts. Established in 1861, MIT has played a key role in the development of modern technology and science, and is one of the m ...

;

recommended limited to 128-bit key ** CipherSaber – (

variant with 10 byte random IV, easy to implement *

Salsa20 Salsa20 and the closely related ChaCha are stream ciphers developed by Daniel J. Bernstein. Salsa20, the original cipher, was designed in 2005, then later submitted to the eSTREAM European Union cryptographic validation process by Bernstein. Ch ...

– an

eSTREAM eSTREAM is a project to "identify new stream ciphers suitable for widespread adoption", organised by the EU ECRYPT network. It was set up as a result of the failure of all six stream ciphers submitted to the NESSIE project. The call for primi ...

recommended cipher ** ChaCha20 – A Salsa20 variant. *

SEAL Seal may refer to any of the following: Common uses * Pinniped, a diverse group of semi-aquatic marine mammals, many of which are commonly called seals, particularly: ** Earless seal, or "true seal" ** Fur seal * Seal (emblem), a device to imp ...

SNOW Snow comprises individual ice crystals that grow while suspended in the atmosphere—usually within clouds—and then fall, accumulating on the ground where they undergo further changes. It consists of frozen crystalline water throughout ...

* SOBER ** SOBER-t16 ** SOBER-t32 * WAKE(7330283203)

Block ciphers

Product cipher In cryptography, a product cipher combines two or more transformations in a manner intending that the resulting cipher is more secure than the individual components to make it resistant to cryptanalysis.Handbook of Applied Cryptography by Alfred J. ...

Feistel cipher In cryptography, a Feistel cipher (also known as Luby–Rackoff block cipher) is a symmetric structure used in the construction of block ciphers, named after the German-born physicist and cryptographer Horst Feistel, who did pioneering research ...

– pattern by

Horst Feistel Horst Feistel (January 30, 1915 – November 14, 1990) was a German-American cryptographer who worked on the design of ciphers at IBM, initiating research that culminated in the development of the Data Encryption Standard (DES) in the 1970s. The ...

Advanced Encryption Standard The Advanced Encryption Standard (AES), also known by its original name Rijndael (), is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001. AES is a varian ...

(Rijndael) – 128-bit block; NIST selection for the AES, FIPS 197; Created 2001—by

Joan Daemen Joan Daemen (; born 1965) is a Belgian cryptographer who co-designed with Vincent Rijmen the Rijndael cipher, which was selected as the Advanced Encryption Standard (AES) in 2001. More recently, he co-designed the Keccak cryptographic hash, w ...

and Vincent Rijmen;

NESSIE NESSIE (New European Schemes for Signatures, Integrity and Encryption) was a European research project funded from 2000 to 2003 to identify secure cryptographic primitives. The project was comparable to the NIST AES process and the Japanese Gov ...

selection;

recommendation. *

Anubis Anubis (; grc, Ἄνουβις), also known as Inpu, Inpw, Jnpw, or Anpu in Ancient Egyptian () is the god of death, mummification, embalming, the afterlife, cemeteries, tombs, and the Underworld, in ancient Egyptian religion, usually depict ...

– 128-bit block * BEAR – built from a stream cypher and hash function, by Ross Anderson *

Blowfish Tetraodontidae is a family of primarily marine and estuarine fish of the order Tetraodontiformes. The family includes many familiar species variously called pufferfish, puffers, balloonfish, blowfish, blowies, bubblefish, globefish, swellfis ...

– 64-bit block; by

Bruce Schneier Bruce Schneier (; born January 15, 1963) is an American cryptographer, computer security professional, privacy specialist, and writer. Schneier is a Lecturer in Public Policy at the Harvard Kennedy School and a Fellow at the Berkman Klein Cente ...

''et al.'' *

Camellia ''Camellia'' (pronounced or ) is a genus of flowering plants in the family Theaceae. They are found in eastern and southern Asia, from the Himalayas east to Japan and Indonesia. There are more than 220 described species, with some controv ...

– 128-bit block;

selection (NTT & Mitsubishi Electric);

recommendation *

CAST-128 In cryptography, CAST-128 (alternatively CAST5) is a symmetric-key block cipher used in a number of products, notably as the default cipher in some versions of GPG and PGP. It has also been approved for Government of Canada use by the Communic ...

( CAST5) – 64-bit block; one of a series of algorithms by

Carlisle Adams Carlisle M. Adams is a Canadian cryptographer and computer security researcher. Formerly senior cryptographer at Entrust, he is currently a professor at the University of Ottawa. His notable work includes the design (with Stafford Tavares) of th ...

and

Stafford Tavares Stafford Emanuel Tavares is a Canadian cryptographer, professor emeritus at Queen's University. His notable work includes the design (with Carlisle Adams) of the block ciphers CAST-128 and CAST-256. He also helped organize the first Selected Are ...

, insistent that the name is not due to their initials ** CAST-256 (

CAST6 In cryptography, CAST-256 (or CAST6) is a symmetric-key block cipher published in June 1998. It was submitted as a candidate for the Advanced Encryption Standard (AES); however, it was not among the five AES finalists. It is an extension of an ...

) – 128-bit block; the successor to CAST-128 and a candidate for the AES competition * CIPHERUNICORN-A – 128-bit block;

recommendation * CIPHERUNICORN-E – 64-bit block;

recommendation (limited) * CMEA – cipher used in US cellphones, found to have weaknesses. * CS-Cipher – 64-bit block *

Data Encryption Standard The Data Encryption Standard (DES ) is a symmetric-key algorithm for the encryption of digital data. Although its short key length of 56 bits makes it too insecure for modern applications, it has been highly influential in the advancement of cry ...

(DES) – 64-bit block; FIPS 46-3, 1976 *

DEAL A deal, or deals may refer to: Places United States * Deal, New Jersey, a borough * Deal, Pennsylvania, an unincorporated community * Deal Lake, New Jersey Elsewhere * Deal Island (Tasmania), Australia * Deal, Kent, a town in England * Deal, ...

– an AES candidate derived from DES * DES-X – a variant of DES to increase the key size. * FEAL * GDES – a DES variant designed to speed up encryption *

Grand Cru Cru is a wine term used to indicate a high-quality vineyard or group of vineyards. It is a French word which is traditionally translated as "growth", as is the past participle of the verb "croître" (to grow); it literally means 'grown'. The ...

– 128-bit block * Hierocrypt-3 – 128-bit block;

recommendation * Hierocrypt-L1 – 64-bit block;

recommendation (limited) *

IDEA NXT In cryptography, the IDEA NXT algorithm (previously known as FOX) is a block cipher designed by Pascal Junod and Serge Vaudenay of EPFL (Lausanne, Switzerland). It was conceived between 2001 and 2003. The project was originally named FOX and wa ...

– project name FOX, 64-bit and 128-bit block family; Mediacrypt (Switzerland); by Pascal Junod & Serge Vaudenay of Swiss Institute of Technology Lausanne *

International Data Encryption Algorithm In cryptography, the International Data Encryption Algorithm (IDEA), originally called Improved Proposed Encryption Standard (IPES), is a symmetric-key block cipher designed by James Massey of ETH Zurich and Xuejia Lai and was first described in ...

(IDEA) – 64-bit block;

James Massey James Lee Massey (February 11, 1934 – June 16, 2013) was an American information theorist and cryptographer, Professor Emeritus of Digital Technology at ETH Zurich. His notable work includes the application of the Berlekamp–Massey algorithm ...

& X Lai of

ETH (colloquially) , former_name = eidgenössische polytechnische Schule , image = ETHZ.JPG , image_size = , established = , type = Public , budget = CHF 1.896 billion (2021) , rector = Günther Dissertori , president = Joël Mesot , a ...

Zurich * Iraqi Block Cipher (IBC) *

KASUMI Kasumi may refer to: Places * Kasumi, Hyōgo (香住), a former town in Hyōgo Prefecture, Japan * Kasumigaseki (霞が関 "Gate of Mist"), a district in downtown Tokyo * Kasumi, Jajce, a village in Bosnia and Herzegovina Other uses * Kasumi (gi ...

– 64-bit block; based on

MISTY1 In cryptography, MISTY1 (or MISTY-1) is a block cipher designed in 1995 by Mitsuru Matsui and others for Mitsubishi Electric. MISTY1 is one of the selected algorithms in the European NESSIE project, and has been among the cryptographic tech ...

, adopted for next generation

W-CDMA The Universal Mobile Telecommunications System (UMTS) is a third generation mobile cellular system for networks based on the GSM standard. Developed and maintained by the 3GPP (3rd Generation Partnership Project), UMTS is a component of the Int ...

cellular phone A mobile phone, cellular phone, cell phone, cellphone, handphone, hand phone or pocket phone, sometimes shortened to simply mobile, cell, or just phone, is a portable telephone that can make and receive calls over a radio frequency link while ...

security * KHAZAD – 64-bit block designed by Barretto and Rijmen *

Khufu and Khafre In cryptography, Khufu and Khafre are two block ciphers designed by Ralph Merkle in 1989 while working at Xerox's Palo Alto Research Center. Along with Snefru, a cryptographic hash function, the ciphers were named after the Egyptian Pharaohs Khuf ...

– 64-bit block ciphers *

Kuznyechik Kuznyechik (russian: Кузнечик, literally "grasshopper") is a symmetric block cipher. It has a block size of 128 bits and key length of 256 bits. It is defined in the National Standard of the Russian Federation GOST R 34.12-2015 and also ...

– Russian 128-bit block cipher, defined in GOST R 34.12-2015 and RFC 7801. * LION – block cypher built from stream cypher and hash function, by Ross Anderson * LOKI89/91 – 64-bit block ciphers *

LOKI97 In cryptography, LOKI97 is a block cipher which was a candidate in the Advanced Encryption Standard competition. It is a member of the LOKI family of ciphers, with earlier instances being LOKI89 and LOKI91. LOKI97 was designed by Lawrie Brown, ...

– 128-bit block cipher, AES candidate *

Lucifer Lucifer is one of various figures in folklore associated with the planet Venus. The entity's name was subsequently absorbed into Christianity as a name for the devil. Modern scholarship generally translates the term in the relevant Bible passa ...

– by Tuchman ''et al.'' of IBM, early 1970s; modified by

NSA The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collecti ...

/ NBS and released as DES *

MAGENTA Magenta () is a color that is variously defined as pinkish- purplish- red, reddish-purplish-pink or mauvish-crimson. On color wheels of the RGB (additive) and CMY (subtractive) color models, it is located exactly midway between red and blu ...

– AES candidate *

Mars Mars is the fourth planet from the Sun and the second-smallest planet in the Solar System, only being larger than Mercury. In the English language, Mars is named for the Roman god of war. Mars is a terrestrial planet with a thin at ...

– AES finalist, by

Don Coppersmith Don Coppersmith (born 1950) is a cryptographer and mathematician. He was involved in the design of the Data Encryption Standard block cipher at IBM, particularly the design of the S-boxes, strengthening them against differential cryptanalysi ...

et al. *

–

selection 64-bit block; Mitsubishi Electric (Japan);

recommendation (limited) *

MISTY2 Misty may refer to: Music * ''Misty'' (Ray Stevens album), an album by Ray Stevens featuring the above song * ''Misty'' (Richard "Groove" Holmes album), an album by Richard "Groove" Holmes featuring the above song * ''Misty'' (Eddie "Lockjaw" ...

– 128-bit block: Mitsubishi Electric (Japan) *

Nimbus Nimbus, from the Latin for "dark cloud", is an outdated term for the type of cloud now classified as the nimbostratus cloud. Nimbus also may refer to: Arts and entertainment * Halo (religious iconography), also known as ''Nimbus'', a ring of ligh ...

– 64-bit block *

NOEKEON NOEKEON is a family of two block ciphers designed by Joan Daemen, Michaël Peeters, Gilles Van Assche and Vincent Rijmen and submitted to the NESSIE project in September 2000. The two ciphers are "direct mode" NOEKEON, to be used for maximum ef ...

– 128-bit block *

NUSH In cryptography, NUSH is a block cipher invented by Anatoly Lebedev and Alexey Volchkov for the Russian company LAN Crypto. It was submitted to the NESSIE project, but was not selected. NUSH exists in several different variants, using keys ...

– variable block length (64-256-bit) * Q – 128-bit block *

RC2 In cryptography, RC2 (also known as ARC2) is a symmetric-key block cipher designed by Ron Rivest in 1987. "RC" stands for "Ron's Code" or "Rivest Cipher"; other ciphers designed by Rivest include RC4, RC5, and RC6. The development of RC2 wa ...

– 64-bit block, variable key length **

RC6 In cryptography, RC6 (Rivest cipher 6) is a symmetric key block cipher derived from RC5. It was designed by Ron Rivest, Matt Robshaw, Ray Sidney, and Yiqun Lisa Yin to meet the requirements of the Advanced Encryption Standard (AES) competition. ...

– variable block length; AES finalist, by

Ron Rivest Ronald Linn Rivest (; born May 6, 1947) is a cryptographer and an Institute Professor at MIT. He is a member of MIT's Department of Electrical Engineering and Computer Science (EECS) and a member of MIT's Computer Science and Artificial In ...

''et al.'' ** RC5 –

SAFER In cryptography, SAFER (Secure And Fast Encryption Routine) is the name of a family of block ciphers designed primarily by James Massey (one of the designers of IDEA) on behalf of Cylink Corporation. The early SAFER K and SAFER SK designs share t ...

– variable block length *

SC2000 In cryptography, SC2000 is a block cipher invented by a research group at Fujitsu Labs. It was submitted to the NESSIE project, but was not selected. It was among the cryptographic techniques recommended for Japanese government use by CRYPTR ...

– 128-bit block;

recommendation *

Serpent Serpent or The Serpent may refer to: * Snake, a carnivorous reptile of the suborder Serpentes Mythology and religion * Sea serpent, a monstrous ocean creature * Serpent (symbolism), the snake in religious rites and mythological contexts * Serp ...

– 128-bit block; AES finalist by Ross Anderson,

Eli Biham Eli Biham ( he, אלי ביהם) is an Israeli cryptographer and cryptanalyst, currently a professor at the Technion - Israel Institute of Technology Computer Science department. Starting from October 2008 and till 2013, Biham was the dean of t ...

Lars Knudsen Lars Ramkilde Knudsen (born 21 February 1962) is a Danish researcher in cryptography, particularly interested in the design and analysis of block ciphers, hash functions and message authentication codes (MACs). Academic After some early work ...

* SHACAL-1 – 160-bit block *

SHACAL-2 SHACAL-1 (originally simply SHACAL) is a 160-bit block cipher based on SHA-1, and supports keys from 128-bit to 512-bit. SHACAL-2 is a 256-bit block cipher based upon the larger hash function SHA-256. Both SHACAL-1 and SHACAL-2 were selected fo ...

– 256-bit block cypher;

selection Gemplus (France) *

Shark Sharks are a group of elasmobranch fish characterized by a cartilaginous skeleton, five to seven gill slits on the sides of the head, and pectoral fins that are not fused to the head. Modern sharks are classified within the clade Selachi ...

– grandfather of Rijndael/ AES, by Daemen and Rijmen **

Square In Euclidean geometry, a square is a regular quadrilateral, which means that it has four equal sides and four equal angles (90- degree angles, π/2 radian angles, or right angles). It can also be defined as a rectangle with two equal-length a ...

– father of Rijndael/ AES, by Daemen and Rijmen *

TEA Tea is an aromatic beverage prepared by pouring hot or boiling water over cured or fresh leaves of ''Camellia sinensis'', an evergreen shrub native to East Asia which probably originated in the borderlands of southwestern China and north ...

– by David Wheeler &

Roger Needham Roger Michael Needham (9 February 1935 – 1 March 2003) was a British computer scientist. Early life and education Needham was born in Birmingham, England, the only child of Phyllis Mary, ''née'' Baker (''c''.1904–1976) and Leonard Wi ...

Triple DES In cryptography, Triple DES (3DES or TDES), officially the Triple Data Encryption Algorithm (TDEA or Triple DEA), is a symmetric-key block cipher, which applies the DES cipher algorithm three times to each data block. The Data Encryption Standa ...

– by Walter Tuchman, leader of the

design team—not all triple uses of DES increase security, Tuchman's does;

recommendation (limited), only when used as in FIPS Pub 46-3 *

Twofish In cryptography, Twofish is a symmetric key block cipher with a block size of 128 bits and key sizes up to 256 bits. It was one of the five finalists of the Advanced Encryption Standard contest, but it was not selected for standardization. T ...

– 128-bit block; AES finalist by

''et al.'' * XTEA – by David Wheeler &

3-Way In cryptography, 3-Way is a block cipher designed in 1994 by Joan Daemen. It is closely related to BaseKing; the two are variants of the same general cipher technique. 3-Way has a block size of 96 bits, notably not a power of two such as the ...

– 96-bit block by

* Polyalphabetic substitution machine cyphers **

Enigma Enigma may refer to: *Riddle, someone or something that is mysterious or puzzling Biology *ENIGMA, a class of gene in the LIM domain Computing and technology * Enigma (company), a New York-based data-technology startup * Enigma machine, a family ...

– WWII German rotor cypher machine—many variants, any user networks for most of the variants **

Purple Purple is any of a variety of colors with hue between red and blue. In the RGB color model used in computer and television screens, purples are produced by mixing red and blue light. In the RYB color model historically used by painters, ...

– highest security WWII Japanese Foreign Office cypher machine; by Japanese Navy Captain **

SIGABA In the history of cryptography, the ECM Mark II was a cipher machine used by the United States for message encryption from World War II until the 1950s. The machine was also known as the SIGABA or Converter M-134 by the Army, or CSP-888/889 by th ...

– WWII US cypher machine by

William Friedman William Frederick Friedman (September 24, 1891 – November 12, 1969) was a US Army cryptographer who ran the research division of the Army's Signal Intelligence Service (SIS) in the 1930s, and parts of its follow-on services into the 1950s. I ...

Frank Rowlett Frank Byron Rowlett (May 2, 1908 – June 29, 1998) was an American cryptologist. Life and career Rowlett was born in Rose Hill, Lee County, Virginia and attended Emory & Henry College in Emory, Virginia. In 1929 he received a bachelor's d ...

''et al.'' ** TypeX – WWII UK cypher machine *Hybrid code/cypher combinations **

JN-25 The vulnerability of Japanese naval codes and ciphers was crucial to the conduct of World War II, and had an important influence on foreign relations between Japan and the west in the years leading up to the war as well. Every Japanese code was e ...

– WWII Japanese Navy superencyphered code; many variants ** Naval Cypher 3 – superencrypted code used by the Royal Navy in the 1930s and into WWII

Modern asymmetric-key algorithms

Asymmetric key algorithm Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic alg ...

* ACE-KEM –

selection asymmetric encryption scheme; IBM Zurich Research **

ACE Encrypt ACE (advanced cryptographic engine) is the collection of units, implementing both a public key encryption scheme and a digital signature scheme. Corresponding names for these schemes — «ACE Encrypt» and «ACE Sign». Schemes are based on Crame ...

* Chor-Rivest * Diffie-Hellman – key agreement;

recommendation *

El Gamal In cryptography, the ElGamal encryption system is an asymmetric key encryption algorithm for public-key cryptography which is based on the Diffie–Hellman key exchange. It was described by Taher Elgamal in 1985. ElGamal encryption is used in the ...

– discrete logarithm *

Elliptic curve cryptography Elliptic-curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. ECC allows smaller keys compared to non-EC cryptography (based on plain Galois fields) to provide ...

– (discrete logarithm variant) * PSEC-KEM –

selection asymmetric encryption scheme; NTT (Japan);

recommendation only in DEM construction w/SEC1 parameters ** ECIES – ''Elliptic Curve Integrated Encryption System'', Certicom Corporation ** ECIES-KEM ** ECDH – ''Elliptic Curve Diffie-Hellman key agreement'',

recommendation * EPOC * Kyber *

Merkle–Hellman knapsack cryptosystem The Merkle–Hellman knapsack cryptosystem was one of the earliest public key cryptosystems. It was published by Ralph Merkle and Martin Hellman in 1978. A polynomial time attack was published by Adi Shamir in 1984. As a result, the cryptosyste ...

– knapsack scheme * McEliece cryptosystem * Niederreiter cryptosystem * NTRUEncrypt * RSA – factoring ** RSA-KEM –

selection asymmetric encryption scheme; ISO/IEC 18033-2 draft ** RSA-OAEP –

recommendation *

Rabin cryptosystem The Rabin cryptosystem is a family of public-key encryption schemes based on a trapdoor function whose security, like that of RSA, is related to the difficulty of integer factorization. The Rabin trapdoor function has the advantage that invert ...

– factoring ** Rabin-SAEP ** HIME(R) * Threshold cryptosystem * XTR

Keys

Key authentication Key/Config-authentication is used to solve the problem of authenticating the keys of the person (say "person B") to some other person ("person A") is talking to or trying to talk to. In other words, it is the process of assuring that the key of "pe ...

* Public key infrastructure **

X.509 In cryptography, X.509 is an International Telecommunication Union (ITU) standard defining the format of public key certificates. X.509 certificates are used in many Internet protocols, including TLS/SSL, which is the basis for HTTPS, the secu ...

OpenPGP Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partiti ...

* Public key certificate **

Certificate authority In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. Thi ...

** Certificate revocation list *

ID-based cryptography Identity-based cryptography is a type of public-key cryptography in which a publicly known string representing an individual or organization is used as a public key. The public string could include an email address, domain name, or a physical IP add ...

* Certificate-based encryption * Secure key issuing cryptography * Certificateless cryptography *

Merkle tree In cryptography and computer science, a hash tree or Merkle tree is a tree in which every "leaf" (node) is labelled with the cryptographic hash of a data block, and every node that is not a leaf (called a ''branch'', ''inner node'', or ''inode'') ...

Transport/exchange

* Diffie–Hellman *

Man-in-the-middle attack In cryptography and computer security, a man-in-the-middle, monster-in-the-middle, machine-in-the-middle, monkey-in-the-middle, meddler-in-the-middle, manipulator-in-the-middle (MITM), person-in-the-middle (PITM) or adversary-in-the-middle (AiTM) ...

* Needham–Schroeder * Offline private key * Otway–Rees * Trusted paper key * Wide Mouth Frog

Weak key In cryptography, a weak key is a key, which, used with a specific cipher, makes the cipher behave in some undesirable way. Weak keys usually represent a very small fraction of the overall keyspace, which usually means that, if one generates a rando ...
s

Brute force attack In cryptography, a brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correct ...

Dictionary attack In cryptanalysis and computer security, a dictionary attack is an attack using a restricted subset of a keyspace to defeat a cipher or authentication mechanism by trying to determine its decryption key or passphrase, sometimes trying thousands o ...

Password A password, sometimes called a passcode (for example in Apple devices), is secret data, typically a string of characters, usually used to confirm a user's identity. Traditionally, passwords were expected to be memorized, but the large number of ...

* Password-authenticated key agreement *

Passphrase A passphrase is a sequence of words or other text used to control access to a computer system, program or data. It is similar to a password in usage, but a passphrase is generally longer for added security. Passphrases are often used to control ...

Salt Salt is a mineral composed primarily of sodium chloride (NaCl), a chemical compound belonging to the larger class of salts; salt in the form of a natural crystalline mineral is known as rock salt or halite. Salt is present in vast quant ...

Factorization In mathematics, factorization (or factorisation, see English spelling differences) or factoring consists of writing a number or another mathematical object as a product of several ''factors'', usually smaller or simpler objects of the same kind ...

Cryptographic hash function A cryptographic hash function (CHF) is a hash algorithm (a map of an arbitrary binary string to a binary string with fixed size of n bits) that has special properties desirable for cryptography: * the probability of a particular n-bit output re ...
s

* Message authentication code *

Keyed-hash message authentication code In cryptography, an HMAC (sometimes expanded as either keyed-hash message authentication code or hash-based message authentication code) is a specific type of message authentication code (MAC) involving a cryptographic hash function and a secret ...

** Encrypted

CBC-MAC In cryptography, a cipher block chaining message authentication code (CBC-MAC) is a technique for constructing a message authentication code (MAC) from a block cipher. The message is encrypted with some block cipher algorithm in cipher block cha ...

(EMAC) –

selection MAC ** HMAC –

selection MAC;

ISO/IEC 9797-1 ISO/IEC 9797-1 ''Information technology – Security techniques – Message Authentication Codes (MACs) – Part 1: Mechanisms using a block cipher'' is an international standard that defines methods for calculating a message authentication code ...

FIPS PUB 113 The Data Authentication Algorithm (DAA) is a former U.S. government standard for producing cryptographic message authentication codes. DAA is defined in FIPS PUB 113,

and IETF RFC ** TTMAC – (Two-Track-MAC) NESSIE selection MAC; K.U.Leuven (Belgium) & debis AG (Germany) **

UMAC In cryptography, a message authentication code based on universal hashing, or UMAC, is a type of message authentication code (MAC) calculated choosing a hash function from a class of hash functions according to some secret (random) process and ap ...

–

selection MAC; Intel, UNevada Reno, IBM, Technion, & UC Davis * MD5 – one of a series of message digest algorithms by Prof

of MIT; 128-bit digest *

SHA-1 In cryptography, SHA-1 (Secure Hash Algorithm 1) is a cryptographically broken but still widely used hash function which takes an input and produces a 160-bit (20- byte) hash value known as a message digest – typically rendered as 40 hexadec ...

– developed at

160-bit digest, an FIPS standard; the first released version was defective and replaced by this; NIST/NSA have released several variants with longer 'digest' lengths;

recommendation (limited) **

SHA-256 SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed by the United States National Security Agency (NSA) and first published in 2001. They are built using the Merkle–Damgård construction, from a one-way compressi ...

–

selection hash function, FIPS 180-2, 256-bit digest;

recommendation **

SHA-384 SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed by the United States National Security Agency (NSA) and first published in 2001. They are built using the Merkle–Damgård construction, from a one-way compression ...

–

selection hash function, FIPS 180-2, 384-bit digest;

recommendation **

SHA-512 SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed by the United States National Security Agency (NSA) and first published in 2001. They are built using the Merkle–Damgård construction, from a one-way compression ...

–

selection hash function, FIPS 180-2, 512-bit digest;

recommendation *

SHA-3 SHA-3 (Secure Hash Algorithm 3) is the latest member of the Secure Hash Algorithm family of standards, released by NIST on August 5, 2015. Although part of the same series of standards, SHA-3 is internally different from the MD5-like struc ...

– originally known as Keccak; was the winner of the

NIST hash function competition The NIST hash function competition was an open competition held by the US National Institute of Standards and Technology (NIST) to develop a new hash function called SHA-3 to complement the older SHA-1 and SHA-2. The competition was formally an ...

using

sponge function In cryptography, a sponge function or sponge construction is any of a class of algorithms with finite internal state that take an input bit stream of any length and produce an output bit stream of any desired length. Sponge functions have both th ...

. *

Streebog Streebog (russian: Стрибог) is a cryptographic hash function defined in the Russian national standard GOST R 34.11-2012 ''Information Technology – Cryptographic Information Security – Hash Function''. It was created to replace an obsol ...

– Russian algorithm created to replace an obsolete

GOST GOST (russian: ГОСТ) refers to a set of International standard, international Technical standard, technical Standardization, standards maintained by the ''Euro-Asian Council for Standardization, Metrology and Certification (EASC)'', a region ...

hash function defined in obsolete standard GOST R 34.11-94. * RIPEMD-160 – developed in Europe for the RIPE project, 160-bit digest;

recommendation (limited) * RTR0 – one of Retter series; developed by Maciej A. Czyzewski; 160-bit digest *

Tiger The tiger (''Panthera tigris'') is the largest living cat species and a member of the genus ''Panthera''. It is most recognisable for its dark vertical stripes on orange fur with a white underside. An apex predator, it primarily preys on ...

– by Ross Anderson ''et al.'' *

Snefru Snefru is a cryptographic hash function invented by Ralph Merkle in 1990 while working at Xerox PARC. The function supports 128-bit and 256-bit output. It was named after the Egyptian Pharaoh Sneferu, continuing the tradition of the Khufu and Kh ...

– NIST hash function competition *

Whirlpool A whirlpool is a body of rotating water produced by opposing currents or a current running into an obstacle. Small whirlpools form when a bath or a sink is draining. More powerful ones formed in seas or oceans may be called maelstroms ( ). ''Vo ...

–

selection hash function, Scopus Tecnologia S.A. (Brazil) & K.U.Leuven (Belgium)

Cryptanalysis

Classical

* Frequency analysis * Contact analysis * Index of coincidence *

Kasiski examination In cryptanalysis, Kasiski examination (also referred to as Kasiski's test or Kasiski's method) is a method of attacking polyalphabetic substitution ciphers, such as the Vigenère cipher. It was first published by Friedrich Kasiski in 1863, but se ...

Modern

* Symmetric algorithms ** Boomerang attack **

** Davies' attack; ** Differential cryptanalysis **

Impossible differential cryptanalysis In cryptography, impossible differential cryptanalysis is a form of differential cryptanalysis for block ciphers. While ordinary differential cryptanalysis tracks differences that propagate through the cipher with greater than expected probability, ...

** Integral cryptanalysis **

Linear cryptanalysis In cryptography, linear cryptanalysis is a general form of cryptanalysis based on finding affine approximations to the action of a cipher. Attacks have been developed for block ciphers and stream ciphers. Linear cryptanalysis is one of the two mos ...

** Meet-in-the-middle attack ** Mod-n cryptanalysis **

Related-key attack In cryptography, a related-key attack is any form of cryptanalysis where the attacker can observe the operation of a cipher under several different keys whose values are initially unknown, but where some mathematical relationship connecting the ke ...

Slide attack The slide attack is a form of cryptanalysis designed to deal with the prevailing idea that even weak ciphers can become very strong by increasing the number of rounds, which can ward off a differential attack. The slide attack works in such a way ...

XSL attack In cryptography, the ''eXtended Sparse Linearization'' (XSL) attack is a method of cryptanalysis for block ciphers. The attack was first published in 2002 by researchers Nicolas Courtois and Josef Pieprzyk. It has caused some controversy as it was ...

* Hash functions: ** Birthday attack * Attack models ** Chosen-ciphertext ** Chosen-plaintext ** Ciphertext-only ** Known-plaintext *

Side channel attack In computer security, a side-channel attack is any attack based on extra information that can be gathered because of the fundamental way a computer protocol or algorithm is implemented, rather than flaws in the design of the protocol or algorit ...

s **

Power analysis Power analysis is a form of side channel attack in which the attacker studies the power consumption of a cryptographic hardware device. These attacks rely on basic physical properties of the device: semiconductor devices are governed by the ...

Timing attack In cryptography, a timing attack is a side-channel attack in which the attacker attempts to compromise a cryptosystem by analyzing the time taken to execute cryptographic algorithms. Every logical operation in a computer takes time to execute, and ...

Cold boot attack In computer security, a cold boot attack (or to a lesser extent, a platform reset attack) is a type of side channel attack in which an attacker with physical access to a computer performs a memory dump of a computer's random-access memory (RAM) b ...

* Network attacks **

Replay attack A replay attack (also known as a repeat attack or playback attack) is a form of network attack in which valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary wh ...

* External attacks **

Black-bag cryptanalysis In cryptography, black-bag cryptanalysis is a euphemism for the acquisition of cryptographic secrets via burglary, or other covert means – rather than mathematical or technical cryptanalytic attack. The term refers to the black bag of equipment ...

Rubber-hose cryptanalysis In cryptography, rubber-hose cryptanalysis is a euphemism for the extraction of cryptographic secrets (e.g. the password to an encrypted file) from a person by coercion or torture—such as beating that person with a rubber hose, hence the na ...

Robustness properties

Provable security Provable security refers to any type or level of computer security that can be proved. It is used in different ways by different fields. Usually, this refers to mathematical proofs, which are common in cryptography. In such a proof, the capabiliti ...

* Random oracle model * Ciphertext indistinguishability * Semantic security * Malleability *

Forward secrecy In cryptography, forward secrecy (FS), also known as perfect forward secrecy (PFS), is a feature of specific key agreement protocols that gives assurances that session keys will not be compromised even if long-term secrets used in the session key ...

* Forward anonymity * Freshness

Undeciphered historical codes and ciphers

* Beale ciphers * Chaocipher * D'Agapeyeff cipher *

Dorabella cipher The Dorabella Cipher is an enciphered letter written by composer Edward Elgar to Dora Penny, which was accompanied by another dated July 14, 1897. Penny never deciphered it and its meaning remains unknown. The cipher, consisting of 87 characters ...

Rongorongo Rongorongo (Rapa Nui: ) is a system of glyphs discovered in the 19th century on Rapa Nui (Easter Island) that appears to be writing or proto-writing. Numerous attempts at decipherment have been made, with none being successful. Although some c ...

Shugborough inscription The Shugborough Inscription is a sequence of letters – O U O S V A V V, between the letters D M on a lower plane – carved on the 18th-century Shepherd's Monument in the grounds of Shugborough Hall in Staffordshire, England, below a mirror im ...

Voynich manuscript The Voynich manuscript is an illustrated codex hand-written in an otherwise unknown writing system, referred to as 'Voynichese'. The vellum on which it is written has been carbon-dated to the early 15th century (1404–1438), and stylistic ana ...

Organizations and selection projects

Cryptography standards

Federal Information Processing Standard The Federal Information Processing Standards (FIPS) of the United States are a set of publicly announced standards that the National Institute of Standards and Technology (NIST) has developed for use in computer systems of non-military, America ...

s (FIPS) Publication Program – run by NIST to produce standards in many areas to guide operations of the US Federal government; many FIPS publications are ongoing and related to cryptography * American National Standards Institute (ANSI) – standardization process that produces many standards in many areas; some are cryptography related, ongoing) *

International Organization for Standardization The International Organization for Standardization (ISO ) is an international standard development organization composed of representatives from the national standards organizations of member countries. Membership requirements are given in Art ...

(ISO) – standardization process produces many standards in many areas; some are cryptography related, ongoing * Institute of Electrical and Electronics Engineers (IEEE) – standardization process produces many standards in many areas; some are cryptography related, ongoing *

Internet Engineering Task Force The Internet Engineering Task Force (IETF) is a standards organization for the Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP). It has no formal membership roster or requirements and a ...

(IETF) – standardization process that produces many standards called RFCs) in many areas; some are cryptography related, ongoing)

General cryptographic

National Security Agency The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collect ...

(NSA) – internal evaluation/selections, charged with assisting NIST in its cryptographic responsibilities *

Government Communications Headquarters Government Communications Headquarters, commonly known as GCHQ, is an intelligence and security organisation responsible for providing signals intelligence (SIGINT) and information assurance (IA) to the government and armed forces of the Uni ...

(GCHQ) – internal evaluation/selections, a division is charged with developing and recommending cryptographic standards for the UK government *

Defence Signals Directorate Australian Signals Directorate (ASD), formerly the Defence Signals Directorate (DSD) is the federal statutory agency in the Australian Government responsible for foreign signals intelligence, support to military operations, cyber warfare, and ...

(DSD) – Australian

SIGINT Signals intelligence (SIGINT) is intelligence-gathering by interception of '' signals'', whether communications between people (communications intelligence—abbreviated to COMINT) or from electronic signals not directly used in communication ...

agency, part of ECHELON *

Communications Security Establishment The Communications Security Establishment (CSE; french: Centre de la sécurité des télécommunications, ''CST''), formerly (from 2008-2014) called the Communications Security Establishment Canada (CSEC), is the Government of Canada's national ...

(CSE) – Canadian intelligence agency

Open efforts

(DES) – NBS selection process, ended 1976 * RIPE – division of the RACE project sponsored by the

European Union The European Union (EU) is a supranational political and economic union of member states that are located primarily in Europe. The union has a total area of and an estimated total population of about 447million. The EU has often been de ...

, ended mid-1980s *

(AES) – a "break-off" competition sponsored by NIST, ended in 2001 *

Project – an evaluation/selection program sponsored by the

, ended in 2002 *

– program funded by

ECRYPT ECRYPT (European Network of Excellence in Cryptology) was a 4-year European research initiative launched on 1 February 2004 with the stated objective of promoting the collaboration of European researchers in information security, and especially in ...

; motivated by the failure of all of the stream ciphers submitted to

, ended in 2008 *

– evaluation/recommendation program sponsored by the Japanese government; draft recommendations published 2003 * CrypTool – an e-learning freeware programme in English and German— exhaustive educational tool about cryptography and cryptanalysis

Influential cryptographers

List of cryptographers This is a list of cryptographers. Cryptography is the practice and study of techniques for secure communication in the presence of third parties called adversaries. Pre twentieth century * Al-Khalil ibn Ahmad al-Farahidi: wrote a (now lost) book ...

Legal issues

* AACS encryption key controversy *

Free speech Freedom of speech is a principle that supports the freedom of an individual or a community to articulate their opinions and ideas without fear of retaliation, censorship, or legal sanction. The right to freedom of expression has been recog ...

** '' Bernstein v. United States'' - Daniel J. Bernstein's challenge to the restrictions on the

export of cryptography The export of cryptography is the transfer from one country to another of devices and technology related to cryptography. In the early days of the Cold War, the United States and its allies developed an elaborate series of export control regulati ...

from the United States. ** ''

Junger v. Daley ''Junger v. Daley'' is a court case brought by Peter Junger challenging restrictions on the export of encryption software outside of the United States. The case was first brought in 1996 (as ''Junger v. Christopher''), when Junger was a professor ...

'' **

DeCSS DeCSS is one of the first free computer programs capable of decrypting content on a commercially produced DVD video disc. Before the release of DeCSS, open source operating systems (such as BSD and Linux) could not play encrypted video DVDs. ...

Phil Zimmermann Philip R. Zimmermann (born 1954) is an American computer scientist and cryptographer. He is the creator of Pretty Good Privacy (PGP), the most widely used email encryption software in the world. He is also known for his work in VoIP encryption ...

- Arms Export Control Act investigation regarding the PGP software. *

Export of cryptography The export of cryptography is the transfer from one country to another of devices and technology related to cryptography. In the early days of the Cold War, the United States and its allies developed an elaborate series of export control regulati ...

* Key escrow and

Clipper Chip The Clipper chip was a chipset that was developed and promoted by the United States National Security Agency (NSA) as an encryption device that secured "voice and data messages" with a built-in backdoor that was intended to "allow Federal, State, ...

Digital Millennium Copyright Act The Digital Millennium Copyright Act (DMCA) is a 1998 United States copyright law that implements two 1996 treaties of the World Intellectual Property Organization (WIPO). It criminalizes production and dissemination of technology, devices, or ...

* Digital Rights Management (DRM) * Patents ** RSA – now public domain ** David Chaum – and digital cash * Cryptography and law enforcement ** Telephone wiretapping **

Espionage Espionage, spying, or intelligence gathering is the act of obtaining secret or confidential information (intelligence) from non-disclosed sources or divulging of the same without the permission of the holder of the information for a tangib ...

* Cryptography laws in different nations ** Official Secrets Act – United Kingdom, India, Ireland, Malaysia, and formerly New Zealand **

Regulation of Investigatory Powers Act 2000 The Regulation of Investigatory Powers Act 2000 ( c.23) (RIP or RIPA) is an Act of the Parliament of the United Kingdom, regulating the powers of public bodies to carry out surveillance and investigation, and covering the interception of comm ...

– United Kingdom

Academic and professional publications

Journal of Cryptology The ''Journal of Cryptology'' () is a scientific journal in the field of cryptology and cryptography. The journal is published quarterly by the International Association for Cryptologic Research International is an adjective (also used as a nou ...

* Encyclopedia of Cryptography and Security * Cryptologia – quarterly journal focusing on historical aspects * Communication Theory of Secrecy Systems – cryptography from the viewpoint of information theory

Allied sciences

* Security engineering

References

{{Outline footer

Essence of cryptography

Uses of cryptographic techniques

Branches of cryptography

History of cryptography

Ciphers

Classical

Substitution

Transposition

Modern symmetric-key algorithms

Block ciphers

Modern asymmetric-key algorithms

Asymmetric key algorithm Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic alg ...

Keys

Key authentication Key/Config-authentication is used to solve the problem of authenticating the keys of the person (say "person B") to some other person ("person A") is talking to or trying to talk to. In other words, it is the process of assuring that the key of "pe ...

Transport/exchange

Weak key In cryptography, a weak key is a key, which, used with a specific cipher, makes the cipher behave in some undesirable way. Weak keys usually represent a very small fraction of the overall keyspace, which usually means that, if one generates a rando ...s

Cryptographic hash function A cryptographic hash function (CHF) is a hash algorithm (a map of an arbitrary binary string to a binary string with fixed size of n bits) that has special properties desirable for cryptography: * the probability of a particular n-bit output re ...s

Cryptanalysis

Classical

Modern

Robustness properties

Undeciphered historical codes and ciphers

Organizations and selection projects

Cryptography standards

General cryptographic

Open efforts

Influential cryptographers

Legal issues

Academic and professional publications

Allied sciences

See also

References

Weak key In cryptography, a weak key is a key, which, used with a specific cipher, makes the cipher behave in some undesirable way. Weak keys usually represent a very small fraction of the overall keyspace, which usually means that, if one generates a rando ...
s

Cryptographic hash function A cryptographic hash function (CHF) is a hash algorithm (a map of an arbitrary binary string to a binary string with fixed size of n bits) that has special properties desirable for cryptography: * the probability of a particular n-bit output re ...
s