|
John Kelsey (cryptanalyst)
John Kelsey is a cryptographer who works at NIST. His research interests include cryptanalysis and design of symmetric cryptography primitives (block ciphers, stream ciphers, cryptographic hash functions, MACs), analysis and design of cryptographic protocols, cryptographic random number generation, electronic voting, side-channel attacks on cryptography implementations, and anonymizing communications systems. He previously worked at Certicom and Counterpane Internet Security. See also * Yarrow algorithm, a family of cryptographic pseudorandom number generators * Twofish, a symmetric key block cipher In cryptography, a block cipher is a deterministic algorithm that operates on fixed-length groups of bits, called ''blocks''. Block ciphers are the elementary building blocks of many cryptographic protocols. They are ubiquitous in the storage a ... External linksJohn Kelsey at DBLP [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Cryptographer
Cryptography, or cryptology (from "hidden, secret"; and ''graphein'', "to write", or '' -logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of adversarial behavior. More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, information security, electrical engineering, digital signal processing, physics, and others. Core concepts related to information security ( data confidentiality, data integrity, authentication, and non-repudiation) are also central to cryptography. Practical applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications. Cryptography prior to the modern age was effectively synonymous with encryption, convertin ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Side-channel Attack
In computer security, a side-channel attack is a type of security exploit that leverages information inadvertently leaked by a system—such as timing, power consumption, or electromagnetic or acoustic emissions—to gain unauthorized access to sensitive information. These attacks differ from those targeting flaws in the design of cryptographic protocols or algorithms. (Cryptanalysis may identify vulnerabilities relevant to both types of attacks). Some side-channel attacks require technical knowledge of the internal operation of the system, others such as differential power analysis are effective as black-box attacks. The rise of Web 2.0 applications and software-as-a-service has also significantly raised the possibility of side-channel attacks on the web, even when transmissions between a web browser and server are encrypted (e.g. through HTTPS or WiFi encryption), according to researchers from Microsoft Research and Indiana University. Attempts to break a cryptosystem by ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Modern Cryptographers
Modern may refer to: History *Modern history ** Early Modern period ** Late Modern period *** 18th century *** 19th century *** 20th century ** Contemporary history * Moderns, a faction of Freemasonry that existed in the 18th century Philosophy and sociology * Modernity, a loosely defined concept delineating a number of societal, economic and ideological features that contrast with "pre-modern" times or societies ** Late modernity Art * Modernism ** Modernist poetry * Modern art, a form of art * Modern dance, a dance form developed in the early 20th century * Modern architecture, a broad movement and period in architectural history ** Moderne, multiple architectural styles ** Modernisme a.k.a. Catalan Modernism * Modern music (other) Geography *Modra, a Slovak city, referred to in the German language as "Modern" Typography * Modern (typeface), a raster font packaged with Windows XP * Another name for the typeface classification known as Didone (typography) * Modern, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Symmetric-key Algorithm
Symmetric-key algorithms are algorithms for cryptography that use the same cryptographic keys for both the encryption of plaintext and the decryption of ciphertext. The keys may be identical, or there may be a simple transformation to go between the two keys. The keys, in practice, represent a shared secret between two or more parties that can be used to maintain a private information link. The requirement that both parties have access to the secret key is one of the main drawbacks of symmetric-key encryption, in comparison to public-key encryption (also known as asymmetric-key encryption). However, symmetric-key encryption algorithms are usually better for bulk encryption. With exception of the one-time pad they have a smaller key size, which means less storage space and faster transmission. Due to this, asymmetric-key encryption is often used to exchange the secret key for symmetric-key encryption. Types Symmetric-key encryption can use either stream ciphers or block ci ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Twofish
In cryptography, Twofish is a symmetric key block cipher with a block size of 128 bits and key sizes up to 256 bits. It was one of the five finalists of the Advanced Encryption Standard contest, but it was not selected for standardization. Twofish is related to the earlier block cipher Blowfish. Twofish's distinctive features are the use of pre-computed key-dependent S-boxes, and a relatively complex key schedule. One half of an n-bit key is used as the actual encryption key and the other half of the n-bit key is used to modify the encryption algorithm (key-dependent S-boxes). Twofish borrows some elements from other designs; for example, the pseudo-Hadamard transform (PHT) from the SAFER family of ciphers. Twofish has a Feistel structure like DES. Twofish also employs a Maximum Distance Separable matrix. When it was introduced in 1998, Twofish was slightly slower than Rijndael (the chosen algorithm for Advanced Encryption Standard) for 128-bit keys, but somewhat faster ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Pseudorandom Number Generator
A pseudorandom number generator (PRNG), also known as a deterministic random bit generator (DRBG), is an algorithm for generating a sequence of numbers whose properties approximate the properties of sequences of random number generation, random numbers. The PRNG-generated sequence is not truly random, because it is completely determined by an initial value, called the PRNG's ''random seed, seed'' (which may include truly random values). Although sequences that are closer to truly random can be generated using hardware random number generators, ''pseudorandom number generators'' are important in practice for their speed in number generation and their reproducibility. PRNGs are central in applications such as simulations (e.g. for the Monte Carlo method), electronic games (e.g. for procedural generation), and cryptography. Cryptographic applications require the output not to be predictable from earlier outputs, and more cryptographically-secure pseudorandom number generator, elabora ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Yarrow Algorithm
The Yarrow algorithm is a family of cryptographic pseudorandom number generators (CSPRNG) devised by John Kelsey, Bruce Schneier, and Niels Ferguson and published in 1999. The Yarrow algorithm is explicitly unpatented, royalty-free, and open source; no license is required to use it. An improved design from Ferguson and Schneier, Fortuna, is described in their book, ''Practical Cryptography'' Yarrow was used in FreeBSD, but is now superseded by Fortuna. Yarrow was also incorporated in iOS and macOS for their /dev/random devices, but Apple has switched to Fortuna since 2020 Q1. Name The name ''Yarrow'' alludes to the use of the yarrow plant in the random generating process of I Ching divination. Since the Xia dynasty ( to ), Chinese have used yarrow stalks for divination. Fortunetellers divide a set of 50 yarrow stalks into piles and use modular arithmetic recursively to generate two bits of random information that have a non- uniform distribution. Principles Yarrow's main desig ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Certicom
BlackBerry Limited, formerly Research In Motion (RIM), is a Canadian software company specializing in secure communications and the Internet of Things (IoT). Founded in 1984, it developed the BlackBerry brand of interactive pagers, smartphones, and tablets. The company transitioned to providing software and services and holds critical software application patents. Initially leading the mobile phone and pager industry in the 1980s and 90s, the company struggled to gain a lasting presence in the smartphone market of the new millennium. BlackBerry led the market in many countries, particularly the United States, until 2010, with the announcement of the iPhone 4. The company withered against the rapid rise of Apple and Android. After the troubled launch of the BlackBerry 10, it transitioned to a cybersecurity enterprise software and services company under CEO John S. Chen. In 2018, the last BlackBerry smartphone, the BlackBerry Key2 LE, was released. In 2022, BlackBerry discon ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Electronic Voting
Electronic voting is voting that uses electronic means to either aid or handle casting and counting ballots including voting time. Depending on the particular implementation, e-voting may use standalone '' electronic voting machines'' (also called EVM) or computers connected to the Internet (online voting). It may encompass a range of Internet services, from basic transmission of tabulated results to full-function online voting through common connectable household devices. The degree of automation may be limited to marking a paper ballot, or may be a comprehensive system of vote input, vote recording, data encryption and transmission to servers, and consolidation and tabulation of election results. A worthy e-voting system must perform most of these tasks while complying with a set of standards established by regulatory bodies, and must also be capable to deal successfully with strong requirements associated with security, accuracy, speed, privacy, auditability, accessib ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
NIST
The National Institute of Standards and Technology (NIST) is an agency of the United States Department of Commerce whose mission is to promote American innovation and industrial competitiveness. NIST's activities are organized into physical science laboratory programs that include nanoscale science and technology, engineering, information technology, neutron research, material measurement, and physical measurement. From 1901 to 1988, the agency was named the National Bureau of Standards. History Background The Articles of Confederation, ratified by the colonies in 1781, provided: The United States in Congress assembled shall also have the sole and exclusive right and power of regulating the alloy and value of coin struck by their own authority, or by that of the respective states—fixing the standards of weights and measures throughout the United States. Article 1, section 8, of the Constitution of the United States, ratified in 1789, granted these powers to the new Co ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
CSPRNG
A cryptographically secure pseudorandom number generator (CSPRNG) or cryptographic pseudorandom number generator (CPRNG) is a pseudorandom number generator (PRNG) with properties that make it suitable for use in cryptography. It is also referred to as a cryptographic random number generator (CRNG). Background Most cryptographic applications require random numbers, for example: * key generation * initialization vectors * nonces * salts in certain signature schemes, including ECDSA and RSASSA-PSS * token generation The "quality" of the randomness required for these applications varies. For example, creating a cryptographic nonce, nonce in some cryptographic protocol, protocols needs only uniqueness. On the other hand, the generation of a master key (cryptography), key requires a higher quality, such as more entropy (computing), entropy. And in the case of one-time pads, the information theory, information-theoretic guarantee of perfect secrecy only holds if the key material ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
