|
OCB Mode
Offset codebook mode (OCB mode) is an authenticated encryption mode of operation for cryptographic block ciphers. OCB mode was designed by Phillip Rogaway, who credits Mihir Bellare, John Black, and Ted Krovetz with assistance and comments on the designs. It is based on the '' integrity-aware parallelizeable mode'' (IAPM) of authenticated encryption by Charanjit S. Jutla. The ''OCB2'' version was proven insecure, while the original ''OCB1'' as well as ''OCB3'' from 2011 are still considered secure. Encryption and authentication OCB mode was designed to provide both message authentication and privacy. It is essentially a scheme for integrating a message authentication code (MAC) into the operation of a block cipher. In this way, OCB mode avoids the need to use two systems: a MAC for authentication and encryption for confidentiality. This results in lower computational cost compared to using separate encryption and authentication functions. There are three versions of OC ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Authenticated Encryption
Authenticated Encryption (AE) is an encryption scheme which simultaneously assures the data confidentiality (also known as privacy: the encrypted message is impossible to understand without the knowledge of a secret key) and authenticity (in other words, it is unforgeable: the encrypted message includes an authentication tag that the sender can calculate only while possessing the secret key). Examples of encryption modes that provide AE are GCM, CCM. Many (but not all) AE schemes allow the message to contain "associated data" (AD) which is not made confidential, but its integrity is protected (i.e., it is readable, but tampering with it will be detected). A typical example is the header of a network packet that contains its destination address. To properly route the packet, all intermediate nodes in the message path need to know the destination, but for security reasons they cannot possess the secret key. Schemes that allow associated data provide authenticated encryption wi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
CCM Mode
CCM mode (counter with cipher block chaining message authentication code; counter with CBC-MAC) is a mode of operation for cryptographic block ciphers. It is an authenticated encryption algorithm designed to provide both authentication and confidentiality. CCM mode is only defined for block ciphers with a block length of 128 bits. The nonce of CCM must be carefully chosen to never be used more than once for a given key. This is because CCM is a derivation of counter (CTR) mode and the latter is effectively a stream cipher. Encryption and authentication As the name suggests, CCM mode combines counter (CTR) mode for confidentiality with cipher block chaining message authentication code (CBC-MAC) for authentication. These two primitives are applied in an "authenticate-then-encrypt" manner: CBC-MAC is first computed on the message to obtain a message authentication code (MAC), then the message and the MAC are encrypted using counter mode. The main insight is that the same ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Galois/Counter Mode
In cryptography, Galois/Counter Mode (GCM) is a mode of operation for symmetric-key cryptographic block ciphers which is widely adopted for its performance. GCM throughput rates for state-of-the-art, high-speed communication channels can be achieved with inexpensive hardware resources. The GCM algorithm provides both data authenticity (integrity) and confidentiality and belongs to the class of authenticated encryption with associated data (AEAD) methods. This means that as input it takes a key K, some plaintext P, and some associated data AD; it then encrypts the plaintext using the key to produce ciphertext C, and computes an authentication tag T from the ciphertext and the associated data (which remains unencrypted). A recipient with knowledge of K, upon reception of AD, C and T, can decrypt the ciphertext to recover the plaintext P and can check the tag T to ensure that neither ciphertext nor associated data were tampered with. GCM uses a block cipher with block size 128 bi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
EAX Mode
EAX mode (encrypt-then-authenticate-then-translate) is a mode of operation for cryptographic block ciphers. It is an Authenticated Encryption with Associated Data ( AEAD) algorithm designed to simultaneously provide both authentication and privacy Privacy (, ) is the ability of an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively. The domain of privacy partially overlaps with security, which can include the concepts of a ... of the message ( authenticated encryption) with a two-pass scheme, one pass for achieving privacy and one for authenticity for each block. EAX mode was submitted on October 3, 2003, to the attention of NIST in order to replace CCM as standard AEAD mode of operation, since CCM mode lacks some desirable attributes of EAX and is more complex. Encryption and authentication EAX is a flexible nonce-using two-pass AEAD scheme with no restrictions on block cipher primitive to be used, nor o ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
CWC Mode
In cryptography, CWC Mode (Carter–Wegman + CTR mode) is an AEAD block cipher mode of operation that provides both encryption and built-in message integrity, similar to CCM and OCB modes. It combines the use of CTR mode with a 128-bit block cipher for encryption with an efficient polynomial Carter–Wegman MAC with a tag length of at most 128 bits and is designed by Tadayoshi Kohno, John Viega and Doug Whiting. CWC mode was submitted to NIST The National Institute of Standards and Technology (NIST) is an agency of the United States Department of Commerce whose mission is to promote American innovation and industrial competitiveness. NIST's activities are organized into physical s ... for standardization, but NIST opted for the similar GCM mode instead. Although GCM has weaknesses compared to CWC, the GCM authors successfully argued for GCM. CWC allows the payload and associated data to be at most 232 - 1 blocks or nearly 550 GB. References External links CWC mo ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Block Cipher Mode Of Operation
In cryptography, a block cipher mode of operation is an algorithm that uses a block cipher to provide information security such as confidentiality or authenticity. A block cipher by itself is only suitable for the secure cryptographic transformation (encryption or decryption) of one fixed-length group of bits called a block. A mode of operation describes how to repeatedly apply a cipher's single-block operation to securely transform amounts of data larger than a block. Most modes require a unique binary sequence, often called an initialization vector (IV), for each encryption operation. The IV must be non-repeating, and for some modes must also be random. The initialization vector is used to ensure that distinct ciphertexts are produced even when the same plaintext is encrypted multiple times independently with the same key. Block ciphers may be capable of operating on more than one block size, but during transformation the block size is always fixed. Block cipher modes ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Existential Forgery Attack
Existentialism is a family of philosophical views and inquiry that explore the human individual's struggle to lead an authentic life despite the apparent absurdity or incomprehensibility of existence. In examining meaning, purpose, and value, existentialist thought often includes concepts such as existential crises, angst, courage, and freedom. Existentialism is associated with several 19th- and 20th-century European philosophers who shared an emphasis on the human subject, despite often profound differences in thought. Among the 19th-century figures now associated with existentialism are philosophers Søren Kierkegaard and Friedrich Nietzsche, as well as novelist Fyodor Dostoevsky, all of whom critiqued rationalism and concerned themselves with the problem of meaning. The word ''existentialism'', however, was not coined until the mid 20th century, during which it became most associated with contemporaneous philosophers Jean-Paul Sartre, Martin Heidegger, Simone de Beauvoir, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Collision Attack
In cryptography, a collision attack on a cryptographic hash tries to find two inputs producing the same hash value, i.e. a hash collision. This is in contrast to a preimage attack where a specific target hash value is specified. There are roughly two types of collision attacks: ;Classical collision attack: Find two different messages ''m''1 and ''m''2 such that ''hash''(''m''1) = ''hash''(''m''2). More generally: ;Chosen-prefix collision attack: Given two different prefixes ''p''1 and ''p''2, find two suffixes ''s''1 and ''s''2 such that ''hash''(''p''1 ∥ ''s''1) = ''hash''(''p''2 ∥ ''s''2), where ∥ denotes the concatenation operation. Classical collision attack Much like symmetric-key ciphers are vulnerable to brute force attacks, every cryptographic hash function is inherently vulnerable to collisions using a birthday attack. Due to the birthday problem, these attacks are much faster than a brute force would be. A hash of ''n'' bits can be broken in 2''n''/2 time steps (e ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Niels Ferguson
Niels T. Ferguson (born 10 December 1965, Eindhoven) is a Dutch cryptographer and consultant who currently works for Microsoft. He has worked with others, including Bruce Schneier, designing cryptographic algorithms, testing algorithms and protocols, and writing papers and books. Among the designs Ferguson has contributed to is the AES finalist block cipher algorithm Twofish as well as the stream cipher Helix and the Skein hash function. In 1999, Niels Ferguson, together with Bruce Schneier and John Kelsey, developed the Yarrow algorithm, a Cryptographically-Secure Pseudorandom Number Generator (CSPRNG). Yarrow was later further developed by Niels Ferguson and Bruce Schneier into the Fortuna CSPRNG. In 2001, he claimed to have broken the HDCP system that is incorporated into HD DVD and Blu-ray Discs players, similar to the DVDs Content Scramble System, but has not published his research, citing the Digital Millennium Copyright Act of 1998, which would make such publi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
OpenSSL
OpenSSL is a software library for applications that provide secure communications over computer networks against eavesdropping, and identify the party at the other end. It is widely used by Internet servers, including the majority of HTTPS websites. OpenSSL contains an open-source implementation of the SSL and TLS protocols. The core library, written in the C programming language, implements basic cryptographic functions and provides various utility functions. Wrappers allowing the use of the OpenSSL library in a variety of computer languages are available. The OpenSSL Software Foundation (OSF) represents the OpenSSL project in most legal capacities including contributor license agreements, managing donations, and so on. OpenSSL Software Services (OSS) also represents the OpenSSL project for support contracts. OpenSSL is available for most Unix-like operating systems (including Linux, macOS, and BSD), Microsoft Windows and OpenVMS. Project history The OpenSSL project wa ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Open Source Initiative
The Open Source Initiative (OSI) is a California public benefit corporation "actively involved in Open Source community-building, education, and public advocacy to promote awareness and the importance of non-proprietary software". Governance The OSI is a California public-benefit nonprofit corporation, with 501(c)(3) tax-exempt status. The organization is professionally overseen by an Executive Director and staff, and supported by itBoard of Directorsresponsible for overseeing duty of care, fiduciary duty, and strategic alignment to mission. Open Source Definition The Open Source Definition is a derivative document based on the Debian Free Software Guidelines (DFSG), released in 1997 by Bruce Perens. As Debian Project Leader, Perens released the scribed DFSG on July 4, 1997. In an announce post, Perens states he hopes other distributions use the DFSG as a model and states "We hope that other software projects, including other Linux distributions, will use this document as a mode ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
GNU General Public License
The GNU General Public Licenses (GNU GPL or simply GPL) are a series of widely used free software licenses, or ''copyleft'' licenses, that guarantee end users the freedom to run, study, share, or modify the software. The GPL was the first copyleft license available for general use. It was originally written by Richard Stallman, the founder of the Free Software Foundation (FSF), for the GNU Project. The license grants the recipients of a computer program the rights of the Free Software Definition. The licenses in the GPL series are all copyleft licenses, which means that any derivative work must be distributed under the same or equivalent license terms. The GPL is more restrictive than the GNU Lesser General Public License, and even more distinct from the more widely used permissive software licenses such as BSD, MIT, and Apache. Historically, the GPL license family has been one of the most popular software licenses in the free and open-source software (FOSS) domai ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
