Topic: Cryptography (Page 2)
You are looking at all articles with the topic "Cryptography". We found 50 matches.
Hint:
To view all topics, click here. Too see the most popular topics, click here instead.
π Diffie-Hellman key exchange, explained using colors
DiffieβHellman key exchange is a method of securely exchanging cryptographic keys over a public channel and was one of the first public-key protocols as conceived by Ralph Merkle and named after Whitfield Diffie and Martin Hellman. DH is one of the earliest practical examples of public key exchange implemented within the field of cryptography.
Traditionally, secure encrypted communication between two parties required that they first exchange keys by some secure physical means, such as paper key lists transported by a trusted courier. The DiffieβHellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure channel. This key can then be used to encrypt subsequent communications using a symmetric key cipher.
DiffieβHellman is used to secure a variety of Internet services. However, research published in October 2015 suggests that the parameters in use for many DH Internet applications at that time are not strong enough to prevent compromise by very well-funded attackers, such as the security services of large governments.
The scheme was published by Whitfield Diffie and Martin Hellman in 1976, but in 1997 it was revealed that James H. Ellis, Clifford Cocks, and Malcolm J. Williamson of GCHQ, the British signals intelligence agency, had previously shown in 1969 how public-key cryptography could be achieved.
Although DiffieβHellman key agreement itself is a non-authenticated key-agreement protocol, it provides the basis for a variety of authenticated protocols, and is used to provide forward secrecy in Transport Layer Security's ephemeral modes (referred to as EDH or DHE depending on the cipher suite).
The method was followed shortly afterwards by RSA, an implementation of public-key cryptography using asymmetric algorithms.
Expired U.S. Patent 4,200,770 from 1977 describes the now public-domain algorithm. It credits Hellman, Diffie, and Merkle as inventors.
Discussed on
- "Diffie-Hellman key exchange, explained using colors" | 2014-07-10 | 159 Upvotes 25 Comments
π K-anonymity
k-anonymity is a property possessed by certain anonymized data. The concept of k-anonymity was first introduced by Latanya Sweeney and Pierangela Samarati in a paper published in 1998 as an attempt to solve the problem: "Given person-specific field-structured data, produce a release of the data with scientific guarantees that the individuals who are the subjects of the data cannot be re-identified while the data remain practically useful." A release of data is said to have the k-anonymity property if the information for each person contained in the release cannot be distinguished from at least individuals whose information also appear in the release.
K-anonymity received widespread media coverage in 2018 when British computer scientist Junade Ali used the property alongside cryptographic hashing to create a communication protocol to anonymously verify if a password was leaked without disclosing the searched password. This protocol was implemented as a public API in Troy Hunt's Have I Been Pwned? service and is consumed by multiple services including password managers and browser extensions. This approach was later replicated by Google's Password Checkup feature.
Discussed on
- "K-Anonymity" | 2021-04-06 | 32 Upvotes 1 Comments
- "K-anonymity" | 2018-08-10 | 136 Upvotes 11 Comments
π Crypto AG
Crypto AG was a Swiss company specialising in communications and information security. It was secretly jointly owned by the American Central Intelligence Agency (CIA) and West German Federal Intelligence Service (BND) from 1970 until about 1993, with the CIA continuing as sole owner until about 2018. With headquarters in Steinhausen, the company was a long-established manufacturer of encryption machines and a wide variety of cipher devices.
The company had about 230 employees, had offices in Abidjan, Abu Dhabi, Buenos Aires, Kuala Lumpur, Muscat, Selsdon and Steinhausen, and did business throughout the world. The owners of Crypto AG were unknown, supposedly even to the managers of the firm, and they held their ownership through bearer shares.
The company has been criticised for selling backdoored products to benefit the American, British and German national signals intelligence agencies, the National Security Agency (NSA), the Government Communications Headquarters (GCHQ), and the BND, respectively. On 11 February 2020, The Washington Post, ZDF and SRF revealed that Crypto AG was secretly owned by the CIA in a highly classified partnership with West German intelligence, and the spy agencies could easily break the codes used to send encrypted messages. The operation was known first by the code name "Thesaurus" and later "Rubicon".
Discussed on
- "Crypto AG" | 2020-02-12 | 101 Upvotes 68 Comments
π Sator Square
The Sator Square (or Rotas Square) is a word square containing a five-word Latin palindrome. The earliest form has ROTAS as the top line, but in time the version with SATOR on the top line became dominant. It is a 5X5 square made up of five 5-letter words, thus consisting of 25 letters in total. These 25 letters are all derived from 8 Latin letters: 5 consonants (S, T, R, P, N) and 3 vowels (A, E, O).
In particular, this is a square 2D palindrome, which is when a square text admits four symmetries: identity, two diagonal reflections, and 180 degree rotation. As can be seen, the text may be read top-to-bottom, bottom-to-top, left-to-right, or right-to-left; and it may be rotated 180 degrees and still be read in all those ways.
The Sator Square is the earliest dateable 2D palindrome. It was found in the ruins of Pompeii, at Herculaneum, a city buried in the ash of Mount Vesuvius in 79 AD. It consists of a sentence written in Latin: "Sator Arepo Tenet Opera Rotas." Its translation has been the subject of speculation with no clear consensus; see below for details.
Other 2D Palindrome examples may be found carved on stone tablets or pressed into clay before being fired.
Discussed on
- "Sator Square" | 2023-04-30 | 50 Upvotes 25 Comments
- "Sator Square" | 2019-10-30 | 38 Upvotes 13 Comments
π Crypto-Anarchism
Crypto-anarchism (or crypto-anarchy) is a political ideology focusing on protection of privacy, political freedom and economic freedom, the adherents of which use cryptographic software for confidentiality and security while sending and receiving information over computer networks.
By using cryptographic software, the association between the identity of a certain user or organization and the pseudonym they use is made difficult to find, unless the user reveals the association. It is difficult to say which country's laws will be ignored, as even the location of a certain participant is unknown. However, participants may in theory voluntarily create new laws using smart contracts or, if the user is pseudonymous, depend on online reputation.
Discussed on
- "Crypto-Anarchism" | 2021-02-27 | 74 Upvotes 46 Comments
π SHA-3 NIST announcement controversy
SHA-3 (Secure Hash Algorithm 3) is the latest member of the Secure Hash Algorithm family of standards, released by NIST on August 5, 2015. Although part of the same series of standards, SHA-3 is internally different from the MD5-like structure of SHA-1 and SHA-2.
SHA-3 is a subset of the broader cryptographic primitive family Keccak (), designed by Guido Bertoni, Joan Daemen, MichaΓ«l Peeters, and Gilles Van Assche, building upon RadioGatΓΊn. Keccak's authors have proposed additional uses for the function, not (yet) standardized by NIST, including a stream cipher, an authenticated encryption system, a "tree" hashing scheme for faster hashing on certain architectures, and AEAD ciphers Keyak and Ketje.
Keccak is based on a novel approach called sponge construction. Sponge construction is based on a wide random function or random permutation, and allows inputting ("absorbing" in sponge terminology) any amount of data, and outputting ("squeezing") any amount of data, while acting as a pseudorandom function with regard to all previous inputs. This leads to great flexibility.
NIST does not currently plan to withdraw SHA-2 or remove it from the revised Secure Hash Standard. The purpose of SHA-3 is that it can be directly substituted for SHA-2 in current applications if necessary, and to significantly improve the robustness of NIST's overall hash algorithm toolkit.
The creators of the Keccak algorithms and the SHA-3 functions suggest using the faster function KangarooTwelve with adjusted parameters and a new tree hashing mode without extra overhead for small message sizes.
Discussed on
- "SHA-3 NIST announcement controversy" | 2014-07-20 | 77 Upvotes 33 Comments
π Post-quantum cryptography: just in case
Post-quantum cryptography (sometimes referred to as quantum-proof, quantum-safe or quantum-resistant) refers to cryptographic algorithms (usually public-key algorithms) that are thought to be secure against an attack by a quantum computer. As of 2019, this is not true for the most popular public-key algorithms, which can be efficiently broken by a sufficiently strong quantum computer. The problem with currently popular algorithms is that their security relies on one of three hard mathematical problems: the integer factorization problem, the discrete logarithm problem or the elliptic-curve discrete logarithm problem. All of these problems can be easily solved on a sufficiently powerful quantum computer running Shor's algorithm. Even though current, publicly known, experimental quantum computers lack processing power to break any real cryptographic algorithm, many cryptographers are designing new algorithms to prepare for a time when quantum computing becomes a threat. This work has gained greater attention from academics and industry through the PQCrypto conference series since 2006 and more recently by several workshops on Quantum Safe Cryptography hosted by the European Telecommunications Standards Institute (ETSI) and the Institute for Quantum Computing.
In contrast to the threat quantum computing poses to current public-key algorithms, most current symmetric cryptographic algorithms and hash functions are considered to be relatively secure against attacks by quantum computers. While the quantum Grover's algorithm does speed up attacks against symmetric ciphers, doubling the key size can effectively block these attacks. Thus post-quantum symmetric cryptography does not need to differ significantly from current symmetric cryptography. See section on symmetric-key approach below.
Discussed on
- "Post-quantum cryptography" | 2018-11-12 | 20 Upvotes 14 Comments
- "Post-quantum cryptography" | 2015-08-22 | 50 Upvotes 21 Comments
π Bomba (Cryptography)
The bomba, or bomba kryptologiczna (Polish for "bomb" or "cryptologic bomb"), was a special-purpose machine designed around October 1938 by Polish Cipher Bureau cryptologist Marian Rejewski to break German Enigma-machine ciphers.
Discussed on
- "Bomba (Cryptography)" | 2022-11-05 | 88 Upvotes 12 Comments
π Dining Cryptographers Problem
In cryptography, the dining cryptographers problem studies how to perform a secure multi-party computation of the boolean-OR function. David Chaum first proposed this problem in the early 1980s and used it as an illustrative example to show that it was possible to send anonymous messages with unconditional sender and recipient untraceability. Anonymous communication networks based on this problem are often referred to as DC-nets (where DC stands for "dining cryptographers").
Despite the word dining, the dining cryptographers problem is unrelated to the dining philosophers problem.
Discussed on
- "Dining Cryptographers Problem" | 2020-05-03 | 89 Upvotes 9 Comments
π Bitmessage: a decentralized, encrypted, trustless communications protocol
Bitmessage is a decentralized, encrypted, peer-to-peer, trustless communications protocol that can be used by one person to send encrypted messages to another person, or to multiple subscribers.
In June 2013, the software experienced a surge of new adoptions after news reports of email surveillance by the US National Security Agency.
Bitmessage was conceived by software developer Jonathan Warren, who based its design on the decentralized digital currency, bitcoin. The software was released in November 2012 under the MIT license.
Bitmessage gained a reputation for being out of reach of warrantless wiretapping conducted by the National Security Agency (NSA), due to the decentralized nature of the protocol, and its encryption being difficult to crack. As a result, downloads of the Bitmessage program increased fivefold during June 2013, after news broke of classified email surveillance activities conducted by the NSA.
Bitmessage has also been mentioned as an experimental alternative to email by Popular Science and CNET.
Some ransomware programs instruct affected users to use Bitmessage to communicate with the attackers.
Discussed on
- "Bitmessage: a decentralized, encrypted, trustless communications protocol" | 2016-10-15 | 70 Upvotes 26 Comments