Home
Search results “Private key cryptography wikipedia dictionary”
What is PUBLIC-KEY CRYPTOGRAPHY? What does PUBLIC-KEY CRYPTOGRAPHY mean?
 
04:21
What is PUBLIC-KEY CRYPTOGRAPHY? What does PUBLIC-KEY CRYPTOGRAPHY mean? PUBLIC-KEY CRYPTOGRAPHY meaning - PUBLIC-KEY CRYPTOGRAPHY definition - PUBLIC-KEY CRYPTOGRAPHY explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. Public-key cryptography, or asymmetric cryptography, is any cryptographic system that uses pairs of keys: public keys that may be disseminated widely paired with private keys which are known only to the owner. There are two functions that can be achieved: using a public key to authenticate that a message originated with a holder of the paired private key; or encrypting a message with a public key to ensure that only the holder of the paired private key can decrypt it. In a public-key encryption system, any person can encrypt a message using the public key of the receiver, but such a message can be decrypted only with the receiver's private key. For this to work it must be computationally easy for a user to generate a public and private key-pair to be used for encryption and decryption. The strength of a public-key cryptography system relies on the degree of difficulty (computational impracticality) for a properly generated private key to be determined from its corresponding public key. Security then depends only on keeping the private key private, and the public key may be published without compromising security. Public-key cryptography systems often rely on cryptographic algorithms based on mathematical problems that currently admit no efficient solution—particularly those inherent in certain integer factorization, discrete logarithm, and elliptic curve relationships. Public key algorithms, unlike symmetric key algorithms, do not require a secure channel for the initial exchange of one (or more) secret keys between the parties. Because of the computational complexity of asymmetric encryption, it is usually used only for small blocks of data, typically the transfer of a symmetric encryption key (e.g. a session key). This symmetric key is then used to encrypt the rest of the potentially long message sequence. The symmetric encryption/decryption is based on simpler algorithms and is much faster. Message authentication involves hashing the message to produce a "digest," and encrypting the digest with the private key to produce a digital signature. Thereafter anyone can verify this signature by (1) computing the hash of the message, (2) decrypting the signature with the signer's public key, and (3) comparing the computed digest with the decrypted digest. Equality between the digests confirms the message is unmodified since it was signed, and that the signer, and no one else, intentionally performed the signature operation — presuming the signer's private key has remained secret. The security of such procedure depends on a hash algorithm of such quality that it is computationally impossible to alter or find a substitute message that produces the same digest - but studies have shown that even with the MD5 and SHA-1 algorithms, producing an altered or substitute message is not impossible. The current hashing standard for encryption is SHA-2. The message itself can also be used in place of the digest. Public-key algorithms are fundamental security ingredients in cryptosystems, applications and protocols. They underpin various Internet standards, such as Transport Layer Security (TLS), S/MIME, PGP, and GPG. Some public key algorithms provide key distribution and secrecy (e.g., Diffie–Hellman key exchange), some provide digital signatures (e.g., Digital Signature Algorithm), and some provide both (e.g., RSA). Public-key cryptography finds application in, among others, the information technology security discipline, information security. Information security (IS) is concerned with all aspects of protecting electronic information assets against security threats. Public-key cryptography is used as a method of assuring the confidentiality, authenticity and non-repudiability of electronic communications and data storage.
Views: 858 The Audiopedia
What is KEY DISTRIBUTION? What does KEY DISTRIBUTION mean? KEY DISTRIBUTION meaning & explanation
 
03:07
What is KEY DISTRIBUTION? What does KEY DISTRIBUTION mean? KEY DISTRIBUTION meaning - KEY DISTRIBUTION definition - KEY DISTRIBUTION explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ In symmetric key cryptography, both parties must possess a secret key which they must exchange prior to using any encryption. Distribution of secret keys has been problematic until recently, because it involved face-to-face meeting, use of a trusted courier, or sending the key through an existing encryption channel. The first two are often impractical and always unsafe, while the third depends on the security of a previous key exchange. In public key cryptography, the key distribution of public keys is done through public key servers. When a person creates a key-pair, they keep one key private and the other, known as the public-key, is uploaded to a server where it can be accessed by anyone to send the user a private, encrypted, message. Secure Sockets Layer (SSL) uses Diffie–Hellman key exchange if the client does not have a public-private key pair and a published certificate in the public key infrastructure, and Public Key Cryptography if the user does have both the keys and the credential. Key distribution is an important issue in wireless sensor network (WSN) design. There are many key distribution schemes in the literature that are designed to maintain an easy and at the same time secure communication among sensor nodes. The most accepted method of key distribution in WSNs is key predistribution, where secret keys are placed in sensor nodes before deployment. When the nodes are deployed over the target area, the secret keys are used to create the network. For more info see: key distribution in wireless sensor networks. Key distribution and key storage are more problematic in the cloud due to the transitory nature of the agents on it. Secret sharing can be used to store keys at many different servers on the cloud. In secret sharing, a secret is used as a seed to generate a number of distinct secrets, and the pieces are distributed so that some subset of the recipients can jointly authenticate themselves and use the secret information without learning what it is. But rather than store files on different servers, the key is parceled out and its secret shares stored at multiple locations in a manner that a subset of the shares can regenerate the key. Secret sharing is used in cases where one wishes to distribute a secret among N shares so that M N of them (M of N) can regenerate the original secret, but no smaller group up to M - 1 can do so.
Views: 334 The Audiopedia
What is HYBRID CRYPTOSYSTEM? What does HYBRID CRYPTOSYSTEM mean? HYBRID CRYPTOSYSTEM meaning
 
03:38
What is HYBRID CRYPTOSYSTEM? What does HYBRID CRYPTOSYSTEM mean? HYBRID CRYPTOSYSTEM meaning - HYBRID CRYPTOSYSTEM definition - HYBRID CRYPTOSYSTEM explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ In cryptography, a hybrid cryptosystem is one which combines the convenience of a public-key cryptosystem with the efficiency of a symmetric-key cryptosystem. Public-key cryptosystems are convenient in that they do not require the sender and receiver to share a common secret in order to communicate securely (among other useful properties). However, they often rely on complicated mathematical computations and are thus generally much more inefficient than comparable symmetric-key cryptosystems. In many applications, the high cost of encrypting long messages in a public-key cryptosystem can be prohibitive. This is addressed by hybrid systems by using a combination of both. A hybrid cryptosystem can be constructed using any two separate cryptosystems: a key encapsulation scheme, which is a public-key cryptosystem, and a data encapsulation scheme, which is a symmetric-key cryptosystem. The hybrid cryptosystem is itself a public-key system, whose public and private keys are the same as in the key encapsulation scheme. Note that for very long messages the bulk of the work in encryption/decryption is done by the more efficient symmetric-key scheme, while the inefficient public-key scheme is used only to encrypt/decrypt a short key value. All practical implementations of public key cryptography today employ the use of a hybrid system. Examples include the TLS protocol which uses a public-key mechanism for key exchange (such as Diffie-Hellman) and a symmetric-key mechanism for data encapsulation (such as AES). The OpenPGP (RFC 4880) file format and the PKCS #7 (RFC 2315) file format are other examples. Example: To encrypt a message addressed to Alice in a hybrid cryptosystem, Bob does the following: 1. Obtains Alice's public key. 2. Generates a fresh symmetric key for the data encapsulation scheme. 3. Encrypts the message under the data encapsulation scheme, using the symmetric key just generated. 4. Encrypt the symmetric key under the key encapsulation scheme, using Alice's public key. 5. Send both of these encryptions to Alice. To decrypt this hybrid ciphertext, Alice does the following: Uses her private key to decrypt the symmetric key contained in the key encapsulation segment. Uses this symmetric key to decrypt the message contained in the data encapsulation segment. If both the key encapsulation and data encapsulation schemes are secure against adaptive chosen ciphertext attacks, then the hybrid scheme inherits that property as well. However, it is possible to construct a hybrid scheme secure against adaptive chosen ciphertext attack even if the key encapsulation has a slightly weakened security definition (though the security of the data encapsulation must be slightly stronger).
Views: 1653 The Audiopedia
What is TRANSIENT-KEY CRYPTOGRAPHY? What does TRANSIENT-KEY CRYPTOGRAPHY mean?
 
06:21
What is TRANSIENT-KEY CRYPTOGRAPHY? What does TRANSIENT-KEY CRYPTOGRAPHY mean? TRANSIENT-KEY CRYPTOGRAPHY meaning - TRANSIENT-KEY CRYPTOGRAPHY definition - TRANSIENT-KEY CRYPTOGRAPHY explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Transient-key cryptography is a form of public-key cryptography wherein keypairs are generated and assigned to brief intervals of time instead of to individuals or organizations, and the blocks of cryptographic data are chained through time. In a transient-key system, private keys are used briefly and then destroyed, which is why it is sometimes nicknamed “disposable crypto.” Data encrypted with a private key associated with a specific time interval can be irrefutably linked to that interval, making transient-key cryptography particularly useful for digital trusted timestamping. Public-key vs. transient-key cryptography! Both public-key and transient-key systems can be used to generate digital signatures that assert that a given piece of data has not changed since it was signed. But the similarities end there. In a traditional public key system, the public/private keypair is typically assigned to an individual, server, or organization. Data signed by a private key asserts that the signature came from the indicated source. Keypairs persist for years at a time, so the private component must be carefully guarded against disclosure; in a public-key system, anyone with access to a private key can counterfeit that person’s digital signature. In transient-key systems, however, the keypair is assigned to a brief interval of time, not to a particular person or entity. Data signed by a specific private key becomes associated with a specific time and date. A keypair is active only for a few minutes, after which the private key is permanently destroyed. Therefore, unlike public-key systems, transient-key systems do not depend upon the long-term security of the private keys. Establishing data integrity with transient-key timestamps! In a transient-key system, the source of time must be a consistent standard understood by all senders and receivers. Since a local system clock may be changed by a user, it is never used as a source of time. Instead, data is digitally signed with a time value derived from Universal Coordinated Time (UTC) accurate to within a millisecond, in accordance with the ANSI ASC X9.95 standard for Trusted Timestamping. Whenever a time interval in a transient-key system expires, a new public/private keypair is generated, and the private key from the previous interval is used to digitally certify the new public key. The old private key is then destroyed. This "key-chaining" system is the immediate ancestor of the Blockchain technology in vogue today. For the new interval, time values are obtained from a trusted third-party source, and specific moments in time can be interpolated in between received times by using a time-biasing method based on the internal system timer. If a trusted time source cannot be obtained or is not running within specified tolerances, transient private keys are not issued. In that case, the time interval chain is terminated, and a fresh one is begun. The old and new chains are connected through network archives, which enable all servers to continue to verify the data integrity through time of protected data, regardless of how often the chain must be restarted. The start times of the chain and of each interval can be coupled together to form an unbroken sequence of public keys, which can be used for the following: To irrefutably identify the time at which a set of data was signed. To identify the exact state of the data at the time it was signed. As an extra security measure, all requests for signatures made during an interval are stored in a log that is concatenated and is itself appended to the public key at the start of the next interval. This mechanism makes it impossible to insert new “signed events” into the interval chain after the fact. Cross-verification! Through independently operating servers, cross-certification can provide third-party proof of the validity of a time interval chain and irrefutable evidence of consensus on the current time. Transient-key cryptographic systems display high Byzantine fault tolerance. A web of interconnected cross-certifying servers in a distributed environment creates a widely witnessed chain of trust that is as strong as its strongest link.....
Views: 62 The Audiopedia
What is CRYPTOGRAPHIC NONCE? What does CRYPTOGRAPHIC NONCE mean? CRYPTOGRAPHIC NONCE meaning
 
04:52
What is CRYPTOGRAPHIC NONCE? What does CRYPTOGRAPHIC NONCE mean? CRYPTOGRAPHIC NONCE meaning - CRYPTOGRAPHIC NONCE definition - CRYPTOGRAPHIC NONCE explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ In cryptography, a nonce is an arbitrary number that may only be used once. It is similar in spirit to a nonce word, hence the name. It is often a random or pseudo-random number issued in an authentication protocol to ensure that old communications cannot be reused in replay attacks. They can also be useful as initialization vectors and in cryptographic hash function. A nonce is an arbitrary number used only once in a cryptographic communication, in the spirit of a nonce word. They are often random or pseudo-random numbers. Many nonces also include a timestamp to ensure exact timeliness, though this requires clock synchronization between organizations. The addition of a client nonce ("cnonce") helps to improve the security in some ways as implemented in digest access authentication. To ensure that a nonce is used only once, it should be time-variant (including a suitably fine-grained timestamp in its value), or generated with enough random bits to ensure a probabilistically insignificant chance of repeating a previously generated value. Some authors define pseudo-randomness (or unpredictability) as a requirement for a nonce. Authentication protocols may use nonces to ensure that old communications cannot be reused in replay attacks. For instance, nonces are used in HTTP digest access authentication to calculate an MD5 digest of the password. The nonces are different each time the 401 authentication challenge response code is presented, thus making replay attacks virtually impossible. The scenario of ordering products over the Internet can provide an example of the usefulness of nonces in replay attacks. An attacker could take the encrypted information and—without needing to decrypt—could continue to send a particular order to the supplier, thereby ordering products over and over again under the same name and purchase information. The nonce is used to give 'originality' to a given message so that if the company receives any other orders from the same person with the same nonce, it will discard those as invalid orders. A nonce may be used to ensure security for a stream cipher. Where the same key is used for more than one message and then a different nonce is used to ensure that the keystream is different for different messages encrypted with that key; often the message number is used. Secret nonce values are used by the Lamport signature scheme as a signer-side secret which can be selectively revealed for comparison to public hashes for signature creation and verification. Initialization vectors may be referred to as nonces, as they are typically random or pseudo-random. Nonces are used in proof-of-work systems to vary the input to a cryptographic hash function so as to obtain a hash for a certain input that fulfills certain arbitrary conditions. In doing so, it becomes far more difficult to create a "desirable" hash than to verify it, shifting the burden of work onto one side of a transaction or system. For example, proof of work, using hash functions, was considered as a means to combat email spam by forcing email senders to find a hash value for the email (which included a timestamp to prevent pre-computation of useful hashes for later use) that had an arbitrary number of leading zeroes, by hashing the same input with a large number of nonce values until a "desirable" hash was obtained. Similarly, the bitcoin block-chain hashing algorithm can be tuned to an arbitrary difficulty by changing the required minimum/maximum value of the hash so that the number of bitcoins awarded for new blocks does not increase linearly with increased network computation power as new users join. This is likewise achieved by forcing bitcoin miners to add nonce values to the value being hashed to change the hash algorithm output. Because cryptographic hash algorithms cannot easily be predicted based on their inputs, this makes the act of blockchain hashing and the possibility of being awarded bitcoins something of a lottery, where the first "miner" to find a nonce that delivers a desirable hash is awarded valuable bitcoins.
Views: 7347 The Audiopedia
What is ID-BASED CRYPTOGRAPHY? What does ID-BASED CRYPTOGRAPHY mean? ID-BASED CRYPTOGRAPHY meaning
 
03:31
What is ID-BASED CRYPTOGRAPHY? What does ID-BASED CRYPTOGRAPHY mean? ID-BASED CRYPTOGRAPHY meaning - ID-BASED CRYPTOGRAPHY definition - ID-BASED CRYPTOGRAPHY explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Identity-based cryptography is a type of public-key cryptography in which a publicly known string representing an individual or organization is used as a public key. The public string could include an email address, domain name, or a physical IP address. The first implementation of identity-based signatures and an email-address based public-key infrastructure (PKI) was developed by Adi Shamir in 1984, which allowed users to verify digital signatures using only public information such as the user's identifier. Under Shamir's scheme, a trusted third party would deliver the private key to the user after verification of the user's identity, with verification essentially the same as that required for issuing a certificate in a typical PKI. Shamir similarly proposed identity-based encryption, which appeared particularly attractive since there was no need to acquire an identity's public key prior to encryption. However, he was unable to come up with a concrete solution, and identity-based encryption remained an open problem for many years. The first practical implementations were finally devised by Sakai in 2000, and Boneh and Franklin in 2001. These solutions were based on bilinear pairings. Also in 2001, a solution was developed independently by Clifford Cocks. Identity-based systems allow any party to generate a public key from a known identity value such as an ASCII string. A trusted third party, called the private key generator (PKG), generates the corresponding private keys. To operate, the PKG first publishes a master public key, and retains the corresponding master private key (referred to as master key). Given the master public key, any party can compute a public key corresponding to the identity ID by combining the master public key with the identity value. To obtain a corresponding private key, the party authorized to use the identity ID contacts the PKG, which uses the master private key to generate the private key for identity ID. Identity-based systems have a characteristic problem in operation. Suppose Alice and Bob are users of such a system. Since the information needed to find Alice's public key is completely determined by Alice's ID and the master public key, it is not possible to revoke Alice's credentials and issue new credentials without either (a) changing Alice's ID (usually a phone number or an email address which will appear in a corporate directory); or (b) changing the master public key and re-issusing private keys to all users, including Bob. This limitation may be overcome by including a time component (e.g. the current month) in the identity.
Views: 537 The Audiopedia
What is PRE-SHARED KEY? What does PRE-SHARED KEY mean? PRE-SHARED KEY meaning & explanation
 
03:01
What is PRE-SHARED KEY? What does PRE-SHARED KEY mean? PRE-SHARED KEY meaning - PRE-SHARED KEY definition - PRE-SHARED KEY explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ In cryptography, a pre-shared key (PSK) is a shared secret which was previously shared between the two parties using some secure channel before it needs to be used. To build a key from shared secret, the key derivation function is typically used. Such systems almost always use symmetric key cryptographic algorithms. The term PSK is used in Wi-Fi encryption such as Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), where the method is called WPA-PSK or WPA2-PSK, and also in the Extensible Authentication Protocol (EAP), where it is known as EAP-PSK. In all these cases, both the wireless access points (AP) and all clients share the same key. The characteristics of this secret or key are determined by the system which uses it; some system designs require that such keys be in a particular format. It can be a password, a passphrase, or a hexadecimal string. The secret is used by all systems involved in the cryptographic processes used to secure the traffic between the systems. Crypto systems rely on one or more keys for confidentiality. One particular attack is always possible against keys, the brute force key space search attack. A sufficiently long, randomly chosen, key can resist any practical brute force attack, though not in principle if an attacker has sufficient computational power (see password strength and password cracking for more discussion). Unavoidably, however, pre-shared keys are held by both parties to the communication, and so can be compromised at one end, without the knowledge of anyone at the other. There are several tools available to help one choose strong passwords, though doing so over any network connection is inherently unsafe as one cannot in general know who, if anyone, may be eavesdropping on the interaction. Choosing keys used by cryptographic algorithms is somewhat different in that any pattern whatsoever should be avoided, as any such pattern may provide an attacker with a lower effort attack than brute force search. This implies random key choice to force attackers to spend as much effort as possible; this is very difficult in principle and in practice as well. As a general rule, any software except a Cryptographically secure pseudorandom number generator should be avoided.
Views: 5801 The Audiopedia
What is ENCRYPTED KEY EXCHANGE? What does ENCRYPTED KEY EXCHANGE mean?
 
02:11
What is ENCRYPTED KEY EXCHANGE? What does ENCRYPTED KEY EXCHANGE mean? ENCRYPTED KEY EXCHANGE meaning - ENCRYPTED KEY EXCHANGE definition - ENCRYPTED KEY EXCHANGE explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Encrypted Key Exchange (also known as EKE) is a family of password-authenticated key agreement methods described by Steven M. Bellovin and Michael Merritt. Although several of the forms of EKE in this paper were later found to be flawed , the surviving, refined, and enhanced forms of EKE effectively make this the first method to amplify a shared password into a shared key, where the shared key may subsequently be used to provide a zero-knowledge password proof or other functions. In the most general form of EKE, at least one party encrypts an ephemeral (one-time) public key using a password, and sends it to a second party, who decrypts it and uses it to negotiate a shared key with the first party. A second paper describes Augmented-EKE, and introduced the concept of augmented password-authenticated key agreement for client/server scenarios. Augmented methods have the added goal of ensuring that password verification data stolen from a server cannot be used by an attacker to masquerade as the client, unless the attacker first determines the password (e.g. by performing a brute force attack on the stolen data). A version of EKE based on Diffie-Hellman, known as DH-EKE, has survived attack and has led to improved variations, such as the PAK family of methods in IEEE P1363.2. With the US patent on EKE expiring in late 2011, an EAP authentication method using EKE was published as an IETF RFC. The EAP method uses the Diffie-Hellman variant of EKE.
Views: 303 The Audiopedia
What is CERTIFICATE-BASED ENCRYPTION? What does CERTIFICATE-BASED ENCRYPTION mean?
 
02:30
What is CERTIFICATE-BASED ENCRYPTION? What does CERTIFICATE-BASED ENCRYPTION mean? CERTIFICATE-BASED ENCRYPTION meaning - CERTIFICATE-BASED ENCRYPTION definition - CERTIFICATE-BASED ENCRYPTION explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Certificate-based encryption is a system in which a certificate authority uses ID-based cryptography to produce a certificate. This system gives the users both implicit and explicit certification, the certificate can be used as a conventional certificate (for signatures, etc.), but also implicitly for the purpose of encryption. A user Alice can doubly encrypt a message using another user's (Bob) public key and his (Bob's) identity. This means that the user (Bob) cannot decrypt it without a currently valid certificate and also that the certificate authority cannot decrypt the message as they don't have the user's private key (i.e., there is no implicit escrow as with ID-based cryptography, as the double encryption means they cannot decrypt it solely with the information they have).Certificate is the trust between two parties. Key revocation can be added to the system by requiring a new certificate to be issued as frequently as the level of security requires. Because the certificate is "public information", it does not need to be transmitted over a secret channel. The downside of this is the requirement for regular communication between users and the certificate authority, which means the certificate authority is more vulnerable to electronic attacks (such as denial-of-service attacks) and also that such attacks could effectively stop the system from working. This risk can be partially but not completely reduced by having a hierarchy of multiple certificate authorities. The best example of practical use of certificate-based encryption is Content Scrambling System (CSS), which is used to encode DVD movies in such a way as to make them playable only in a part of the world where they are sold. However, the fact that the region decryption key is stored on the hardware level in the DVD players substantially weakens this form of protection.
Views: 94 The Audiopedia
What is CHAOTIC CRYPTOLOGY? What does CHAOTIC CRYPTOLOGY mean? CHAOTIC CRYPTOLOGY meaning
 
03:54
What is CHAOTIC CRYPTOLOGY? What does CHAOTIC CRYPTOLOGY mean? CHAOTIC CRYPTOLOGY meaning - CHAOTIC CRYPTOLOGY definition - CHAOTIC CRYPTOLOGY explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Chaotic cryptography is the application of the mathematical chaos theory to the practice of the cryptography, the study or techniques used to privately and securely transmit information with the presence of a third-party or adversary. The use of chaos or randomness in cryptography has long been sought after by entities wanting a new way to encrypt messages. However, because of the lack of thorough, provable security properties and low acceptable performance, chaotic cryptography has encountered setbacks. In order to use chaos theory efficiently in cryptography, the chaotic maps should be implemented such that the entropy generated by the map can produce required Confusion and diffusion. Properties in chaotic systems and cryptographic primitives share unique characteristics that allow for the chaotic systems to be applied to cryptography. If chaotic parameters, as well as cryptographic keys, can be mapped symmetrically or mapped to produce acceptable and functional outputs, it will make it next to impossible for an adversary to find the outputs without any knowledge of the initial values. Since chaotic maps in a real life scenario require a set of numbers that are limited, they may, in fact, have no real purpose in a cryptosystem if the chaotic behavior can be predicted. One of the most important issues for any cryptographic primitive is the security of the system. However, in numerous cases, chaos-based cryptography algorithms are proved unsecure. The main issue in many of the cryptanalyzed algorithms is the inadequacy of the chaotic maps implemented in the system. The concept of chaos cryptography or in the other words chaos-based cryptography can be divided into two major groups: the asymmetric and symmetric chaos-based cryptography. The majority of the symmetric chaos-based algorithms are based on the application of discrete chaotic maps in their process. Bourbakis and Alexopoulos in 1991 proposed supposedly the earliest fully intended digital image encryption scheme which was based on SCAN language. Later on, with the emergence of chaos-based cryptography hundreds of new image encryption algorithms, all with the aim of improving the security of digital images were proposed. However, there were three main aspects of the design of an image encryption that was usually modified in different algorithms (chaotic map, application of the map and structure of algorithm). The initial and perhaps most crucial point was the chaotic map applied in the design of the algorithms. The speed of the cryptosystem is always an important parameter in the evaluation of the efficiency of a cryptography algorithm, therefore, the designers were initially interested in using simple chaotic maps such as tent map, and the logistic map. However, in 2006 and 2007, the new image encryption algorithms based on more sophisticated chaotic maps proved that application of chaotic map with higher dimension could improve the quality and security of the cryptosystems. The unpredictable behavior of the chaotic maps can be used in the generation of random numbers. Some of the earliest chaos-based random number generators try to directly generate random numbers form the logistic map.
Views: 2637 The Audiopedia
What is EAVESDROPPING? What does EAVESDROPPING mean? EAVESDROPPING meaning & explanation
 
02:36
What is EAVESDROPPING? What does EAVESDROPPING mean? EAVESDROPPING meaning - EAVESDROPPING definition - EAVESDROPPING explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Eavesdropping is secretly listening to the private conversation of others without their consent, as defined by Black's Law Dictionary. The practice is commonly believed to be unethical. The verb eavesdrop is a back-formation from the noun eavesdropper ("a person who eavesdrops"), which was formed from the unrelated noun eavesdrop ("the dripping of water from the eaves of a house; the ground on which such water falls"). An eavesdropper was someone who stands at the eavesdrop (where the water drops, i.e., next to the house) so as to hear what is said within. The PBS documentaries, Inside the Court of Henry VIII (April 8, 2015) and Secrets of Henry VIII’s Palace (June 30, 2013) include segments that display and discuss "eavedrops", carved wooden figures Henry VIII had built into the eaves (overhanging edges of the beams in the ceiling) of Hampton Court to discourage unwanted gossip or dissension from the King's wishes and rule, to foment paranoia and fear, and demonstrate that everything said there was being overheard; literally, that the walls had ears. Eavesdropping can also be done over telephone lines, email, and other methods of instant messaging considered private. (If a message is broadcast, it is not considered eavesdropping.) VoIP communications software is also vulnerable to electronic eavesdropping via infections such as trojans. Network eavesdropping is a network layer attack that focuses on capturing small packets from the network transmitted by other computers and reading the data content in search of any type of information. This type of network attack is generally one of the most effective as a lack of encryption services are used. It is also linked to the collection of metadata. Those who perform this type of attack are generally black hat hackers; however, government agencies, such as the National Security Agency, have also been connected.
Views: 2536 The Audiopedia
What is POST-QUANTUM CRYPTOGRAPHY? What does POST-QUANTUM CRYPTOGRAPHY mean?
 
02:17
What is POST-QUANTUM CRYPTOGRAPHY? What does POST-QUANTUM CRYPTOGRAPHY mean? POST-QUANTUM CRYPTOGRAPHY meaning - POST-QUANTUM CRYPTOGRAPHY definition - POST-QUANTUM CRYPTOGRAPHY explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Post-quantum cryptography refers to cryptographic algorithms (usually public-key algorithms) that are thought to be secure against an attack by a quantum computer. This is not true for the most popular public-key algorithms, which can be efficiently broken by a sufficiently large quantum computer. The problem with the currently popular algorithms is that their security relies on one of three hard mathematical problems: the integer factorization problem, the discrete logarithm problem or the elliptic-curve discrete logarithm problem. All of these problems can be easily solved on a sufficiently powerful quantum computer running Shor's algorithm. Even though current, publicly known, experimental quantum computers are too small to attack any real cryptographic algorithm, many cryptographers are designing new algorithms to prepare for a time when quantum computing becomes a threat. This work has gained greater attention from academics and industry through the PQCrypto conference series since 2006 and more recently by several workshops on Quantum Safe Cryptography hosted by the European Telecommunications Standards Institute (ETSI) and the Institute for Quantum Computing. In contrast to the threat quantum computing poses to current public-key algorithms, most current symmetric cryptographic algorithms and hash functions are considered to be relatively secure against attacks by quantum computers. While the quantum Grover's algorithm does speed up attacks against symmetric ciphers, doubling the key size can effectively block these attacks. Thus post-quantum symmetric cryptography does not need to differ significantly from current symmetric cryptography.
Views: 262 The Audiopedia
What is QUANTUM KEY DISTRIBUTION? What does QUANTUM KEY DISTRIBUTION mean?
 
02:54
What is QUANTUM KEY DISTRIBUTION? What does QUANTUM KEY DISTRIBUTION mean? QUANTUM KEY DISTRIBUTION meaning - QUANTUM KEY DISTRIBUTION definition - QUANTUM KEY DISTRIBUTION explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Quantum key distribution (QKD) uses quantum mechanics to guarantee secure communication. It enables two parties to produce a shared random secret key known only to them, which can then be used to encrypt and decrypt messages. It is often incorrectly called quantum cryptography, as it is the best-known example of a quantum cryptographic task. An important and unique property of quantum key distribution is the ability of the two communicating users to detect the presence of any third party trying to gain knowledge of the key. This results from a fundamental aspect of quantum mechanics: the process of measuring a quantum system in general disturbs the system. A third party trying to eavesdrop on the key must in some way measure it, thus introducing detectable anomalies. By using quantum superpositions or quantum entanglement and transmitting information in quantum states, a communication system can be implemented that detects eavesdropping. If the level of eavesdropping is below a certain threshold, a key can be produced that is guaranteed to be secure (i.e. the eavesdropper has no information about it), otherwise no secure key is possible and communication is aborted. The security of encryption that uses quantum key distribution relies on the foundations of quantum mechanics, in contrast to traditional public key cryptography, which relies on the computational difficulty of certain mathematical functions, and cannot provide any mathematical proof as to the actual complexity of reversing the one-way functions used. QKD has provable security based on information theory, and forward secrecy. Quantum key distribution is only used to produce and distribute a key, not to transmit any message data. This key can then be used with any chosen encryption algorithm to encrypt (and decrypt) a message, which can then be transmitted over a standard communication channel. The algorithm most commonly associated with QKD is the one-time pad, as it is provably secure when used with a secret, random key. In real-world situations, it is often also used with encryption using symmetric key algorithms like the Advanced Encryption Standard algorithm.
Views: 360 The Audiopedia
What is KEY DISTRIBUTION CENTER? What does KEY DISTRIBUTION CENTER mean?
 
02:57
What is KEY DISTRIBUTION CENTER? What does KEY DISTRIBUTION CENTER mean? KEY DISTRIBUTION CENTER meaning - KEY DISTRIBUTION CENTER definition - KEY DISTRIBUTION CENTER explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ In cryptography, a key distribution center (KDC) is part of a cryptosystem intended to reduce the risks inherent in exchanging keys. KDCs often operate in systems within which some users may have permission to use certain services at some times and not at others. For instance, an administrator may have established a policy that only certain users may backup to tape. (Perhaps the administrator has concerns that unrestricted use might result in someone smuggling out a tape containing important information; but the precise reason does not matter for the purpose of explaining the functioning of the key-distribution center.) Many operating systems can control access to the tape facility via a "system service". If that system service further restricts the tape drive to operate only on behalf of users who can submit a service-granting ticket when they wish to use it, there remains only the task of distributing such tickets to the appropriately permitted users. If the ticket consists of (or includes) a key, one can then term the mechanism which distributes it a KDC. Usually, in such situations, the KDC itself also operates as a system service. A typical operation with a KDC involves a request from a user to use some service. The KDC will use cryptographic techniques to authenticate requesting users as themselves. It will also check whether an individual user has the right to access the service requested. If the authenticated user meets all prescribed conditions, the KDC can issue a ticket permitting access. KDCs mostly operate with symmetric encryption. In most (but not all) cases the KDC shares a key with each of all the other parties. The KDC produces a ticket based on a server key. The client receives the ticket and submits it to the appropriate server. The server can verify the submitted ticket and grant access to user submitting it. Security systems using KDCs include Kerberos. (Actually, Kerberos partitions KDC functionality between two different agents: the AS (Authentication Server) and the TGS (Ticket Granting Service).)
Views: 978 The Audiopedia
What is CRYPTO PHONE? What does CRYPTO PHONE mean? CRYPTO PHONE meaning & explanation
 
02:50
What is CRYPTO PHONE? What does CRYPTO PHONE mean? CRYPTO PHONE meaning - CRYPTO PHONE definition - CRYPTO PHONE explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. Crypto phones are mobile telephones that provide security against eavesdropping and electronic surveillance. The interception of telecommunications has become a major industry. Most of the world's intelligence agencies and many private organisations intercept telephone communications to obtain military, economic and political information. The price of simple mobile phone surveillance devices has become so low that many individuals can afford to use them. Advances in technology have made it difficult to determine who is intercepting and recording private communications. Crypto phones can protect calls from interception by using algorithms to encrypt the signals. The phones have a cryptographic chip that handles encryption and decryption. Two algorithms are programmed into the chip: A key-exchange algorithm for the key agreement protocol and a symmetric-key algorithm for voice encryption. For the system to work, both users must have crypto phones logged into crypto mode. As with other phones, the signal is encrypted by GSM but it is also encrypted by the cryptographic chip. When the IMSI-catcher performs a man-in-the-middle attack and disables the GSM encryption, the crypto phone encryption remains intact. Therefore, while the signal is still being intercepted, it can no longer be decoded and fake SMS messages can't be sent as the IMSI-catcher does not have the correct code. At the beginning of the call, both users get the same session key by using the hash function. Then the session key becomes a confirm code. The confirm code could be 3 letters or 4 numbers, depending on the phone's manufacturer. In the crypto mode, the user reads the confirm code over the encrypted line to his communication partner and verifies the confirm code his partner reads back. If there is a discrepancy in the confirm code, a man-in-the-middle attack has been detected. The "session code" that has been established is used only for that specific call. At termination, all the parameters are wiped from memory, and there is no way to reconstruct the code. Intercepted and stored encrypted material can be kept for later analysis, but there is no way to break the code except, possibly, by the time consuming trial-and-error method.
Views: 787 The Audiopedia
What is KEY ESCROW? What does KEY ESCROW mean? KEY ESCROW meaning, definition & explanation
 
03:12
What is KEY ESCROW? What does KEY ESCROW mean? KEY ESCROW meaning - KEY ESCROW definition - KEY ESCROW explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Key escrow (also known as a “fair” cryptosystem) is an arrangement in which the keys needed to decrypt encrypted data are held in escrow so that, under certain circumstances, an authorized third party may gain access to those keys. These third parties may include businesses, who may want access to employees' private communications, or governments, who may wish to be able to view the contents of encrypted communications. The technical problem is a largely structural one since access to protected information must be provided only to the intended recipient and at least one third party. The third party should be permitted access only under carefully controlled conditions, as for instance, a court order. Thus far, no system design has been shown to meet this requirement fully on a technical basis alone. All proposed systems also require correct functioning of some social linkage, as for instance the process of request for access, examination of request for 'legitimacy' (as by a court), and granting of access by technical personnel charged with access control. All such linkages / controls have serious problems from a system design security perspective. Systems in which the key may not be changed easily are rendered especially vulnerable as the accidental release of the key will result in many devices becoming totally compromised, necessitating an immediate key change or replacement of the system. On a national level, this is controversial in many countries due to technical mistrust of the security of the escrow arrangement (due to a long history of less than adequate protection of others' information by assorted organizations, public and private, even when the information is held only under an affirmative legal obligation to protect it from unauthorized access), and to a mistrust of the entire system even if it functions as designed. Thus far, no key escrow system has been designed which meets both objections and nearly all have failed to meet even one. Key escrow is proactive, anticipating the need for access to keys; a retroactive alternative is key disclosure law, where users are required to surrender keys upon demand by law enforcement, or else face legal penalties. Key disclosure law avoids some of the technical issues and risks of key escrow systems, but also introduces new risks like loss of keys and legal issues such as involuntary self incrimination. The ambiguous term key recovery is applied to both types of systems.
Views: 868 The Audiopedia
What is NONREPUDIATION? What does NONREPUDIATION mean? NONREPUDIATION meaning & explanation
 
04:58
What is NONREPUDIATION? What does NONREPUDIATION mean? NONREPUDIATION meaning - NONREPUDIATION pronunciation - NONREPUDIATION definition - NONREPUDIATION explanation - How to pronounce NONREPUDIATION? Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Non-repudiation refers to a state of affairs where the author of a statement will not be able to successfully challenge the authorship of the statement or validity of an associated contract. The term is often seen in a legal setting wherein the authenticity of a signature is being challenged. In such an instance, the authenticity is being "repudiated". In a general sense non-repudiation involves associating actions or changes to a unique individual. For a secure area, for example, it may be desirable to implement a key card access system. Non-repudiation would be violated if it were not also a strictly enforced policy to prohibit sharing of the key cards and to immediately report lost or stolen cards. Otherwise determining who performed the action of opening the door cannot be trivially determined. Similarly, for computer accounts, the individual owner of the account must not allow others to use that account, especially, for instance, by giving away their account's password, and a policy should be implemented to enforce this. This prevents the owner of the account from denying actions performed by the account. Regarding digital security, the cryptological meaning and application of non-repudiation shifts to mean: A service that provides proof of the integrity and origin of data. An authentication that can be asserted to be genuine with high assurance. Proof of data integrity is typically the easiest of these requirements to accomplish. A data hash, such as SHA2, is usually sufficient to establish that the likelihood of data being undetectably changed is extremely low. Even with this safeguard, it is still possible to tamper with data in transit, either through a man-in-the-middle attack or phishing. Due to this flaw, data integrity is best asserted when the recipient already possesses the necessary verification information. The most common method of asserting the digital origin of data is through digital certificates, a form of public key infrastructure to which digital signatures belong. Note that the public key scheme is not used for encryption in this form; i.e. the goal is not to achieve confidentiality, since a message signed with a private key can be read by anyone using the public key. Verifying the digital origin means that the certified/signed data can be, with reasonable certainty, trusted to be from somebody who possesses the private key corresponding to the signing certificate. If the key is not properly safeguarded by the original owner, digital forgery can become a major concern. The ways in which a party may attempt to repudiate a signature present a challenge to the trustworthiness of the signatures themselves. The standard approach to mitigating these risks is to involve a trusted third party. The two most common TTPs are forensic analysts and notaries. A forensic analyst specializing in handwriting can look at a signature, compare it to a known valid signature, and make a reasonable assessment of the legitimacy of the first signature. A notary provides a witness whose job is to verify the identity of an individual by checking other credentials and affixing their certification that the party signing is who they claim to be. Further, a notary provides the extra benefit of maintaining independent logs of their transactions, complete with the type of credential checked and another signature that can independently be verified by the preceding forensic analyst. For this double security, notaries are the preferred form of verification. On the digital side, the only TTP is the repository for public key certificates. This provides the recipient with the ability to verify the origin of an item even if no direct exchange of the public information has ever been made. The digital signature, however, is forensically identical in both legitimate and forged uses - if someone possesses the private key they can create a "real" signature. The protection of the private key is the idea behind the United States Department of Defense's Common Access Card (CAC), which never allows the key to leave the card and therefore necessitates the possession of the card in addition to the personal identification number (PIN) code necessary to unlock the card for permission to use it for encryption and digital signatures.
Views: 5855 The Audiopedia
Cryptography - Explained Super Fast!
 
04:28
Hello everyone, welcome to another episode of PIVX Class. Today is a short, but sweet intro to cryptography. We really just try and cover what the term means and a tiny bit about how cryptocurrency uses it. Hope it is helpful! Sources: https://www.khanacademy.org/computing/computer-science/cryptography/crypt/v/intro-to-cryptography http://www.dictionary.com/browse/cryptography?s=t https://www.investopedia.com/tech/explaining-crypto-cryptocurrency/ https://en.wikipedia.org/wiki/Cryptography https://www.worldcryptoindex.com/how-cryptography-is-used-cryptocurrency/ https://www.techopedia.com/definition/14316/hashing https://blog.wetrust.io/why-do-i-need-a-public-and-private-key-on-the-blockchain-c2ea74a69e76 http://www.dummies.com/software/other-software/bitcoin-public-private-keys/ https://www.coindesk.com/bitcoin-hash-functions-explained/ Thank you to the PIVX community for your ongoing support. Special thanks: @Bouilla from EMTEX Studio for the amazing sound engineering: https://emtex-studio.com/ @Hanna and the support team for their hard work translating each video @Veramis for editing the video scripts and helping make the videos their best. PIVX Class: Twitter: https://twitter.com/PIVX_Class Facebook: https://www.facebook.com/PIVXClass Pinterest: https://www.pinterest.ca/pivxorg/pivx-class-~-cryptocurrency-education/ PIVX Crypto: Discord: https://discordapp.com/invite/jzqVsJd Twitter: https://twitter.com/_pivx Reddit: https://www.reddit.com/r/pivx/ Facebook: https://www.facebook.com/PIVXCrypto/ Instagram: https://www.instagram.com/pivxcrypto/ Pinterest: https://www.pinterest.ca/pivxorg/ PIVXfans: https://pivxfans.fancorps.com/ Steemit: https://steemit.com/@pivx/ DISCLAIMER: This channel is funded by the PIVX DAO's budget system. Every month it is voted in to be funded an amount that can be viewed on our proposal tracking sites. I make no attempts to hide this and I do my best to be un-bias in non-opinion segments.
Views: 124 PIVX Class
What is KLEPTOGRAPHY? What does KLEPTOGRAPHY mean? KLEPTOGRAPHY meaning & explanation
 
04:17
What is KLEPTOGRAPHY? What does KLEPTOGRAPHY mean? KLEPTOGRAPHY meaning - KLEPTOGRAPHY pronunciation - KLEPTOGRAPHY definition - KLEPTOGRAPHY explanation - How to pronounce KLEPTOGRAPHY? Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Kleptography is the study of stealing information securely and subliminally and it was introduced by Adam Young and Moti Yung in the Proceedings of Advances in Cryptology—Crypto '96. Kleptography is a subfield of cryptovirology and is a natural extension of the theory of subliminal channels that was pioneered by Gus Simmons while at Sandia National Laboratory. A kleptographic backdoor is synonymously referred to as an asymmetric backdoor. Kleptography encompasses secure and covert communications through cryptosystems and cryptographic protocols. This is reminiscent of, but not the same as steganography that studies covert communications through graphics, video, digital audio data, and so forth. A kleptographic attack is an attack which uses asymmetric cryptography to implement a cryptographic backdoor. For example, one such attack could be to subtly modify how the public and private key pairs are generated by the cryptosystem so that the private key could be derived from the public key using the attacker's private key. In a well-designed attack, the outputs of the infected cryptosystem would be computationally indistinguishable from the outputs of the corresponding uninfected cryptosystem. If the infected cryptosystem is a black-box implementation such as a hardware security module, a smartcard, or a Trusted Platform Module, a successful attack could go completely unnoticed. A reverse engineer might be able to uncover a backdoor inserted by an attacker, and when it is a symmetric backdoor, even use it herself. However, by definition a kleptographic backdoor is asymmetric and the reverse-engineer cannot use it. A kleptographic attack (asymmetric backdoor) requires a private key known only to the attacker in order to use the backdoor. In this case, even if the reverse engineer was well-funded and gained complete knowledge of the backdoor, it would remain useless for her to extract the plaintext without the attacker's private key. Kleptographic attacks can be constructed as a cryptotrojan that infects a cryptosystem and opens a backdoor for the attacker, or can be implemented by the manufacturer of a cryptosystem. The attack does not necessarily have to reveal the entirety of the cryptosystem's output; a more complicated attack technique may alternate between producing uninfected output and insecure data with the backdoor present. Kleptographic attacks have been designed for RSA key generation, the Diffie–Hellman key exchange, the Digital Signature Algorithm, and other cryptographic algorithms and protocols. SSL, SSH, and IPsec protocols are vulnerable to kleptographic attacks. In each case, the attacker is able to compromise the particular cryptographic algorithm or protocol by inspecting the information that the backdoor information is encoded in (e.g., the public key, the digital signature, the key exchange messages, etc.) and then exploiting the logic of the asymmetric backdoor using their secret key (usually a private key). A. Juels and J. Guajardo proposed a method (KEGVER) through which a third party can verify RSA key generation. This is devised as a form of distributed key generation in which the secret key is only known to the black box itself. This assures that the key generation process was not modified and that the private key cannot be reproduced through a kleptographic attack.
Views: 197 The Audiopedia
What is DETERMINISTIC ENCRYPTION? What does DETERMINISTIC ENCRYPTION mean?
 
04:27
What is DETERMINISTIC ENCRYPTION? What does DETERMINISTIC ENCRYPTION mean? DETERMINISTIC ENCRYPTION meaning - DETERMINISTIC ENCRYPTION definition - DETERMINISTIC ENCRYPTION explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ A deterministic encryption scheme (as opposed to a probabilistic encryption scheme) is a cryptosystem which always produces the same ciphertext for a given plaintext and key, even over separate executions of the encryption algorithm. Examples of deterministic encryption algorithms include RSA cryptosystem (without encryption padding), and many block ciphers when used in ECB mode or with a constant initialization vector. Deterministic encryption can leak information to an eavesdropper, who may recognize known ciphertexts. For example, when an adversary learns that a given ciphertext corresponds to some interesting message, they can learn something every time that ciphertext is transmitted. To gain information about the meaning of various ciphertexts, an adversary might perform a statistical analysis of messages transmitted over an encrypted channel, or attempt to correlate ciphertexts with observed actions (e.g., noting that a given ciphertext is always received immediately before a submarine dive). This concern is particularly serious in the case of public key cryptography, where any party can encrypt chosen messages using a public encryption key. In this case, the adversary can build a large "dictionary" of useful plaintext/ciphertext pairs, then observe the encrypted channel for matching ciphertexts. While deterministic encryption schemes can never be semantically secure, they have some advantages over probabilistic schemes. One primary motivation for the use of deterministic encryption is the efficient searching of encrypted data. Suppose a client wants to outsource a database to a possibly untrusted database service provider. If each entry is encrypted using a public-key cryptosystem, anyone can add to the database, and only the distinguished "receiver" who has the private key can decrypt the database entries. If, however, the receiver wants to search for a specific record in the database, this becomes very difficult. There are some Public Key encryption schemes that allow keyword search, however these schemes all require search time linear in the database size. If the database entries were encrypted with a deterministic scheme and sorted, then a specific field of the database could be retrieved in logarithmic time. Assuming that a deterministic encryption scheme is going to be used, it is important to understand what is the maximum level of security that can be guaranteed. A number of works have focused on this exact problem. The first work to rigorously define security for a deterministic scheme was in CRYPTO 2007. This work provided fairly strong security definitions (although weaker than semantic security), and gave constructions in the random oracle model. Two follow-up works appeared the next year in CRYPTO 2008, giving definitional equivalences and constructions without random oracles , . To counter this problem, cryptographers proposed the notion of "randomized" or probabilistic encryption. Under these schemes, a given plaintext can encrypt to one of a very large set of possible ciphertexts, chosen randomly during the encryption process. Under sufficiently strong security guarantees the attacks proposed above become infeasible, as the adversary will be unable to correlate any two encryptions of the same message, or correlate a message to its ciphertext, even given access to the public encryption key. This guarantee is known as semantic security or indistinguishability, and has several definitions depending on the assumed capabilities of the attacker.
Views: 211 The Audiopedia
What is MESSAGE AUTHENTICATION? What does MESSAGE AUTHENTICATION mean?
 
01:26
What is MESSAGE AUTHENTICATION? What does MESSAGE AUTHENTICATION mean? MESSAGE AUTHENTICATION meaning - MESSAGE AUTHENTICATION definition - MESSAGE AUTHENTICATION explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ In information security, message authentication or data origin authentication is a property that a message has not been modified while in transit (data integrity) and that the receiving party can verify the source of the message. Message authentication does not necessarily include the property of non-repudiation. Message authentication is typically achieved by using message authentication codes (MACs), authenticated encryption (AE) or digital signatures. Some cryptographers distinguish between "message authentication without secrecy" systems -- which allow the intended receiver to verify the source of the message, but don't bother hiding the plaintext contents of the message -- from authenticated encryption systems. A few cryptographers have researched subliminal channel systems that send messages that appear to use a "message authentication without secrecy" system, but in fact also transmit a secret message.
Views: 869 The Audiopedia
What is KEY STRETCHING? What does KEY STRETCHING mean? KEY STRETCHING meaning & explanation
 
03:00
What is KEY STRETCHING? What does KEY STRETCHING mean? KEY STRETCHING meaning - KEY STRETCHING definition - KEY STRETCHING explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ In cryptography, key stretching techniques are used to make a possibly weak key, typically a password or passphrase, more secure against a brute force attack by increasing the time it takes to test each possible key. Passwords or passphrases created by humans are often short or predictable enough to allow password cracking. Key stretching makes such attacks more difficult. Key stretching techniques generally work as follows. The initial key is fed into an algorithm that outputs an enhanced key. The enhanced key should be of sufficient size to make it infeasible to break by brute force (e.g. at least 128 bits). The overall algorithm used should be secure in the sense that there should be no known way of taking a shortcut that would make it possible to calculate the enhanced key with less processor work than by using the key stretching algorithm itself. The key stretching process leaves the attacker with two options: either try every possible combination of the enhanced key (infeasible if the enhanced key is long enough), or else try likely combinations of the initial key. In the latter approach, if the initial key is a password or a passphrase, then the attacker would first try every word in a dictionary or common password list and then try all character combinations for longer passwords. Key stretching does not prevent this approach, but the attacker has to spend much more time on each attempt. If the attacker uses the same class of hardware as the user, each guess will take the same amount of time to process as it took the user (for example, one second). Even if the attacker has much greater computing resources than the user, the key stretching will still slow the attacker down, since the user's computer only has to compute the stretching function once upon the user entering their password, whereas the attacker must compute it for every guess in the attack. There are several ways to perform key stretching. A cryptographic hash function or a block cipher may be repeatedly applied in a loop. In applications where the key is used for a cipher, the key schedule in the cipher may be modified so that it takes a specific length of time to perform. A related technique, salting, protects against time-memory tradeoff attacks and is often used in conjunction with key stretching.
Views: 347 The Audiopedia
What is TRANSPORT LAYER SECURITY? What does TRANSPORT LAYER SECURITY mean?
 
04:31
What is TRANSPORT LAYER SECURITY? What does TRANSPORT LAYER SECURITY mean? TRANSPORT LAYER SECURITY meaning - TRANSPORT LAYER SECURITY definition - TRANSPORT LAYER SECURITY explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both frequently referred to as "SSL", are cryptographic protocols that provide communications security over a computer network. Several versions of the protocols find widespread use in applications such as web browsing, email, Internet faxing, instant messaging, and voice-over-IP (VoIP). Websites use TLS to secure all communications between their servers and web browsers. The Transport Layer Security protocol aims primarily to provide privacy and data integrity between two communicating computer applications.:3 When secured by TLS, connections between a client (e.g., a web browser) and a server (e.g., wikipedia.org) have one or more of the following properties: The connection is private (or secure) because symmetric cryptography is used to encrypt the data transmitted. The keys for this symmetric encryption are generated uniquely for each connection and are based on a shared secret negotiated at the start of the session (see TLS handshake protocol). The server and client negotiate the details of which encryption algorithm and cryptographic keys to use before the first byte of data is transmitted (see Algorithm below). The negotiation of a shared secret is both secure (the negotiated secret is unavailable to eavesdroppers and cannot be obtained, even by an attacker who places themselves in the middle of the connection) and reliable (no attacker can modify the communications during the negotiation without being detected). The identity of the communicating parties can be authenticated using public-key cryptography. This authentication can be made optional, but is generally required for at least one of the parties (typically the server). The connection ensures integrity because each message transmitted includes a message integrity check using a message authentication code to prevent undetected loss or alteration of the data during transmission.:3 In addition to the properties above, careful configuration of TLS can provide additional privacy-related properties such as forward secrecy, ensuring that any future disclosure of encryption keys cannot be used to decrypt any TLS communications recorded in the past. TLS supports many different methods for exchanging keys, encrypting data, and authenticating message integrity (see Algorithm below). As a result, secure configuration of TLS involves many configurable parameters, and not all choices provide all of the privacy-related properties described in the list above (see authentication and key exchange table, cipher security table, and data integrity table). Attempts have been made to subvert aspects of the communications security that TLS seeks to provide and the protocol has been revised several times to address these security threats (see Security). Developers of web browsers have also revised their products to defend against potential security weaknesses after these were discovered (see TLS/SSL support history of web browsers.) The TLS protocol comprises two layers: the TLS record protocol and the TLS handshake protocol. TLS is a proposed Internet Engineering Task Force (IETF) standard, first defined in 1999 and updated in RFC 5246 (August 2008) and RFC 6176 (March 2011). It builds on the earlier SSL specifications (1994, 1995, 1996) developed by Netscape Communications for adding the HTTPS protocol to their Navigator web browser.
Views: 4538 The Audiopedia
What is DATA IN USE? What does DATA IN USE mean? DATA IN USE meaning, definition & explanation
 
04:23
What is DATA IN USE? What does DATA IN USE mean? DATA IN USE meaning - DATA IN USE definition - DATA IN USE explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. Data in use is an information technology term referring to active data which is stored in a non-persistent digital state typically in computer random access memory (RAM), CPU caches, or CPU registers. Data in use is used as a complement to the terms data in transit and data at rest which together define the three states of digital data. While data in use most commonly refers to data in computer memory, some Cloud Software-as-a-Service (SaaS) providers refer to data in use as any data currently being processed by applications. Because of its nature, Data in Use is of increasing concern to businesses, government agencies and other institutions. Data in use, or memory, can contain sensitive data including digital certificates, encryption keys, intellectual property (software algorithms, design data), and personally identifiable information. Compromising data in use enables access to encrypted data at rest and data in motion. For example, someone with access to random access memory can parse that memory to locate the encryption key for data at rest. Once they have obtained that encryption key, they can decrypt encrypted data at rest. Threats to data in use can come in the form of cold boot attacks, malicious hardware devices, and bootkits. Encryption, which prevents data visibility in the event of its unauthorized access or theft, is commonly used to protect Data in Motion and Data at Rest and increasingly recognized as an optimal method for protecting Data in Use. There have been multiple projects to encrypt memory. Microsoft Xbox systems are designed to provide memory encryption and the company PrivateCore presently has a commercial software product vCage to provide attestation along with full memory encryption for x86 servers. Several papers have been published highlighting the availability of security-enhanced x86 and ARM commodity processors. In that work, an ARM Cortex A8 processor is used as the substrate on which a full memory encryption solution is built. Process segments (for example, stack, code or heap) can be encrypted individually or in composition. This work marks the first full memory encryption implementation on a mobile general-purpose commodity processor. The system provides both confidentiality and integrity protections of code and data which are encrypted everywhere outside the CPU boundary. Operating system kernel patches such as TRESOR and Loop-Amnesia modify the operating system so that CPU registers can be used to store encryption keys and avoid holding encryption keys in RAM. While this approach is not general purpose and does not protect all data in use, it does protect against cold boot attacks. Encryption keys are held inside the CPU rather than in RAM so that data at rest encryption keys are protected against attacks that might compromise encryption keys in memory. Enclaves enable an “enclave” to be secured with encryption in RAM so that enclave data is encrypted while in RAM but available as clear text inside the CPU and CPU cache. Intel Corporation has introduced the concept of “enclaves” as part of its Software Guard Extensions. Intel revealed an architecture combining software and CPU hardware in technical papers published in 2013. Several cryptographic tools, including secure multi-party computation and homomorphic encryption, allow for the private computation of data on untrusted systems. Data in use could be operated upon while encrypted and never exposed to the system doing the processing.
Views: 267 The Audiopedia
What is Encryption? Explain Encryption, Define Encryption, Meaning of Encryption
 
01:11
~~~ Encryption ~~~ Title: What is Encryption? Explain Encryption, Define Encryption, Meaning of Encryption Created on: 2018-08-22 Source Link: https://en.wikipedia.org/wiki/Encryption ------ Description: In cryptography, encryption is the process of encoding a message or information in such a way that only authorized parties can access it and those who are not authorized cannot. Encryption does not itself prevent interference, but denies the intelligible content to a would-be interceptor. In an encryption scheme, the intended information or message, referred to as plaintext, is encrypted using an encryption algorithm – a cipher – generating ciphertext that can be read only if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. It is in principle possible to decrypt the message without possessing the key, but, for a well-designed encryption scheme, considerable computational resources and skills are required. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients but not to unauthorized users. ------ To see your favorite topic here, fill out this request form: https://docs.google.com/forms/d/e/1FAIpQLScU0dLbeWsc01IC0AaO8sgaSgxMFtvBL31c_pjnwEZUiq99Fw/viewform ------ Source: Wikipedia.org articles, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. Support: Donations can be made from https://wikimediafoundation.org/wiki/Ways_to_Give to support Wikimedia Foundation and knowledge sharing.
Views: 29 Audioversity
What is QUANTUM CRYPTOGRAPHY? What does QUANTUM CRYPTOGRAPHY mean?
 
18:04
What is QUANTUM CRYPTOGRAPHY? What does QUANTUM CRYPTOGRAPHY mean? QUANTUM CRYPTOGRAPHY meaning - QUANTUM CRYPTOGRAPHY definition - QUANTUM CRYPTOGRAPHY explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. Quantum cryptography is the science of exploiting quantum mechanical properties to perform cryptographic tasks. The best known example of quantum cryptography is quantum key distribution which offers an information-theoretically secure solution to the key exchange problem. Currently used popular public-key encryption and signature schemes (e.g., RSA and ElGamal) can be broken by quantum adversaries. The advantage of quantum cryptography lies in the fact that it allows the completion of various cryptographic tasks that are proven or conjectured to be impossible using only classical (i.e. non-quantum) communication (see below for examples). For example, it is impossible to copy data encoded in a quantum state and the very act of reading data encoded in a quantum state changes the state. This is used to detect eavesdropping in quantum key distribution. History: Quantum cryptography uses Heisenberg's uncertainty principle formulated in 1927, and the No-cloning theorem first articulated by Wootters and Zurek and Dieks in 1982. Werner Heisenberg discovered one of the fundamental principles of quantum mechanics: "At the instant at which the position of the electron is known, its momentum therefore can be known only up to magnitudes which correspond to that discontinuous change; thus, the more precisely the position is determined, the less precisely the momentum is known, and conversely” (Heisenberg, 1927: 174–5). This simply means that observation of quanta changes its behavior. By measuring the velocity of quanta we would affect it, and thereby change its position; if we want to find a quant's position, we are forced to change its velocity. Therefore, we cannot measure a quantum system's characteristics without changing it (Clark, n.d.) and we cannot record all characteristics of a quantum system before those characteristics are measured. The No-cloning theorem demonstrates that it is impossible to create a copy of an arbitrary unknown quantum state. This makes unobserved eavesdropping impossible because it will be quickly detected, thus greatly improving assurance that the communicated data remains private. Quantum cryptography was proposed first by Stephen Wiesner, then at Columbia University in New York, who, in the early 1970s, introduced the concept of quantum conjugate coding. His seminal paper titled "Conjugate Coding" was rejected by IEEE Information Theory Society, but was eventually published in 1983 in SIGACT News (15:1 pp. 78–88, 1983). In this paper he showed how to store or transmit two messages by encoding them in two "conjugate observables", such as linear and circular polarization of light, so that either, but not both, of which may be received and decoded. He illustrated his idea with a design of unforgeable bank notes. In 1984, building upon this work, Charles H. Bennett, of the IBM's Thomas J. Watson Research Center, and Gilles Brassard, of the Université de Montréal, proposed a method for secure communication based on Wiesner's "conjugate observables", which is now called BB84. In 1991 Artur Ekert developed a different approach to quantum key distribution based on peculiar quantum correlations known as quantum entanglement. Random rotations of the polarization by both parties (usually called Alice and Bob) have been proposed in Kak's three-stage quantum cryptography protocol. In principle, this method can be used for continuous, unbreakable encryption of data if single photons are used. The basic polarization rotation scheme has been implemented. The BB84 method is at the basis of quantum key distribution methods. Companies that manufacture quantum cryptography systems include MagiQ Technologies, Inc. (Boston, Massachusetts, United States), ID Quantique (Geneva, Switzerland), QuintessenceLabs (Canberra, Australia) and SeQureNet (Paris, France).
Views: 1795 The Audiopedia
What is PAPER KEY? What does PAPER KEY mean? PAPER KEY meaning, definition & explanation
 
01:38
What is PAPER KEY? What does PAPER KEY mean? PAPER KEY meaning - PAPER KEY definition - PAPER KEY explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ A paper key is a machine-readable print of a cryptographic key. The printed key can be used to decrypt data, e.g. archives or backup data. A paper key can be the result of an offline private key protocol. The offline private key can also function as a token in two-factor authentication. The idea is that a digital key to decrypt and recover sensitive or personal data should have long-term durability and not be stored on any computer or network. The length of secure cryptographic keys restricts memorization, so the secret key takes the form of a 2D barcode, a machine-readable print. Early implementations of a paper key by the company Safeberg use a Data Matrix barcode. or human-readable base 16 digits. The user stores the printed key in a secure location. To avoid abuse, the key can only be used in combination with a ‘normal’ password. The user can extract the key by creating a digital photo or scan of their paper key and feeding it to cryptographic software that extracts the key to decrypt the data.
Views: 19 The Audiopedia
What is CRYPTOVIROLOGY? What does CRYPTOVIROLOGY mean? CRYPTOVIROLOGY meaning & explanation
 
06:36
What is CRYPTOVIROLOGY? What does CRYPTOVIROLOGY mean? CRYPTOVIROLOGY meaning - CRYPTOVIROLOGY pronunciation - CRYPTOVIROLOGY definition - CRYPTOVIROLOGY explanation - How to pronounce CRYPTOVIROLOGY? Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. Cryptovirology is a field that studies how to use cryptography to design powerful malicious software. The field was born with the observation that public-key cryptography can be used to break the symmetry between what an antivirus analyst sees regarding malware and what the attacker sees. The antivirus analyst sees a public key contained in the malware whereas the attacker sees the public key contained in the malware as well as the corresponding private key (outside the malware) since the attacker created the key pair for the attack. The public key allows the malware to perform trapdoor one-way operations on the victim's computer that only the attacker can undo. The first attack that was identified by Adam L. Young and Moti Yung in the field is called "cryptoviral extortion" and it was presented at the 1996 IEEE Security & Privacy conference. In this attack a cryptovirus, cryptoworm, or cryptotrojan contains the public key of the attacker and hybrid encrypts the victim's files. The malware prompts the user to send the asymmetric ciphertext to the attacker who will decipher it and return the symmetric decryption key it contains for a fee. The victim needs the symmetric key to get the files back if there are no backups of them. The 1996 IEEE paper of Young and Yung predicted that cryptoviral extortion attackers would one day demand e-money, long before bitcoin even existed. Many years later the media relabeled cryptoviral extortion as ransomware. In 2016 cryptovirology attacks on healthcare providers reached epidemic levels prompting the U.S. Department of Health and Human Services to issue a Fact Sheet on Ransomware and HIPAA. The fact sheet states that when electronic protected health information is encrypted by ransomware a breach has occurred and the attack therefore constitutes a disclosure that is not permitted under HIPAA. The rationale being that an adversary has taken control of the information. This expansion of the term "breach" to account for cryptoviral extortion is monumental since now a "breach" can happen even when sensitive data never leaves the victim organization. California enacted a law that defines the introduction of ransomware into a computer system with the intent of extortion as being against the law. This is SB-1137 that amends Section 523 of the Penal Code. The field also encompasses covert malware attacks in which the attacker securely steals private information such as symmetric keys, private keys, PRNG state, and the victim's data. Examples of such covert attacks are asymmetric backdoors. An asymmetric backdoor is a backdoor (e.g., in a cryptosystem) that can be used only by the attacker, even after it is found. This contrasts with the traditional backdoor that is symmetric, i.e., anyone that finds it can use it. Kleptography, a subfield of cryptovirology, is the study of asymmetric back doors in key generation algorithms, digital signature algorithms, key exchanges, pseudorandom number generators, encryption algorithms, and other cryptographic algorithms. The NIST Dual EC DRBG random bit generator has an asymmetric backdoor in it. The EC-DRBG algorithm utilizes the discrete-log kleptogram from Kleptography which by definition makes the EC-DRBG a cryptotrojan. Like ransomware, the EC-DRBG cryptotrojan contains and uses the attacker's public key to attack the host system. A highly respected cryptographer, Ari Juels, indicated that NSA effectively orchestrated a kleptographic attack on users of the Dual EC DRBG pseudorandom number generation algorithm and that, although security professionals and developers have been testing and implementing kleptographic attacks since 1996, "you would be hard-pressed to find one in actual use until now". Due to public outcry of this cryptovirology attack, NIST rescinded the EC-DRBG algorithm from the NIST SP 800-90 standard.
Views: 447 The Audiopedia
What is EPHEMERAL KEY? What does EPHEMERAL KEY mean? EPHEMERAL KEY meaning & explanation
 
01:37
What is EPHEMERAL KEY? What does EPHEMERAL KEY mean? EPHEMERAL KEY meaning - EPHEMERAL KEY definition - EPHEMERAL KEY explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ A cryptographic key is called ephemeral if it is generated for each execution of a key establishment process. In some cases ephemeral keys are used more than once, within a single session (e.g., in broadcast applications) where the sender generates only one ephemeral key pair per message and the private key is combined separately with each recipient's public key. Contrast with a static key. Private ephemeral key agreement key: Private ephemeral key agreement keys are the private keys of asymmetric key pairs that are used only once to establish one or more keys (e.g., key wrapping keys, data encryption keys, or MAC keys) and, optionally, other keying material (e.g., Initialization Vectors). Public ephemeral key agreement key: Public ephemeral key agreement keys are the public keys of asymmetric key pairs that are used in a single key establishment transaction to establish one or more keys (e.g., key wrapping keys, data encryption keys, or MAC keys) and, optionally, other keying material (e.g., Initialization Vectors).
Views: 1344 The Audiopedia
What is CRYPTOGRAPHIC SPLITTING? What does CRYPTOGRAPHIC SPLITTING mean?
 
02:41
What is CRYPTOGRAPHIC SPLITTING? What does CRYPTOGRAPHIC SPLITTING mean? CRYPTOGRAPHIC SPLITTING definition - CRYPTOGRAPHIC SPLITTING explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Cryptographic splitting, also known as cryptographic bit splitting or cryptographic data splitting, is a technique for securing data over a computer network. The technique involves encrypting data, splitting the encrypted data into smaller data units, distributing those smaller units to different storage locations, and then further encrypting the data at its new location. With this process, the data is protected from security breaches, because even if an intruder is able to retrieve and decrypt one data unit, the information would be useless unless it can be combined with decrypted data units from the other locations. The technology was filed for patent consideration in June 2003, and the patent was granted in June 2008. Cryptographic splitting utilizes a combination of different algorithms to provide the data protection. A block of data is first encrypted using the AES-256 government encryption standard. The encrypted bits are then split into different shares and then each share is hashed using the National Security Agency's SHA-256 algorithm. One application of cryptographic splitting is to provide security for cloud computing. The encrypted data subsets can be stored on different clouds, with the information required to restore the data being held on a private cloud for additional security. Security vendor Security First Corp uses this technology for its Secure Parser Extended (SPx) product line. In 2009, technology services company Unisys gave a presentation about using cryptographic splitting with storage area networks. By splitting the data into different parts of the storage area network, this technique provided data redundancy in addition to security. Computer giant IBM has written about using the technology as part of its Cloud Data Encryption Services (ICDES). The technology has also been written about in the context of more effectively using sensitive corporate information, by entrusting different individuals within a company (trustees) with different parts of the information.
Views: 275 The Audiopedia
What is CRYPTO CLOUD COMPUTING? What does CRYPTO CLOUD COMPUTING mean?
 
05:15
What is CRYPTO CLOUD COMPUTING? What does CRYPTO CLOUD COMPUTING mean? CRYPTO CLOUD COMPUTING meaning - CRYPTO CLOUD COMPUTING definition - CRYPTO CLOUD COMPUTING explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Cloud computing is a combination of IaaS, PaaS, SaaS. To construct a secure cloud computing system, security at infrastructure, service platforms and application software levels have to be studied for a secure cloud computing system. Information encryption is one of effective means to achieve cloud computing information security. Traditionally, information encryption focuses on specified stages and operations, such as data encryption. For cloud computing, a system level design has to be implemented. Crypto cloud computing is a new secure cloud computing architecture. It can provide protection of information security at the system level, and allows users access to shared services conveniently and accurately. Crypto cloud computing protects individual’s connections with the outside world. It can protect the personal privacy without any delay of information exchange. Crypto cloud computing is based on the Quantum Direct Key system. Quantum Direct Key (QDK) is a set of advanced asymmetric offline key mechanism. In this mechanism, all entities get public and private key pair according to their ID. Each entity only holds its own private key, but has a public key generator to generate any public key. In this system, an entity can produce the public key of any other entities offline, no any third-party agency (such as CA) is necessary. Crypto cloud computing based on QDK can avoid network traffic congestion, and other drawbacks using current encryption system. In the crypto cloud computing system, each entity encrypts data using his/her own private key. All elements in the system such as cloud computing infrastructure units, platform, virtualization tools and all involved entities have their own keys. While fulfilling their own functions of information exchange and processing, all these elements will use the public key and private key to perform authentication first. What’s more, events occur in the cloud computing are also assigned a unique key. In this way, crypto cloud system guarantees the security and credibility of information exchange. Current cloud computing structure is developed for data and computing sharing. Security is not priority of system. On the contrary, encryption and security are inherently integrated in the crypto cloud computing based on the QDK. QDK authorized function units are bricks of crypto cloud computing. Besides primary function of data en/decryption, crypto cloud computing also provides many security related functions. For example, all channels sign transmit data using with their own keys, and the receiving terminals can avoid hijacking by verifying signature. What’s more, the exact position of security leakage can be identified determined by analyzing digital signatures of forged data. Based on such capabilities, crypto-related functions can be provided as services in cloud, which is named as ‘Crypto as a service (CAAS)’. Crypto cloud computing is not only the advances in information technology, but also innovation of logical relationship. In crypto cloud computing system, non-system data is not allowed to store and transmit. Private Key and offline public key, play a role of identification and certification in the process of information exchange. In this way, the cloud establishes a relationship of trust with a customer. Data identification depends on the logical relationship of mutual trust or need, and the logical relationship depends on the cloud customer. Crypto cloud computing is a new framework for cyber resource sharing. It protects data security and privacy. Well, in cloud environment, crypto cloud computing guarantees the information security and integrity during whole procedure. Security management of cloud computing can also be performed by authorizing the signatures of every element involved. What’s more, a user can retrieve all related resources using his QDK key. There is no personal privacy under the current cloud framework, as pointed out by Mark Zuckerberg, 'the Age of Privacy Is Over '.However, with the development of crypto cloud computing, we can resolve the conflict between services data sharing and privacy security. It opens up new prospects for the development of information sharing technology.
Views: 145 The Audiopedia
What is RANDOM ORACLE? What does RANDOM ORACLE mean? RANDOM ORACLE meaning & explanation
 
04:33
What is RANDOM ORACLE? What does RANDOM ORACLE mean? RANDOM ORACLE meaning - RANDOM ORACLE definition - RANDOM ORACLE explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ In cryptography, a random oracle is an oracle (a theoretical black box) that responds to every unique query with a (truly) random response chosen uniformly from its output domain. If a query is repeated it responds the same way every time that query is submitted. Stated differently, a random oracle is a mathematical function chosen uniformly at random, that is, a function mapping each possible query to a (fixed) random response from its output domain. Random oracles as a mathematical abstraction were firstly used in rigorous cryptographic proofs in the 1993 publication by Mihir Bellare and Phillip Rogaway (1993). They are typically used when the cryptographic hash functions in the method cannot be proven to possess the mathematical properties required by the proof. A system that is proven secure when every hash function is replaced by a random oracle is described as being secure in the random oracle model, as opposed to secure in the standard model of cryptography. Random oracles are typically used as an ideal replacement for cryptographic hash functions in schemes where strong randomness assumptions are needed of the hash function's output. Such a proof generally shows that a system or a protocol is secure by showing that an attacker must require impossible behavior from the oracle, or solve some mathematical problem believed hard in order to break it. Not all uses of cryptographic hash functions require random oracles: schemes that require only one or more properties having a definition in the standard model (such as collision resistance, preimage resistance, second preimage resistance, etc.) can often be proven secure in the standard model (e.g., the Cramer–Shoup cryptosystem). Random oracles have long been considered in computational complexity theory, and many schemes have been proven secure in the random oracle model, for example Optimal Asymmetric Encryption Padding, RSA-FDH and Probabilistic Signature Scheme. In 1986, Amos Fiat and Adi Shamir showed a major application of random oracles – the removal of interaction from protocols for the creation of signatures. In 1989, Russell Impagliazzo and Steven Rudich showed the limitation of random oracles – namely that their existence alone is not sufficient for secret-key exchange. In 1993, Mihir Bellare and Phillip Rogaway were the first to advocate their use in cryptographic constructions. In their definition, the random oracle produces a bit-string of infinite length which can be truncated to the length desired. According to the Church–Turing thesis, no function computable by a finite algorithm can implement a true random oracle (which by definition requires an infinite description). In fact, certain artificial signature and encryption schemes are known which are proven secure in the random oracle model, but which are trivially insecure when any real function is substituted for the random oracle. Nonetheless, for any more natural protocol a proof of security in the random oracle model gives very strong evidence of the practical security of the protocol. In general, if a protocol is proven secure, attacks to that protocol must either be outside what was proven, or break one of the assumptions in the proof; for instance if the proof relies on the hardness of integer factorization, to break this assumption one must discover a fast integer factorization algorithm. Instead, to break the random oracle assumption, one must discover some unknown and undesirable property of the actual hash function; for good hash functions where such properties are believed unlikely, the considered protocol can be considered secure.
Views: 478 The Audiopedia
What is CRYPTO-ANARCHISM? What does CRYPTO-ANARCHISM mean? CRYPTO-ANARCHISM meaning
 
11:12
What is CRYPTO-ANARCHISM? What does CRYPTO-ANARCHISM mean? CRYPTO-ANARCHISM meaning - CRYPTO-ANARCHISM definition - CRYPTO-ANARCHISM explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Crypto-anarchism (or crypto-anarchy) is a cyber-spatial realization of anarchism. Crypto-anarchists employ cryptographic software to evade prosecution and harassment while sending and receiving information over computer networks, in an effort to protect their privacy and political freedom. By using cryptographic software, the association between the identity of a certain user or organization and the pseudonym they use is made difficult to find, unless the user reveals the association. It is difficult to say which country's laws will be ignored, as even the location of a certain participant is unknown. However, participants may in theory voluntarily create new laws using smart contracts or, if the user is pseudonymous, depend on online reputation. One motive of crypto-anarchists is to defend against surveillance of computer networks communication. Crypto-anarchists try to protect against government mass surveillance, such as PRISM, Tempora, telecommunications data retention, the NSA warrantless surveillance controversy, Room 641A, the FRA and so on. Crypto-anarchists consider the development and use of cryptography to be the main defense against such problems, as opposed to political action. A second concern is evasion of censorship, particularly Internet censorship, on the grounds of freedom of expression. The programs used by crypto-anarchists often make it possible to both publish and read information off the internet or other computer networks anonymously. For example, Tor, I2P, Freenet and many similar networks allow for anonymous "hidden" webpages only accessible by users of these programs, while projects like Bitmessage allow for anonymous messaging system intended to be a substitute for email. This helps whistleblowers and political opposition in oppressive nations to spread their information. A third reason -- and one of increasing importance -- is to build and participate in counter economics, which includes development of viable alternatives to banking systems, and development of alternative financial systems which provide the user with options for greater privacy or anonymity. Cryptocurrencies such as Bitcoin and services like Silk Road and Black Market Reloaded made it possible to trade goods and services with little interference from the law. There is a distinction between centralized and decentralized tools that are utilized for this purpose. The Silk Road and Black Market Reloaded are examples of centralized, and thus vulnerable, marketplaces, or tools. Similarly, web wallets employed by Bitcoin users are also centralized and vulnerable. Decentralized and distributed marketplaces and currency exchanges present significantly less risk to the user. One example of a decentralized and distributed marketplace is OpenBazaar. An example of a decentralized and distributed currency exchange is BitSquare. The technical challenge in developing and maintaining these cryptographic systems is tremendous, which causes some programmers to be interested in joining such projects. Crypto-anarchists argue that without encryption abilities, messages, personal information, and private life would be seriously damaged. They argue that a ban on cryptography is equal to the eradication of secrecy of correspondence. They argue that only a draconian police-state would criminalize cryptography. It is already illegal to use it in some countries, and export laws are restrictive in others. Citizens in the United Kingdom must, upon request, give keys for decryption of personal systems to authorities. Failing to do this can result in imprisonment for up to two years, without evidence of other criminal activity. ....
Views: 1772 The Audiopedia
What is FORWARD ANONYMITY? What does FORWARD ANONYMITY mean? FORWARD ANONYMITY meaning
 
04:45
What is FORWARD ANONYMITY? What does FORWARD ANONYMITY mean? FORWARD ANONYMITY meaning - FORWARD ANONYMITY definition - FORWARD ANONYMITY explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Forward anonymity, analogous to forward secrecy, in computer security and cryptography is the property which prevents an attacker who has recorded past communications from discovering the identities of the participants, even after the fact. When speaking of forward secrecy, system designers attempt to prevent an attacker who has recorded past communications from discovering the contents of said communications later on. One example of a system which satisfies the perfect forward secrecy property is one in which a compromise of one key by an attacker (and consequent decryption of messages encrypted with that key) does not undermine the security of previously used keys. Forward secrecy does not refer to protecting the content of the message, but rather to the protection of keys used to decrypt messages. One example of a system which uses forward anonymity is a public key cryptography system, where the public key is well-known and used to encrypt a message, and an unknown private key is used to decrypt it. In this system, one of the keys is always said to be compromised, but messages and their participants are still unknown by anyone without the corresponding private key. Originally introduced by Whitfield Diffie, Paul van Oorschot, and Michael James Wiener to describe a property of STS (station-to-station protocol) involving a long term secret, either a private key or a shared password. Public Key Cryptography is a common form of a forward anonymous system. It is used to pass encrypted messages, preventing any information about the message from being discovered if the message is intercepted by an attacker. It uses two keys, a public key and a private key. The public key is published, and is used by anyone to encrypt a plaintext message. The Private key is not well known, and is used to decrypt cyphertext. Public key cryptography is known as an asymmetric decryption algorithm because of different keys being used to perform opposing functions. Public key cryptography is popular because, while it is computationally easy to create a pair of keys, it is extremely difficult to determine the private key knowing only the public key. Therefore, the public key being well known does not allow messages which are intercepted to be decrypted. This is a forward anonymous system because one compromised key (the public key) does not compromise the anonymity of the system. A variation of the public key cryptography system is a Web of trust, where each user has both a public and private key. Messages sent are encrypted using the intended recipients public key, and only this recipients private key will decrypt the message. They are also signed with the senders private key. This creates added security where it becomes more difficult for an attacker to pretend to be a user, as the lack of a private key signature indicates an non-trusted user. A forward anonymous system does not necessarily mean a wholly secure system. A successful cryptoanalysis of a message or sequence of messages can still decode the information without the use of a private key or long term secret. Forward anonymity, along with other cryptography related properties, received a burst of media attention after the leak of classified information by Edward Snowden, beginning in June, 2013, which indicated that the NSA and FBI had practices of asking companies, to leave in back doors for them, allowing the companies and agencies to decrypt information stored on phones and other devices more easily, with the intention of allowing them to more easily find and arrest various criminals, while occasionally mistakenly targeting innocent civilians. They especially publicized the aid this practice provided in catching predatory pedophiles. Opponents to this practice argue that leaving in a back door to law enforcement increases the risk of attackers being able to decrypt information, as well as questioning its legality under the US Constitution, specifically being a form of illegal Search and Seizure
Views: 20 The Audiopedia
What is SECURE CHANNEL? What does SECURE CHANNEL mean? SECURE CHANNEL meaning & explanation
 
05:33
What is SECURE CHANNEL? What does SECURE CHANNEL mean? SECURE CHANNEL meaning - SECURE CHANNEL definition - SECURE CHANNEL explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ In cryptography, a secure channel is a way of transferring data that is resistant to overhearing and tampering. A confidential channel is a way of transferring data that is resistant to overhearing (i.e., reading the content), but not necessarily resistant to tampering. An authentic channel is a way of transferring data that is resistant to tampering but not necessarily resistant to overhearing. There are no perfectly secure channels in the real world. There are, at best, only ways to make insecure channels (e.g., couriers, homing pigeons, diplomatic bags, etc.) less insecure: padlocks (between courier wrists and a briefcase), loyalty tests, security investigations, and guns for courier personnel, diplomatic immunity for diplomatic bags, and so forth. In 1976, two researchers proposed a key exchange technique (now named after them)—Diffie–Hellman key exchange (D-H). This protocol allows two parties to generate a key only known to them, under the assumption that a certain mathematical problem (e.g., the Diffie–Hellman problem in their proposal) is computationally infeasible (i.e., very very hard) to solve, and that the two parties have access to an authentic channel. In short, that an eavesdropper—conventionally termed 'Eve', who can listen to all messages exchanged by the two parties, but who can not modify the messages—will not learn the exchanged key. Such a key exchange was impossible with any previously known cryptographic schemes based on symmetric ciphers, because with these schemes it is necessary that the two parties exchange a secret key at some prior time, hence they require a confidential channel at that time which is just what we are attempting to build. It is important to note that most cryptographic techniques are trivially breakable if keys are not exchanged securely or, if they actually were so exchanged, if those keys become known in some other way— burglary or extortion, for instance. An actually secure channel will not be required if an insecure channel can be used to securely exchange keys, and if burglary, bribery, or threat aren't used. The eternal problem has been and of course remains—even with modern key exchange protocols—how to know when an insecure channel worked securely (or alternatively, and perhaps more importantly, when it did not), and whether anyone has actually been bribed or threatened or simply lost a notebook (or a notebook computer) with key information in it. These are hard problems in the real world and no solutions are known—only expedients, jury rigs, and workarounds. Researchers have proposed and demonstrated quantum cryptography in order to create a secure channel. If the current understanding of this subject of quantum physics is adequate, quantum cryptography facilitates the exchange of theoretically uneavesdroppable, non-interceptable, non-tamperable data. The mechanism is related to the uncertainty relation. It is not clear whether the special conditions under which it can be made to work are practical in the real world of noise, dirt, and imperfection in which most everything is required to function. Thus far, actual implementation of the technique is exquisitely finicky and expensive, limiting it to very special purpose applications. It may also be vulnerable to attacks specific to particular implementations and imperfections in the optical components of which the quantum cryptographic equipment is built. While implementations of classical cryptographic algorithms have received worldwide scrutiny over the years, only a limited amount of public research has been done to assess security of the present-day implementations of quantum cryptosystems, mostly because they are not in widespread use as of 2014. Security definitions for a secure channel try to model its properties independently from its concrete instantiation. A good understanding of these properties is needed before designing a secure channel, and before being able to assess its appropriateness of employment in a cryptographic protocol. This is a topic of provable security. A definition of a secure channel that remains secure, even when used in arbitrary cryptographic protocols is an important building block for universally composable cryptography....
Views: 237 The Audiopedia
What is VISUAL CRYPTOGRAPHY? What does VISUAL CRYPTOGRAPHY mean? VISUAL CRYPTOGRAPHY meaning
 
02:08
What is VISUAL CRYPTOGRAPHY? What does VISUAL CRYPTOGRAPHY mean? VISUAL CRYPTOGRAPHY meaning - VISUAL CRYPTOGRAPHY definition - VISUAL CRYPTOGRAPHY explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Visual cryptography is a cryptographic technique which allows visual information (pictures, text, etc.) to be encrypted in such a way that decryption becomes the job of the person to decrypt via sight reading. One of the best-known techniques has been credited to Moni Naor and Adi Shamir, who developed it in 1994. They demonstrated a visual secret sharing scheme, where an image was broken up into n shares so that only someone with all n shares could decrypt the image, while any n - 1 shares revealed no information about the original image. Each share was printed on a separate transparency, and decryption was performed by overlaying the shares. When all n shares were overlaid, the original image would appear. There are several generalizations of the basic scheme including k-out-of-n visual cryptography. Using a similar idea, transparencies can be used to implement a one-time pad encryption, where one transparency is a shared random pad, and another transparency acts as the ciphertext. Normally, there is an expansion of space requirement in visual cryptography. But if one of the two shares is structured recursively, the efficiency of visual cryptography can be increased to 100%. Some antecedents of visual cryptography are in patents from the 1960s. Other antecedents are in the work on perception and secure communication. Visual cryptography can be used to protect biometric templates in which decryption does not require any complex computations.
Views: 1334 The Audiopedia
What is OFF-THE-RECORD MESSAGING? What does OFF-THE-RECORD MESSAGING mean?
 
04:35
What is OFF-THE-RECORD MESSAGING? What does OFF-THE-RECORD MESSAGING mean? OFF-THE-RECORD MESSAGING meaning - OFF-THE-RECORD MESSAGING definition - OFF-THE-RECORD MESSAGING explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Off-the-Record Messaging (OTR) is a cryptographic protocol that provides encryption for instant messaging conversations. OTR uses a combination of AES symmetric-key algorithm with 128 bits key length, the Diffie–Hellman key exchange with 1536 bits group size, and the SHA-1 hash function. In addition to authentication and encryption, OTR provides forward secrecy and malleable encryption. The primary motivation behind the protocol was providing deniable authentication for the conversation participants while keeping conversations confidential, like a private conversation in real life, or off the record in journalism sourcing. This is in contrast with cryptography tools that produce output which can be later used as a verifiable record of the communication event and the identities of the participants. The initial introductory paper was named "Off-the-Record Communication, or, Why Not To Use PGP". The OTR protocol was designed by cryptographers Ian Goldberg and Nikita Borisov and released on 26 October 2004. They provide a client library to facilitate support for instant messaging client developers who want to implement the protocol. A Pidgin and Kopete plugin exists that allows OTR to be used over any IM protocol supported by Pidgin or Kopete, offering an auto-detection feature that starts the OTR session with the buddies that have it enabled, without interfering with regular, unencrypted conversations. In addition to providing encryption and authentication — features also provided by typical public-key cryptography suites, such as PGP, GnuPG, and X.509 (S/MIME) — OTR also offers some less common features: Forward secrecy: Messages are only encrypted with temporary per-message AES keys, negotiated using the Diffie–Hellman key exchange protocol. The compromise of any long-lived cryptographic keys does not compromise any previous conversations, even if an attacker is in possession of ciphertexts. Deniable authentication: Messages in a conversation do not have digital signatures, and after a conversation is complete, anyone is able to forge a message to appear to have come from one of the participants in the conversation, assuring that it is impossible to prove that a specific message came from a specific person. Within the conversation the recipient can be sure that a message is coming from the person they have identified. As of OTR 3.1, the protocol supports mutual authentication of users using a shared secret through the socialist millionaire protocol. This feature makes it possible for users to verify the identity of the remote party and avoid a man-in-the-middle attack without the inconvenience of manually comparing public key fingerprints through an outside channel. Due to limitations of the protocol, OTR does not support multi-user group chat as of 2009 but it may be implemented in the future. As of version 3 of the protocol specification, an extra symmetric key is derived during authenticated key exchanges that can be used for secure communication (e.g., encrypted file transfers) over a different channel. Support for encrypted audio or video is not planned. (SRTP with ZRTP exists for that purpose.) A project to produce a protocol for multi-party off-the-record messaging (mpOTR) has been organized by Cryptocat, eQualitie, and other contributors including Ian Goldberg. Since OTR protocol v3 (libotr 4.0.0) the plugin supports multiple OTR conversations with the same buddy who is logged in at multiple locations.
Views: 349 The Audiopedia
What is SECURE CRYPTOPROCESSOR? What does SECURE CRYPTOPROCESSOR mean?
 
08:25
What is SECURE CRYPTOPROCESSOR? What does SECURE CRYPTOPROCESSOR mean? SECURE CRYPTOPROCESSOR meaning - SECURE CRYPTOPROCESSOR definition - SECURE CRYPTOPROCESSOR explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ A secure cryptoprocessor is a dedicated computer on a chip or microprocessor for carrying out cryptographic operations, embedded in a packaging with multiple physical security measures, which give it a degree of tamper resistance. Unlike cryptographic processors that output decrypted data onto a bus in a secure environment, a secure cryptoprocessor does not output decrypted data or decrypted program instructions in an environment where security cannot always be maintained. The purpose of a secure cryptoprocessor is to act as the keystone of a security subsystem, eliminating the need to protect the rest of the subsystem with physical security measures. Security measures used in secure cryptoprocessors: Tamper-detecting and tamper-evident containment. Conductive shield layers in the chip that prevent reading of internal signals. Controlled execution to prevent timing delays from revealing any secret information. Automatic zeroization of secrets in the event of tampering. Chain of trust boot-loader which authenticates the operating system before loading it. Chain of trust operating system which authenticates application software before loading it. Hardware-based capability registers, implementing a one-way privilege separation model. Secure cryptoprocessors, while useful, are not invulnerable to attack, particularly for well-equipped and determined opponents (e.g. a government intelligence agency) who are willing to expend massive resources on the project. One attack on a secure cryptoprocessor targeted the IBM 4758. A team at the University of Cambridge reported the successful extraction of secret information from an IBM 4758, using a combination of mathematics, and special-purpose codebreaking hardware. However, this attack was not practical in real-world systems because it required the attacker to have full access to all API functions of the device. Normal and recommended practices use the integral access control system to split authority so that no one person could mount the attack. While the vulnerability they exploited was a flaw in the software loaded on the 4758, and not the architecture of the 4758 itself, their attack serves as a reminder that a security system is only as secure as its weakest link: the strong link of the 4758 hardware was rendered useless by flaws in the design and specification of the software loaded on it. Smartcards are significantly more vulnerable, as they are more open to physical attack. Additionally, hardware backdoors can undermine security in smartcards and other cryptoprocessors unless investment is made in anti-backdoor design methods. In the case of full disk encryption applications, especially when implemented without a boot PIN, a cryptoprocessor would not be secure against a cold boot attack if data remanence could be exploited to dump memory contents after the operating system has retrieved the cryptographic keys from its TPM. However, if all of the sensitive data is stored only in cryptoprocessor memory and not in external storage, and the cryptoprocessor is designed to be unable to reveal keys or decrypted or unencrypted data on chip bonding pads or solder bumps, then such protected data would be accessible only by probing the cryptoprocessor chip after removing any packaging and metal shielding layers from the cryptoprocessor chip. This would require both physical possession of the device as well as skills and equipment beyond that of most technical personnel. Other attack methods involve carefully analyzing the timing of various operations that might vary depending on the secret value or mapping the current consumption versus time to identify differences in the way that ‘0’ bits are handled internally vs ‘1’ bits. Or the attacker may apply temperature extremes, excessively high or low clock frequencies or supply voltage that exceeds the specifications in order to induce a fault. The internal design of the cryptoprocessor can be tailored to prevent these attacks. Some secure cryptoprocessors contain dual processor cores and generate inaccessible encryption keys when needed so that even if the circuitry is reverse engineered, it will not reveal any keys that are necessary to securely decrypt software booted from encrypted flash memory or communicated between cores. The first single-chip cryptoprocessor design was for copy protection of personal computer software (see US Patent 4,168,396, Sept 18, 1979) and was inspired by Bill Gates' Open Letter to Hobbyists. ....
Views: 772 The Audiopedia
What is PIGGY BANK CRYPTOGRAPHY? What does PIGGY BANK CRYPTOGRAPHY mean?
 
01:54
What is PIGGY BANK CRYPTOGRAPHY? What does PIGGY BANK CRYPTOGRAPHY mean? PIGGY BANK CRYPTOGRAPHY meaning - PIGGY BANK CRYPTOGRAPHY definition - PIGGY BANK CRYPTOGRAPHY explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Piggy bank cryptography is a digital emulation of a piggy bank. It uses an encrypted message as a carrier into which valuable secrets can be inserted and later recovered by the person who issued the message. A typical protocol works as follows: Bob, who wishes to obtain secret information from Alice, uses public key cryptography to encrypt some random data with his own public key. He sends the result to Alice. Alice creates a single-use key pair. She injects both her secret and her new decryption key into Bob's message. She then writes a signed note that describes what she has injected. She encrypts the note with her new encryption key, and sends the modified message and note to Bob. Bob decrypts the modified message to obtain both the secret and Alice's decryption key. He uses her decryption key to read the note and verify that Alice sent the secret. In this scheme, Bob does not necessarily require a public key from Alice, although he does require her to sign her note in such a way that he can verify her authorship. Piggy bank cryptography has been proposed for authenticating parties to detect man-in-the-middle attack. The piggy bank paradigm can be used to implement asymmetric as well as double-lock cryptography.
Views: 28 The Audiopedia
What is CLIENT-SIDE ENCRYPTION? What does CLIENT-SIDE ENCRYPTION mean?
 
02:02
What is CLIENT-SIDE ENCRYPTION? What does CLIENT-SIDE ENCRYPTION mean? CLIENT-SIDE ENCRYPTION meaning - CLIENT-SIDE ENCRYPTION definition - CLIENT-SIDE ENCRYPTION explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Client-side encryption is the cryptographic technique of encrypting data on the sender's side, before it is transmitted to a server such as a cloud storage service. Client-side encryption features an encryption key that is not available to the service provider, making it difficult or impossible for service providers to decrypt hosted data. Client-side encryption allows for the creation of zero-knowledge applications whose providers cannot access the data its users have stored, thus offering a high level of privacy. Client-side encryption is widely recognized as an exceptionally robust data security strategy. By eliminating the potential for data to be viewed by service providers (or third parties that compel service providers to deliver access to data), client-side encryption ensures that data and files that are stored in the cloud can only be viewed on the client side of the exchange. This prevents data loss and the unauthorized disclosure of private or personal files, providing increased peace of mind for both personal and business users. Current academic scholarship as well as recommendations by industry professionals provide much support for developers to include client-side encryption to protect the confidentiality and integrity of information. Examples of cloud storage services that provide client-side encryption are Tresorit, MEGA and SpiderOak. As of February 2016, neither Apple iCloud, Google Drive, or Dropbox provide client-side encryption.
Views: 737 The Audiopedia
What is DIRECT ANONYMOUS ATTESTATION? What does DIRECT ANONYMOUS ATTESTATION mean?
 
07:01
What is DIRECT ANONYMOUS ATTESTATION? What does DIRECT ANONYMOUS ATTESTATION mean? DIRECT ANONYMOUS ATTESTATION meaning - DIRECT ANONYMOUS ATTESTATION definition - DIRECT ANONYMOUS ATTESTATION explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Direct Anonymous Attestation (DAA) is a cryptographic primitive which enables remote authentication of a trusted computer whilst preserving privacy of the platform's user. The protocol has been adopted by the Trusted Computing Group (TCG) in the latest version of its Trusted Platform Module (TPM) specification to address privacy concerns (see also Loss of Internet anonymity). ISO/IEC 20008 specifies DAA, as well, and Intel's Enhanced Privacy ID (EPID) 2.0 implementation for microprocessors is available for licensing RAND-Z along with an open source SDK. In principle the privacy issue could be resolved using any standard signature scheme (or public key encryption) and a single key pair. Manufacturers would embed the private key into every TPM produced and the public key would be published as a certificate. Signatures produced by the TPM must have originated from the private key, by the nature of the technology, and since all TPMs use the same private key they are indistinguishable ensuring the user's privacy. This rather naive solution relies upon the assumption that there exists a global secret. One only needs to look at the precedent of Content Scramble System (CSS), an encryption system for DVDs, to see that this assumption is fundamentally flawed. Furthermore, this approach fails to realize a secondary goal: the ability to detect rogue TPMs. A rogue TPM is a TPM that has been compromised and had its secrets extracted. The solution first adopted by the TCG (TPM specification v1.1) required a trusted third-party, namely a privacy certificate authority (privacy CA). Each TPM has an embedded RSA key pair called an Endorsement Key (EK) which the privacy CA is assumed to know. In order to attest the TPM generates a second RSA key pair called an Attestation Identity Key (AIK). It sends the public AIK, signed by EK, to the privacy CA who checks its validity and issues a certificate for the AIK. (For this to work, either a) the privacy CA must know the TPM's public EK a priori, or b) the TPM's manufacturer must have provided an endorsement certificate.) The host/TPM is now able to authenticate itself with respect to the certificate. This approach permits two possibilities to detecting rogue TPMs: firstly the privacy CA should maintain a list of TPMs identified by their EK known to be rogue and reject requests from them, secondly if a privacy CA receives too many requests from a particular TPM it may reject them and blacklist the TPMs EK. The number of permitted requests should be subject to a risk management exercise. This solution is problematic since the privacy CA must take part in every transaction and thus must provide high availability whilst remaining secure. Furthermore, privacy requirements may be violated if the privacy CA and verifier collude. Although the latter issue can probably be resolved using blind signatures, the first remains. ....
Views: 394 The Audiopedia
What is MULTICAST ENCRYPTION? What does MULTICAST ENCRYPTION mean? MULTICAST ENCRYPTION meaning
 
03:28
What is MULTICAST ENCRYPTION? What does MULTICAST ENCRYPTION mean? MULTICAST ENCRYPTION meaning - MULTICAST ENCRYPTION definition - MULTICAST ENCRYPTION explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Multicast is what enables a node on a network to address one unit of data to a specific group of receivers. In interactive multicast at the data link or network layer, such as IP multicast, Ethernet multicast or MBMS service over cellular network, receivers may join and leave the group using an interaction channel. Only one copy of the data is sent from the source, and multiple copies are created and then sent to the desired recipient by the network infrastructure nodes. In for example IP multicast, a multicast group is identified by a class D IP address. A host enters or exits a group using IGMP (Internet Group Management Protocol). A message sent via multicast is sent to all nodes on the network, but only the intended nodes accept the multicast frames. Multicasting is useful in situations such as video conferencing and online gaming. Multicast was used originally in LANs, with Ethernet being the best example. A problem with multicast communication is that it is difficult to guarantee that only designated receivers receive the data being sent. This is largely because multicast groups are always changing; users come and go at any time. A solution to the problem of ensuring that only the chosen recipient obtains the data is known as multicast encryption. The ISO (International Organization for Standardization) states that confidentiality, integrity, authentication, access control, and non-repudiation should all be considered when creating any secure system. Confidentiality: No unauthorized party can access appropriate messages. Integrity: Messages cannot be changed during transit without being discovered. Authentication: The message needs to be sent by the person/machine who claims to have sent it. Access control: Only those users enabled can access the data. Non-repudiation: The receiver can prove that the sender actually sent the message. To be secure, members who are just being added to the group must be restricted from viewing past data. Also, members removed from a group may not access future data. Today, one alternative in multicast encryption involves the use of symmetric key encryption where data is decoded by intended receivers using a traffic encryption key (TEK). The TEK is changed any time a member joins or leaves the group. This is not feasible for large groups. Users must be continuously connected to obtain the new keys. Another more common method involves asymmetric keys. Here, a private key is shared and those shares are given out asymmetrically. The initial member is given a number of shares, one of which is passed to each group member. If a member has a valid share of the key, he can view the message.
Views: 84 The Audiopedia
What is WEB OF TRUST? What does WEB OF TRUST mean? WEB OF TRUST meaning & explanation
 
04:01
What is WEB OF TRUST? What does WEB OF TRUST mean? WEB OF TRUST meaning - WEB OF TRUST definition - WEB OF TRUST explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. In cryptography, a web of trust is a concept used in PGP, GnuPG, and other OpenPGP-compatible systems to establish the authenticity of the binding between a public key and its owner. Its decentralized trust model is an alternative to the centralized trust model of a public key infrastructure (PKI), which relies exclusively on a certificate authority (or a hierarchy of such). As with computer networks, there are many independent webs of trust, and any user (through their identity certificate) can be a part of, and a link between, multiple webs. The web of trust concept was first put forth by PGP creator Phil Zimmermann in 1992 in the manual for PGP version 2.0: As time goes on, you will accumulate keys from other people that you may want to designate as trusted introducers. Everyone else will each choose their own trusted introducers. And everyone will gradually accumulate and distribute with their key a collection of certifying signatures from other people, with the expectation that anyone receiving it will trust at least one or two of the signatures. This will cause the emergence of a decentralized fault-tolerant web of confidence for all public keys. All OpenPGP-compliant implementations include a certificate vetting scheme to assist with this; its operation has been termed a web of trust. OpenPGP identity certificates (which include public key(s) and owner information) can be digitally signed by other users who, by that act, endorse the association of that public key with the person or entity listed in the certificate. This is commonly done at key signing parties. OpenPGP-compliant implementations also include a vote counting scheme which can be used to determine which public key – owner association a user will trust while using PGP. For instance, if three partially trusted endorsers have vouched for a certificate (and so its included public key – owner binding), OR if one fully trusted endorser has done so, the association between owner and public key in that certificate will be trusted to be correct. The parameters are user-adjustable (e.g., no partials at all, or perhaps 6 partials) and can be completely bypassed if desired. The scheme is flexible, unlike most public key infrastructure designs, and leaves trust decision(s) in the hands of individual users. It is not perfect and requires both caution and intelligent supervision by users. Essentially all PKI designs are less flexible and require users to follow the trust endorsement of the PKI generated, certificate authority (CA)-signed, certificates. There are two keys: a public key which is shared openly and a private key that only the user knows. The user's private key will decrypt any information encrypted with the user's public key. In the web of trust, each user has a ring with a group of people's public keys. Users encrypt their information with the recipient's public key, and only the recipient's private key will decrypt it. Each user then digitally signs the information with their private key, so when they verify it with their own public key, they can confirm that it is the person in question. Doing this will ensure that the information came from the specific user and has not been tampered with, and only the intended recipient can read the information (because only they know their private key).
Views: 1949 The Audiopedia
What is INTERPOLATION ATTACK? What does INTERPOLATION ATTACK mean? INTERPOLATION ATTACK meaning
 
02:05
What is INTERPOLATION ATTACK? What does INTERPOLATION ATTACK mean? INTERPOLATION ATTACK meaning - INTERPOLATION ATTACK definition - INTERPOLATION ATTACK explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ In cryptography, an interpolation attack is a type of cryptanalytic attack against block ciphers. After the two attacks, differential cryptanalysis and linear cryptanalysis, were presented on block ciphers, some new block ciphers were introduced, which were proven secure against differential and linear attacks. Among these there were some iterated block ciphers such as the KN-Cipher and the SHARK cipher. However, Thomas Jakobsen and Lars Knudsen showed in the late 90's that these ciphers were easy to break by introducing a new attack called the interpolation attack. In the attack, an algebraic function is used to represent an S-box. This may be a simple quadratic, or a polynomial or rational function over a Galois field. Its coefficients can be determined by standard Lagrange interpolation techniques, using known plaintexts as data points. Alternatively, chosen plaintexts can be used to simplify the equations and optimize the attack. In its simplest version an interpolation attack expresses the ciphertext as a polynomial of the plaintext. If the polynomial has a relative low number of unknown coefficients, then with a collection of plaintext/ciphertext (p/c) pairs, the polynomial can be reconstructed. With the polynomial reconstructed the attacker then has a representation of the encryption, without exact knowledge of the secret key. The interpolation attack can also be used to recover the secret key. It is easiest to describe the method with an example.
Views: 97 The Audiopedia
What is BLISS SIGNATURE SCHEME? What does BLISS SIGNATURE SCHEME mean?
 
01:35
What is BLISS SIGNATURE SCHEME? What does BLISS SIGNATURE SCHEME mean? BLISS SIGNATURE SCHEME meaning - BLISS SIGNATURE SCHEME definition - BLISS SIGNATURE SCHEME explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ BLISS (short for Bimodal Lattice Signature Scheme) is a digital signature scheme proposed by Léo Ducas, Alain Durmus, Tancrede Lepoint and Vadim Lyubashevsky in their 2013 paper "Lattice Signature and Bimodal Gaussians". In cryptography, digital signature ensures that a message is authentically from a specific person who has the private key to create such signature, and such signature can be verified using the corresponding public key. Current signature schemes relies on one of integer factorization, discrete logarithm, and elliptic curve discrete logarithm problem, which can be effectively attacked by a quantum computer. BLISS on the other hand, is a post-quantum algorithm, and is meant to resist quantum computer attacks. Compared to other post-quantum schemes, BLISS claims to offer better computational efficiency, smaller signature size, and higher security. A presentation given at NIST has therefore anticipated that BLISS be further refined and become a potential candidate for standardization.
Views: 71 The Audiopedia
What is HARDWARE OBFUSCATION? What does HARDWARE OBFUSCATION mean?
 
04:30
What is HARDWARE OBFUSCATION? What does HARDWARE OBFUSCATION mean? HARDWARE OBFUSCATION meaning - HARDWARE OBFUSCATION definition - HARDWARE OBFUSCATION explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Hardware obfuscation is a technique by which the description or the structure of electronic hardware is modified to intentionally conceal its functionality, which makes it significantly more difficult to reverse-engineer. In essence, it is different from digital watermarking (where the ownership is concealed in the digital content itself), or from hardware intellectual property (IP) watermarking where the ownership information is embedded and concealed in the description of a circuit. It is also different from cryptography-based hardware IP protection techniques common in the design flow of Field Programmable Gate Array. The importance of hardware watermarking has increased in the recent years due to widespread adoption of hardware IP based design practices for modern integrated circuits (ICs) such as system on chips (SoCs). Major security issues associated with hardware IPs include: (a) hardware intellectual property infringement during SoC design; (b) reverse engineering the manufactured ICs or the IC design database (in fabrication facilities) to produce counterfeit or clone ICs; and (c) malicious modifications of an IP through the insertion of hardware Trojan to cause in-field functional failure. Hardware obfuscation aims at minimizing these threats at IP or chip level by making it difficult for an adversary to comprehend the actual functionality of a design. Hardware obfuscation techniques can be classified into two main categories: (a) the "passive" techniques, which do not directly affect the functionality of the electronic system, and (b) the "active" techniques, which directly alter the functionality of the system. Often the active hardware obfuscation techniques are "key-based", such that normal functionality of the obfuscated design can only be enabled by the successful application of a single pre-determined key or a sequence of secret keys at the input; otherwise the circuit operates in a mode, which exhibits incorrect functionality. This can be done by embedding a well-hidden finite state machine (FSM) in the circuit to control the functional modes based on application of key. The technique of key-based, active hardware obfuscation is similar in principle to private-key cryptographic approaches for information protection, since the "key sequence" for the obfuscated design plays a similar role as the cryptographic key. The technique can be applied at different levels of hardware description, namely gate-level or register transfer level (RTL) design and hence can be used to protect soft, firm and hard IP cores. Obfuscation can also help to effectively hide security features in an IC and thus enable protection of ICs from counterfeiting and cloning in fabrication facilities. In contrast, the passive techniques modify the circuit description in a soft form (e.g. syntactic changes), such that it becomes difficult for a human reader to understand the functionality of the circuit. These approaches typically employ either string-substitution (including variable name change, comment removal, etc.), or structural change in the hardware description language (HDL) description of a circuit (including loop unrolling, register renaming, etc.). A major shortcoming of the passive approaches is that they do not modify the black box functionality of a circuit, and hence cannot prevent potential usage of an IP as black-box in a design. Moreover, the actual strength of such passive obfuscation is debatable, since, in general, black-box obfuscation does not exist, at least for software programs computing certain mathematical functions. Hardware watermarking can be used in conjunction with hardware obfuscation. In an obfuscated design, watermarking can be effective in providing a second line of defense against unlicensed copying efforts.
Views: 119 The Audiopedia
What is KEY RING FILE? What does KEY RING FILE mean? KEY RING FILE meaning, definition & explanation
 
01:13
What is KEY RING FILE? What does KEY RING FILE mean? KEY RING FILE meaning - KEY RING FILE definition - KEY RING FILE explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. A key ring is a file which contains multiple public keys of certificate authority (CA). A key ring is a file which is necessary for Secure Sockets Layer (SSL) connection over the web. It is securely stored on the server which hosts the website. It contains the public/private key pair for the particular website. It also contains the public/private key pairs from various certificate authorities and the trusted root certificate for the various certification authorities. An entity or website administrator has to send a certificate signing request (CSR) to the CA. The CA then returns a signed certificate to the entity. This certificate received from the CA has to be stored in the key ring.
Views: 59 The Audiopedia
What is INTERLOCK PROTOCOL? What does INTERLOCK PROTOCOL mean? INTERLOCK PROTOCOL meaning
 
02:20
What is INTERLOCK PROTOCOL? What does INTERLOCK PROTOCOL mean? INTERLOCK PROTOCOL meaning - INTERLOCK PROTOCOL definition - INTERLOCK PROTOCOL explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ The interlock protocol, as described by Ron Rivest and Adi Shamir, was designed to frustrate eavesdropper attack against two parties that use an anonymous key exchange protocol to secure their conversation. A further paper proposed using it as an authentication protocol, which was subsequently broken. Most cryptographic protocols rely on the prior establishment of secret or public keys or passwords. However, the Diffie-Hellman key exchange protocol introduced the concept of two parties establishing a secure channel (that is, with at least some desirable security properties) without any such prior agreement. Unauthenticated Diffie-Hellman, as an anonymous key agreement protocol, has long been known to be subject to man in the middle attack. However, the dream of a "zipless" mutually authenticated secure channel remained. The Interlock Protocol was described as a method to expose a middle-man who might try to compromise two parties that use anonymous key agreement to secure their conversation. The Interlock protocol works roughly as follows: Alice encrypts her message with Bob's key, then sends half her encrypted message to Bob. Bob encrypts his message with Alice's key and sends half of his encrypted message to Alice. Alice then sends the other half of her message to Bob, who sends the other half of his. The strength of the protocol lies in the fact that half of an encrypted message cannot be decrypted. Thus, if Mallory begins her attack and intercepts Bob and Alice's keys, Mallory will be unable to decrypt Alice's half-message (encrypted using her key) and re-encrypt it using Bob's key. She must wait until both halves of the message have been received to read it, and can only succeed in duping one of the parties if she composes a completely new message.
Views: 343 The Audiopedia
Swiss Lawmakers Take Steps Toward Bitcoin Regulation (The Cryptoverse #136)
 
10:59
On today's episode of The Cryptoverse: Its national railway service may have already jumped on the bitcoin bandwagon, but Switzerland is taking a slower approach as it looks to regulate digital currencies and fintech. Please Support The Cryptoverse Podcast by visiting the Cryptoversity Store: https://www.cryptoversity.com/store Please Support The Cryptoverse With A Bitcoin Donation: 1Lak8zkQbUB5FgDD6ci6M82oTVBveuBxBT Subscribe to the podcast here: https://www.cryptoversity.com/podcast/ Today's episode is sponsored by TunnelBear, the simple VPN app that makes it easy to browse the web privately and enjoy a more open and secure Internet experience. [Try it for free here](http://click.tunnelbear.com/SH8n) Disclaimer: I personally use TunnelBear every day and if you decide to upgrade to a paid plan using my link it generates commission to help support the show. Sources: [The Original Article on CoinDesk](http://www.coindesk.com/switzerland-bitcoin-regulation/) [List ob LBRY Team Members](https://lbry.io/team) [Wikipedia Article on The Two Generals Problem](https://en.wikipedia.org/wiki/Two_Generals%27_Problem) [Dictionary Definition of Regulate](http://www.dictionary.com/browse/regulate?s=t) Produced by Cryptoversity.com the online school for learning about Bitcoin, crypto-currencies and blockchains. https://www.cryptoversity.com/ Please upvote to support the show, I really appreciate it. https://steemit.com/crypto-news/@marketingmonk/swiss-lawmakers-take-steps-toward-bitcoin-regulation-the-cryptoverse-136
Views: 1096 The Cryptoverse
What is CHOSEN-CIPHERTEXT ATTACK? What does CHOSEN-CIPHERTEXT ATTACK mean?
 
05:57
What is CHOSEN-CIPHERTEXT ATTACK? What does CHOSEN-CIPHERTEXT ATTACK mean? CHOSEN-CIPHERTEXT ATTACK meaning - CHOSEN-CIPHERTEXT ATTACK definition - CHOSEN-CIPHERTEXT ATTACK explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ A chosen-ciphertext attack (CCA) is an attack model for cryptanalysis where the cryptanalyst can gather information by obtaining the decryptions of chosen ciphertexts. From these pieces of information the adversary can attempt to recover the hidden secret key used for decryption. For formal definitions of security against chosen-ciphertext attacks, see for example: Michael Luby and Mihir Bellare et al. A number of otherwise secure schemes can be defeated under chosen-ciphertext attack. For example, the El Gamal cryptosystem is semantically secure under chosen-plaintext attack, but this semantic security can be trivially defeated under a chosen-ciphertext attack. Early versions of RSA padding used in the SSL protocol were vulnerable to a sophisticated adaptive chosen-ciphertext attack which revealed SSL session keys. Chosen-ciphertext attacks have implications for some self-synchronizing stream ciphers as well. Designers of tamper-resistant cryptographic smart cards must be particularly cognizant of these attacks, as these devices may be completely under the control of an adversary, who can issue a large number of chosen-ciphertexts in an attempt to recover the hidden secret key. It was not clear whether public key cryptosystems can withstand the chosen ciphertext attack until the initial work of Moni Naor and Moti Yung in 1990, which suggested a mode of dual encryption with integrity proof (now known as the "Naor-Yung" encryption paradigm). When a cryptosystem is vulnerable to chosen-ciphertext attack, implementers must be careful to avoid situations in which an adversary might be able to decrypt chosen-ciphertexts (i.e., avoid providing a decryption oracle). This can be more difficult than it appears, as even partially chosen ciphertexts can permit subtle attacks. Additionally, other issues exist and some cryptosystems (such as RSA) use the same mechanism to sign messages and to decrypt them. This permits attacks when hashing is not used on the message to be signed. A better approach is to use a cryptosystem which is provably secure under chosen-ciphertext attack, including (among others) RSA-OAEP secure under the random oracle heuristics, Cramer-Shoup and many forms of authenticated symmetric encryption when one uses symmetric encryption rather than public key cryptography. Chosen-ciphertext attacks, like other attacks, may be adaptive or non-adaptive. In an adaptive chosen-ciphertext attack, the attacker can use the results from prior decryptions to inform their choices of which ciphertexts to have decrypted. In a non-adaptive attack, the attacker chooses the ciphertexts to have decrypted without seeing any of the resulting plaintexts. After seeing the plaintexts, the attacker can no longer obtain the decryption of additional ciphertexts. A specially noted variant of the chosen-ciphertext attack is the "lunchtime", "midnight", or "indifferent" attack, in which an attacker may make adaptive chosen-ciphertext queries but only up until a certain point, after which the attacker must demonstrate some improved ability to attack the system. The term "lunchtime attack" refers to the idea that a user's computer, with the ability to decrypt, is available to an attacker while the user is out to lunch. This form of the attack was the first one commonly discussed: obviously, if the attacker has the ability to make adaptive chosen ciphertext queries, no encrypted message would be safe, at least until that ability is taken away. This attack is sometimes called the "non-adaptive chosen ciphertext attack"; here, "non-adaptive" refers to the fact that the attacker cannot adapt their queries in response to the challenge, which is given after the ability to make chosen ciphertext queries has expired.
Views: 1960 The Audiopedia