|
| |
| | FIPS 140-1 - Security Requirements for Cryptographic Modules |
 | | An example of a cryptographic module for which the operating system requirements apply is a cryptographic module which is a general purpose computer running cryptographic software as well as untrusted user-supplied software (e.g., a spreadsheet or word processing program). | | | The cryptographic algorithm shall be tested by operating the algorithm on data for which the correct output is already known (i.e., a "known-answer" test). | | | A cryptographic mechanism using a FIPS approved authentication technique (e.g., the computation and verification of a data authentication code or NIST digital signature algorithm) shall be applied to the cryptographic software within the cryptographic module. |
|
http://www.itl.nist.gov/fipspubs/fip140-1.htm
|
|
| |
| | Security Policies: Windows 2000 Cryptographic Providers |
| | The cryptographic boundary for DSSBASE is defined as the enclosure of the computer system on which the cryptographic module is to be executed. | | | The cryptographic boundary for DSSENH is defined as the enclosure of the computer system on which the cryptographic module is to be executed. | | | The cryptographic boundary for RSABASE is defined as the enclosure of the computer system on which the cryptographic module is to be executed. |
|
http://www.microsoft.com/technet/security/prodtech/Windows2000/wn2cspsp.mspx
|
|
| |
| | Cryptographic Button Program - CANBERRA, An AREVA Group Company |
| | Furthermore, it is a more reliable method of key possession than the commonly used method of placing the key onto a floppy disk; the iButton is more difficult to duplicate and the proliferation of the key can be more effectively controlled. | | | Fortunately, the public key methods, which were invented specifically to solve the key exchange problem, are very easy to implement. | | | In either case, the instrument processor must perform the data formatting and hashing; however, the cryptographic iButton can be the means of secure key generation and storage as well as provide final signatures of the data digest. |
|
http://www.canberra.com/literature/1071.asp
|
|
| |
| | Java Cryptography Architecture |
| | Given the public key corresponding to the private key used to generate the signature, it should be possible to verify the authenticity and integrity of the input. | | | This algorithm is the key pair generation algorithm described in NIST FIPS 186 for DSA. | | | A key pair generator for a particular algorithm creates a public/private key pair that can be used with this algorithm. |
|
http://java.sun.com/j2se/1.4/docs/guide/security/CryptoSpec.html
|
|
| |
| | Brute force attacks on cryptographic keys |
| | It is designed to foil attempts of a solver to exploit parallel or distributed computing to speed up the computation. | | | Minimal key lengths for symmetric ciphers to provide adequate commercial security: A report by an ad hoc group of cryptographers and computer scientists, January 1996. | | | The problems with running the server to distribute the segments of key space are described at http://www.brute.cl.cam.ac.uk/brute/hal2probs/. |
|
http://www.cl.cam.ac.uk/users/rnc1/brute.html
|
|
| |
| | Quantum Information Networks |
| | Richard Kuhn, A Quantum Cryptographic Protocol with Detection of Compromised Server quant-ph/0311085, Nov. 14, 2003. | | | Richard Kuhn, Vulnerabilities in Quantum Key Distribution Protocols, quant-ph/0305076, May 14, 2003. | | | Daegene Song, Secure Key Distribution by Swapping Quantum Entanglement, Physical Review A 69 034301 (March 5, 2004). |
|
http://math.nist.gov/quantum/index.html
|
|
| |
| | Self Incrimination and Cryptographic Keys |
| | [59] Indeed, if the person providing the information has never shared that information with anyone else, a cryptographic key provides a more effective way of authenticating than locks, because it is easier to pick locks than to decrypt without a key. | | | Waterfront Comm'n, 378 U.S. Programs using encryption keys can now make information highly resistant to decrypting even if the algorithm for encrypting the information is known. | | | In the example in the text, that might be fornication in Massachusetts or using Woodsy Owl to advertise one's 4-H group. |
|
http://law.richmond.edu/jolt/v2i1/sergienko.html
|
|
| |
| | T 5.83 Compromising cryptographic keys - IT BAseline Protection Manual 1.7 |
| | In the case of symmetric cryptographic techniques such as DES, for example, it is currently possible to determine the key using huge numbers of parallel computers (brute-force attack). | | | With knowledge of both the key and the cryptographic algorithm used, it is normally easy to revert the encryption and obtain plain text. | | | Unsuitable processes are used to produce the key, for example to determine random numbers or derive the key. |
|
http://www.bsi.de/english/gshb/manual/t/t05083.html
|
|
| |
| | PRIMES is in P little FAQ |
| | Certain algorithms need to generate prime numbers in order to construct cryptographic keys, but algorithms to accomplish this which can be executed very efficiently already existed before the result in [1]. | | | The most commonly used ones have a probability of error, but this error can be made to be arbitrarily small (see question 9) and thus they give us practically the same assurance as the algorithm proposed in P. These algorithms that are commonly used in practice are actually faster than the ones proposed in [1]. | | | If one could efficiently factor large integers, then certain cryptographic algorithms would be broken (such as the famous RSA encryption and signature schemes). |
|
http://crypto.cs.mcgill.ca/~stiglic/PRIMES_P_FAQ.html
|
|
| |
| | ISG People |
| | His research interests include computational number theory, computational algebraic geometry and public key cryptography. | | | In the 1980s he initiated many of the changes in CESG's public profile as they started to engage in open fora, both national and international, during the early stages of the development of open standards for computer security. | | | Prior to joining Vodafone he was Head of Mathematics at Racal Research Ltd. He has led a number of UK and EU collaborative projects on security for mobile communications, and he has designed cryptographic algorithms and security systems for mobile communications systems, satellite systems, EFTPOS, ATM and military tactical radio. |
|
http://www.isg.rhul.ac.uk/people/academic.shtml
|
|
| |
| | Cryptology Science Tracer Bullet - Science Reference Services, Library of Congress) |
| | With advances in computers and telecommunications and increased dependence on such systems, the use of cryptography has found new applications in the lives of individuals and in the world of commerce. | | | Based on holdings of the Library of Congress, it is designed -- as the name of the series implies -- to put the reader "on target." Refer also to a related guide, Computer Crime and Security (TB 94-1). | | | Cryptology is the art and science of making and breaking codes and ciphers. |
|
http://www.lcweb.loc.gov/rr/scitech/tracer-bullets/cryptologytb.html
|
|
| |
| | random.org - who is using random.org? |
| | Numbers from random.org shouldn't be used for this purpose because they might be observed by a third party while in transit, but there are other applications (most notably games and lottery type services) that require true randomness but where secrecy isn't important. | | | For instance, with a Schlage brand lock the maximum useable difference between two adjacent cuts on a key is 7 depths. | | | As mentioned in my essay on randomness and random numbers, true random numbers can be used for many purposes, perhaps the most important of which is the generation of cryptographic keys. |
|
http://www.random.org/users.html
|
|
| |
| | How to protect the cryptographic keys |
| | It's important to encrypt sensitive business information in transit across the Internet and in storage within the enterprise. | | | If you're storing your keys on servers, your data may be vulnerable to theft. | | | But your encrypted data is only as secure as the cryptographic keys that protect it. |
|
http://whatis.techtarget.com/whitepaperPage/0,293857,sid14_gci893930,00.html
|
|
| |
| | RFC 2137 |
| | DNS Dynamic Update operations have also been defined [RFC2136], but without a detailed description of security for the update operation. | | | Domain Name System (DNS) protocol extensions have been defined to authenticate the data in DNS and provide key distribution services [RFC2065]. | | | Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. |
|
http://www.freesoft.org/CIE/RFC/2137/index.htm
|
|
| |
| | Security of Biased Sources for Cryptographic Keys (ResearchIndex) |
| | It is in general assumed that the source producing these keys has uniformly distribution, that is, it produces keys from a given key space with equal probability. | | | Abstract: Cryptographic schemes are based on keys which are highly involved in granting their security. | | | Consequently, deviations from uniform distribution of the key source may be regarded a priori as a potential security breach, even if no dedicated attack is known, which might take advantage of these deviations. |
|
http://citeseer.ist.psu.edu/337897.html
|
|
| |
| | Extracting stable cryptographic keys and pointers from IrisCodes. |
| | Cryptographic keys must have all of their bits correct in order to work | | | Dodis, L. Reyzin, and A. Smith (2004) "Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data," | | | Extracting stable cryptographic keys and pointers from IrisCodes. |
|
http://www.cl.cam.ac.uk/users/jgd1000/biokeycrypto.html
|
|
| |
| | C |
| | Network World offers more than 55 FREE networking technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more. | | | VORTEX 2005: October 24-26, The Palace Hotel San Francisco, CA Time is running out to attend VORTEX - Join in the discussion with the industry’s best and brightest on the future of the $1 trillion enterprise IT market. |
|
http://www.networkworld.com/links/Encyclopedia/C/index.html
|
|
| |
| | Matthias's Cryptographic Keys |
| | My PGP key is a 2048 bit RSA key which was created on March 20th, 1998. | | | This page was last changed on October 18th, 2002. | | | If you're serious, then you better phone me and make sure first-hand that your copy is authentic. |
|
http://www.rtner.de/PGP
|
|
|
