Topic: authentication
Topic: communication protocols
Topic: digital signature
Topic: file
Topic: key distribution
Topic: micropayment systems
Topic: operating system security
Topic: password protection
Topic: public key encryption
Topic: one-way hash function
Topic: random number generation
Topic: security by capabilities
Topic: security leaks and weaknesses
| |
Subtopic: cryptology
Quote: survey of cryptology and computational complexity; cryptographic protocols, one-way functions, public-key, interactive proof systems, and zero-knowledge protocols [»rothJ12_2002]
| Subtopic: encryption policy
Quote: a secure OS needs mandatory security, controlled by a policy administrator, that enforces who has access to data and its encryption [»schnB_2000]
| Subtopic: cryptographic strength
Quote: the strength of a cryptographic system should match the duration of the secret information [»giffDK4_1982]
| Quote: should not protect lots of information with a single key; reduces vulnerability to cryptoanalytic successes and known-cleartext attacks [»giffDK4_1982]
| Quote: the value of information protected by encryption should be much less than the cost of decryption [»giffDK4_1982]
| Quote: guidelines for selecting the cryptographic key size; acceptable security for commercial applications [»lensAK9_2001]
| Quote: table of cryptographic key sizes; e.g., in 2020, hash functions will need 172 bits to be as secure as DES in 1982 [»lensAK9_2001]
| Subtopic: protocols
Quote: encryption protocols similar from public-key and conventional algorithms; public-key only has advantage for signed communications [»needRM12_1979]
| Quote: shouldn't unnecessarily divulge information, e.g., public keys should remain secret from non-users [»giffDK4_1982]
| Quote: Remotely Keyed Encryption Protocol combines a plaintext's hash value with a smartcard's secret key; allows high-bandwidth secret-key encryption despite the smartcard's low bandwidth [»blazM2_1996]
| Subtopic: file encryption
Quote: file encryption is fundamentally different from cryptographic communication; key management over time not space, lost keys corrupts files, low authentication needs [»blazM6_1994]
| Quote: implemented temporary escrow of file encryption keys by lazy evaluation with a smartcard; may be equivalent to 3-DES [»blazM6_1994]
| Subtopic: cryptographic separation
Quote: cryptographic separation for different uses of shared communication and storage media [»rushJ7_1983]
| Quote: separate communication channels by encryption and a high-quality checksum that includes a message's identification fields [»rushJ7_1983]
| Quote: separate communication channels by a different encryption key for each security partition [»rushJ7_1983]
| Quote: in Overshadow, a hypervisor encrypts memory in a virtual machine; it appears normal to the unmodified application; 30% slower [»chenX3_2008]
| Subtopic: encryption and message authentication (MAC)
Quote: Helix encrypts data and generates a MAC at the same time; optimized for speed [»fergN11_2003]
| Subtopic: distributed keys
Quote: robust key management by dividing data into n pieces with reconstructibility from any k pieces but no knowledge from k-1 pieces [»shamA11_1979]
| Quote: with a threshold scheme can divide a datum into n pieces such that need any k pieces to reconstruct D [»giffDK4_1982]
| Quote: implement secrecy/authentication policies with key-or (one of several) and key-and (all keys) [»giffDK7_1985, OK]
| Subtopic: exhaustive search
Quote: use Chinese lotto to rapidly perform exhaustive search; perform random tests by millions of participants; e.g., code breaking [»quisJJ11_1991]
| Subtopic: preventing attacks
Quote: gives a secure user encryption scheme for files; notes difficult problems with human engineering and protecting keys [»gudeE9_1980, OK]
| Quote: the procedures for using an encryption algorithm must withstand attack [»dennDE4_1984]
| Quote: can solve problem of message replays by adding time-stamps to encrypted messages; needs secure private keys and delay bounds [»dennDE8_1981]
| Quote: cipher block chaining prevents information leaks by modulating message contents, but not leaks from pattern-of-use channels [»rushJ7_1983]
| Subtopic: encryption algorithms
Quote: simple encryption by a linear feedback shift register and a nonlinear filter
| Quote: use hardware-supported DES for encryption; Andrew currently uses xor-encoding to exercise code and force decryption [»satyM8_1989]
| Quote: DES encryption is hard to invert and extremely slow when implemented by software [»morrR4_1978]
| Quote: frustrate statistical cryptoanalysis by diffusion and confusion; i.e., dissipate redundancy and complicate the relation of the key to the message [»shanCE10_1949]
| Quote: a good secrecy system: two substitutions before and after a mixing function; diffuses and confuses redundancy in the message [»shanCE10_1949]
| Quote: a good mixing function for natural language: a transposition followed by a sequence of alternating substitutions and linear operations
| Quote: bad error propagation for secrecy systems based on mixing functions [»shanCE10_1949]
| Quote: software generation of secure, practically strong random numbers; no specialized hardware or privileged system calls [»gutmP1_1998]
| Subtopic: encryption performance and efficiency
Quote: performance analysis of encryption algorithms on the Intel Pentium; general optimization principles [»schnB1_1997]
| Quote: how to optimize RSA encryption and decryption; software often faster than hardware implementations [»wienMJ2_2000]
| Quote: encryption algorithms designed for efficiency [»schnB1_1997]
| Quote: CryptoLib is a portable and efficient library for public and private key encryption systems [»lacyJB10_1993]
| Quote: performance testing of cryptographic algorithms written in optimized assembly code [»prenB12_1998]
| Quote: performance of crypt password authentication increased from 4 per second in 1976 to 200,000 per second in 1999
| Quote: use bcrypt and eksblowfish for adaptable cost encryption and password authentication [»provN6_1999]
| Subtopic: examples of encryption
Quote: Community Information Service broadcasts encrypted messages with a key identifier [»giffDK12_1985]
| Quote: cryptographic micropayment system for electricity meters; many users, low overhead, robust [»andeRJ5_1996]
| Quote: a Helix server provides 96-bit capabilities which encrypt access rights to an object with 40 bits padding [»fridM5_1985]
| Quote: Amoeba capabilities are vulnerable to intruders; may need link encryption; if so, are capabilities needed? [»taneAS12_1990]
| QuoteRef: muelC_1982 ;;487 design for a secure local network based on DES and public-key cryptography.
|
Related Topics
Topic: authentication (93 items)
Topic: communication protocols (62 items)
Topic: digital signature (25 items)
Topic: file (22 items)
Topic: key distribution (35 items)
Topic: micropayment systems (8 items)
Topic: operating system security (18 items)
Topic: password protection (44 items)
Topic: public key encryption (30 items)
Topic: one-way hash function (24 items)
Topic: random number generation (29 items)
Topic: security by capabilities (65 items)
Topic: security leaks and weaknesses (67 items)
|