Password Based Cryptography
The following document provides a guideline for implementation of password-based (symmetric) cryptography. The goal of this guideline is to provide a relatively simple and secure implementation. The document follows the PKCS#5 v2 standard in all aspects except for the message format. The message is instead stored in XML rather then ASN.1.
Read the Article
|
Keeping Your Private Files Private: An Introduction to GNU Privacy Guard.
This week's article is an introduction to cryptography using GNU Privacy Guard.
Read the Article
|
Using PGP to Verify Digital Signatures
PGP stands for Pretty Good Privacy. It is a computer program that uses mathematical algorithms to encrypt files and protect them from unauthorized access. It is also used to digitally sign and verify documents. Versions of the PGP program are available for most popular computer operating systems-Microsoft Windows, MacOS, and UNIX, to name a few.
Read the Article
|
Building a Secured OS for a Root Certificate Authority
This paper discusses the procedures necessary for securing an installation of Red Hat Enterprise Server 2.1 in support of a root certificate authority that will eventually function in the Higher Education Bridge Certificate Authority. As a basis of evaluation, the Federal Bridge Certificate Authority requirements will be used to provide guidance for assembling the certificate authority, as published by the Higher Education Public Key Infrastructure Policy Activities Group.
Read the Article
|
Cryptography 2000 10
Cryptography is both a fascinating mathematical science and a key technology for the emerging information society, with theory and applications being closely related. This article reviews some highlights of the past ten years of research in cryptography and its applications and discusses some of the main challenges for future research.
Read the Article
|
Security Implications of Hardware vs. Software Cryptographic Modules
Cryptographic modules can be implemented either by hardware or by software. Whereas software implementations are known for being easier to develop and to maintain, when it comes to cryptographic modules or security-related applications in general, software implementations are significantly less secure than their hardware equivalents. The reason for this is due mostly to the fact that software solutions make use of shared memory space, are running on top of an operating system and are more fluid in terms of ease of modification.
Read the Article
|
Key Iterations & Cryptographic Salts
One of the most powerful attacks one can mount on encrypted data is a Dictionary Attack. A dictionary attack is a form of a brute force attack, which simply tries every single combination of a key against encrypted data. However, in most cases, this is not needed. User passphrases are unfortunately sometimes based on real words, dates, names, etc. We can eliminate most of the pass-phrase combinations by simply testing for most probable 30,000 words. An English dictionary is a good place to start, hence the term Dictionary Attack. This means that a key with a 128 bit key space, which has 3.4 x 1038 possible combinations, has just been reduced to just over 30,000 (somewhere between 11 and 12 bits). A computer that can process just 1 pass-phrase per second can run through the dictionary in just over 8 hours.
Read the Article
|
Advanced Encryption Standard by Example
The following document provides a detailed and easy to understand explanation of the implementation of the AES(RIJNDAEL) encryption algorithm. The purpose of this paper is to give developers with little or no knowledge of cryptography the ability to implement AES.
Read the Article
|
The Basics and use of XOR
XOR ... also know as 'exclusive or' is an operator used in Bit calculations. I am assuming that you know about the 1's and 0's being the core of a computer and other mathematical number systems yadda yadda Xor compares two bits and outputs a bit depending on what was 'xored' together.
Read the Article
|
Basics of Cryptography
I expect you have read one or to papers on cryptography...like everyone else You read, looked confused, felt confused, and a few probably ran away and Cried. Why? Because the encryption used today"s is industrial strength. That"s Because its has to be as our lives rely on information, and so do businesses, So encryption has to stronger than an iron sponge soaked in super glue to keep Our secrets safe. So any papers on the subject start at the top because that is the standard today. But I will start at the beginning (that"s original) so you can learn the Basics of cryptography and build from there.
Read the Article
|
