DOCSLIB.ORG

View the Index

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
View the Index INDEX OF TERMS 2013, 2 Axolotl, 11 65537, 2 Backdoor, 11 A5/0, 2 Backtracking resistance, 11 A5/1, 2 Backward secrecy, 11 A5/2, 3 Base64, 12 A5/3, 3 BassOmatic, 12 A5/4, 3 BB84, 12 Adaptive attack, 3 bcrypt, 12 AEAD (authenticated encryption Biclique cryptanalysis, 13 with associated data) , 3 BIKE (Bit Flipping Key AES (Advanced Encryption Encapsulation), 13 Standard), 4 BIP (Bitcoin improvement AES-CCM, 4 proposal), 13 AES-GCM, 5 Bit Gold, 14 AES-GCM-SIV, 5 Bitcoin, 14 AES-NI, 5 Black, 14 AES-SIV, 6 BLAKE, 14 AIM (Advanced INFOSEC Machine), 6 BLAKE2, 14 AKA, 6 BLAKE3, 14 AKS (Agrawal–Kayal–Saxena), 7 Bleichenbacher attack, 15 Algebraic cryptanalysis, 7 Blind signature, 15 Alice, 7 Block cipher, 16 All-or-nothing transform (AONT), 7 Blockchain, 16 Anonymous signature, 8 Blockcipher, 17 Applied Cryptography, 8 Blowfish, 17 Applied cryptography, 8 BLS (Boneh-Lynn-Shacham) ARC4, 8 signature, 17 Argon2, 8 Bob, 18 ARX (Add-Rotate-XOR), 9 Boolean function, 18 ASIACRYPT, 9 Boomerang attack, 18 Asymmetric cryptography, 9 BQP (bounded-error quantum Attack, 9 polynomial time), 19 Attribute-based encryption (ABE), 10 Braid group cryptography, 19 Authenticated cipher, 11 Brainpool curves, 19 Break-in recovery, 20 Cryptologia, 29 Broadcast encryption, 20 Cryptology, 29 Brute-force attack, 20 Cryptonomicon, 29 Bulletproof, 20 Cryptorchidism, 30 Byzantine fault tolerance, 21 Cryptovirology, 30 CAESAR, 21 CRYPTREC, 30 Caesar’s cipher, 22 CSIDH (Commutative Supersingular CAVP (Cryptographic Algorithm Isogeny Diffie–Hellman), 30 Validation Program), 22 CTF (capture the flag), 31 CBC (cipher block chaining), 22 Cube attack, 31 CECPQ (combined elliptic-curve and Curve25519, 32 post-quantum), 22 Curve448, 32 Cellular automata, 22 Cypher, 32 Ceremony, 22 Daemon, 32 Certificate, 23 Davies–Meyer, 32 Certificate authority (CA), 23 Decentralized private Certificate transparency (CT), 23 computation, 33 ChaCha20, 23 Déchiffrer, 33 CHES (Conference on Cryptographic Décrypter, 33 Hardware and Embedded Deniable encryption, 33 Systems), 24 DES (Data Encryption Standard), 33 CIA, 24 Dictionary, 34 Ciphertext stealing, 24 Dictionary attack, 34 Clipper, 25 Differential cryptanalysis, 34 CMVP (Cryptographic Module Diffie–Hellman, 34 Validation Program), 25 Disclosure, 35 Code-based cryptography, 25 Discrete logarithm problem, 35 Commitment, 25 Distinguisher, 35 Concurrent zero-knowledge, 26 Distributed randomness, 35 Consensus protocol, 26 Dolev–Yao model, 36 Control word, 26 Double ratchet, 36 COPACOBANA (Cost-Optimized Dragonfly, 36 PArallel COde Breaker), 26 DRBG (deterministic random bit Cothority (collective authority), 26 generator), 37 Cryptanalysis, 26 DSA (Digital Signature Algorithm), 37 Cryptids, 27 DSS (Digital Signature Standard), 37 Crypto, 27 DVB-CSA, 38 CRYPTO, 27 E0, 38 Crypto AG, 27 ECB (electronic codebook), 38 Crypto period, 28 ECC, 38 Crypto variable, 28 ECDLP (Elliptic-curve discrete Crypto wars, 28 logarithm problem), 39 Cryptobiosis, 28 ECDSA (Elliptic-curve DSA), 39 Cryptocurrency, 29 ECIES (Elliptic-curve IES), 39 Crypto-Gram, 29 Ed25519, 40 Cryptography, 29 EdDSA, 40 140 Break-in recovery EKMS (Electronic Key Management Heartbleed, 53 System), 40 Hedged signature, 53 Electronic codebook, 41 HFE (Hidden Field Equations), 54 ElGamal, 41 HMAC (Hash-based MAC), 54 Elligator, 41 Homomorphic encryption, 54 Elliptic curve, 41 HPC (Hasty Pudding Cipher), 54 Elliptic-curve cryptography, 42 HSM (hardware security module), 55 Encipherment, 42 HTTP/3, 56 End-to-end encryption (E2EE), 42 Hyperelliptic-curve cryptography, 56 Enigma, 43 IACR (International Association for Entropy, 43 Cryptologic Research), 56 ePrint, 44 IDEA (International Data Encryption Erathosthenes’ sieve, 44 Algorithm), 56 eSTREAM, 44 IDEA NXT, 57 Ethereum, 44 Identity-based encryption, 57 Eurocrypt, 45 IES (Integrated Encryption Eve, 45 Scheme), 57 E-voting, 45 Impatient saboteur, 57 Factoring problem, 45 Impossibility, 57 Feedback shift register, 46 Impossible differential attack, 57 Feistel network, 46 IND-CCA, 58 Fialka (Фиалка), 46 IND-CPA, 58 Fiat–Shamir, 46 Indelibility, 58 FIPS 140-2, 47 Indifferentiability, 58 FIPS 140-3, 47 Indistinguishability, 59 Forgery, 48 Indistinguishability obfuscation Formal verification, 48 (iO), 59 Format-preserving encryption, 48 Information-theoretic security, 59 Forward secrecy, 48 INT-CTXT, 60 FOX, 49 Invisible signature, 60 FSE (Fast Software Encryption), 49 IOTA, 60 Fully homomorphic encryption, 49 IPES (Improved Proposed Encryption Functional encryption, 49 Standard), 60 Future secrecy, 50 IPSec, 60 Fuzzy extractor, 50 ISO standard, 61 Generalized birthday problem, 50 Isogeny-based cryptography, 61 GNFS (General Number Field Journal of Cryptology (JoC), 61 Sieve), 51 KASUMI, 61 GOST, 51 Keccak, 62 Grain, 51 KeeLoq, 62 Gröbner basis, 51 KEM (key encapsulation Group signature, 51 mechanism), 62 Grover’s algorithm, 52 Kerberos, 62 Hardcore predicate, 52 Kerckhoffs’ principles, 63 Hash function, 52 Key derivation function (KDF), 64 Hash-based cryptography, 53 Key escrow, 65 Key escrow 141 Key management, 66 Mixnet, 76 Key wrapping, 66 MQV (Menezes–Qu–Vanstone), 77 Kleptography, 66 Multicollision, 77 Known-key attack, 66 Multi-party computation (MPC), 77 Kupyna (Купина), 66 Multivariate cryptography, 77 Laconic zero-knowledge proof, 66 NBS (National Bureau of Lai–Massey, 67 Standards), 77 Lamport signature, 67 NESSIE (New European Schemes Lattice-based cryptography, 68 for Signatures, Integrity, and Le Chiffre, 68 Encryption), 78 Leakage-resilient cryptography, 68 “New Directions in Cryptography”, 78 Learning with errors (LWE), 68 NFSR (nonlinear feedback shift Length extension attack, 69 register), 79 Length-preserving encryption, 69 NIST (National Institute of Standards LFSR (linear feedback shift and Technology), 79 register), 70 NIZK (non-interactive zero- Lightweight cryptography, 70 knowledge), 80 Linear cryptanalysis, 70 Noekeon, 80 Linkability, 70 Noise, 80 LM hash, 70 Nonce, 80 Luby–Rackoff, 71 Non-committing encryption, 81 Lucifer, 71 Non-outsourceability, 81 MAC (message authentication Non-slanderability, 81 code), 71 NSA (National Security Agency), 81 MAGENTA, 72 NT hash, 81 Malleability, 72 NTRU (Nth degree Truncated Manger attack, 72 polynomial Ring Units), 82 Man-in-the-middle, 72 Null cipher, 82 MASH (Modular Arithmetic Secure OAEP (Optimal Asymmetric Hash), 73 Encryption Padding), 82 McEliece encryption scheme, 73 Oblivious key management system MD4, 73 (OKMS), 82 MD5, 73 Oblivious PRF (OPRF), 83 MDC (Message Digest Cipher), 73 Oblivious RAM (ORAM), 83 MDC-2 (Modification Detection Oblivious transfer, 83 Code 2), 73 Obscurity, 83 Meet-in-the-middle, 73 OCB (offset codebook mode), 84 Merkle puzzle, 74 One-time pad, 84 Merkle tree, 74 One-way function, 84 Merkle–Damgård construction, 74 Onion-AE, 84 Mersenne twister, 74 OPAQUE, 84 Message franking, 75 OpenSSL, 85 Miller–Rabin, 75 Oracle, 85 MINERVA, 75 OTR (Off-the-Record), 86 Mining, 75 Padding oracle attack, 86 Misuse resistance, 75 Paillier cryptosystem, 87 142 Key management Pairing, 87 Proof of work, 100 Pairing-based cryptography, 87 Provable security, 100 PAKE (password-authenticated key Provably secure, 100 exchange), 88 Proxy re-encryption, 101 Paradigm, 88 Pseudo-random, 101 Password hash function, 88 Pseudorandom function (PRF), 101 PBKDF2 (Password-Based Key Pseudorandom number generator Derivation Function 2), 89 (PRNG), 101 PCT (Private Communications Pseudorandom permutation Technology), 89 (PRP), 102 PEP (Plaintext equivalence proof), 89 Public-key cryptography, 102 Perfect forward secrecy, 89 PUF (physically unclonable Permutation-based cryptography, 90 function), 102 PES (Proposed Encryption Puncturable encryption, 102 Standard), 91 Puncturable pseudorandom function PET (Plaintext equivalence test), 91 (PPRF), 102 PFS, 91 Quantum computer, 103 PGP (Pretty Good Privacy), 91 Quantum cryptography, 103 Photuris, 91 Quantum encryption, 103 Picnic, 92 Quantum key distribution, 103 PKC, 92 Quantum signature, 103 PKCS (Public Key Cryptography QUIC (Quick UDP Internet Standards), 92 Connections), 104 Poly1305, 93 Rabin cryptosystem, 104 Polynomial complexity, 93 Rainbow tables, 104 Post-compromise security, 93 Random bits, 104 Post-quantum cryptography, 93 Random oracle, 104 Post-quantum RSA, 94 Randomness, 105 Prediction resistance, 94 Range proof, 105 Preimage, 94 RC4, 105 PRESENT, 95 RC5, 105 PRIMES, 95 RC6, 106 Privacy-preserving, 96 Real world, 106 Private information retrieval (PIR), 97 Real World Crypto (RWC), 106 Proof of burn, 98 Rectangle attack, 106 Proof of catalytic space, 98 Related-key attack, 107 Proof of human work, 98 Research papers, 107 Proof of replication, 98 Revocation, 108 Proof of reserve, 99 Rijndael, 108 Proof of security, 99 Ring signature, 108 Proof of sequential work, 99 RIPEMD-160, 108 Proof of space, 99 Rivest–Shamir–Adleman, 108 Proof of spacetime, 99 ROBOT (Return Of Bleichenbacher’s Proof of stake, 100 Oracle Threat), 109 Proof of storage, 100 ROS, 109 Proof of useful work, 100 RSA, 109 RSA 143 Rubber-hose cryptanalysis, 109 SNIP (secret-shared non-interactive Rumba20, 109 proof), 120 SAEP (Simplified OAEP), 110 SNOW 3G, 120 Salsa20, 110 Solitaire, 121 Sandwich attack, 110 SPECK, 121 S-box, 110 SPEKE (Simple Password Exponential Scalar, 111 Key Exchange), 121 sci.crypt, 111 SPHINCS, 121 Scrambler, 111 Sponge function, 121 scrypt, 111 SRP (Secure Remote Password), 122 Searchable encryption, 111 SSH (Secure Shell), 122 secp256k1, 112 SSL (Secure Socket Layer), 122 Secret sharing, 112 STARK (scalable transparent Security, 112
Load more

Recommended publications
  • GPU-Based Password Cracking on the Security of Password Hashing Schemes Regarding Advances in Graphics Processing Units
    Radboud University Nijmegen Faculty of Science Kerckhoffs Institute Master of Science Thesis GPU-based Password Cracking On the Security of Password Hashing Schemes regarding Advances in Graphics Processing Units by Martijn Sprengers [email protected] Supervisors: Dr. L. Batina (Radboud University Nijmegen) Ir. S. Hegt (KPMG IT Advisory) Ir. P. Ceelen (KPMG IT Advisory) Thesis number: 646 Final Version Abstract Since users rely on passwords to authenticate themselves to computer systems, ad- versaries attempt to recover those passwords. To prevent such a recovery, various password hashing schemes can be used to store passwords securely. However, recent advances in the graphics processing unit (GPU) hardware challenge the way we have to look at secure password storage. GPU's have proven to be suitable for crypto- graphic operations and provide a significant speedup in performance compared to traditional central processing units (CPU's). This research focuses on the security requirements and properties of prevalent pass- word hashing schemes. Moreover, we present a proof of concept that launches an exhaustive search attack on the MD5-crypt password hashing scheme using modern GPU's. We show that it is possible to achieve a performance of 880 000 hashes per second, using different optimization techniques. Therefore our implementation, executed on a typical GPU, is more than 30 times faster than equally priced CPU hardware. With this performance increase, `complex' passwords with a length of 8 characters are now becoming feasible to crack. In addition, we show that between 50% and 80% of the passwords in a leaked database could be recovered within 2 months of computation time on one Nvidia GeForce 295 GTX.
    [Show full text]
  • Improved Rectangle Attacks on SKINNY and CRAFT
    Improved Rectangle Attacks on SKINNY and CRAFT Hosein Hadipour1, Nasour Bagheri2 and Ling Song3( ) 1 Department of Mathematics and Computer Science, University of Tehran, Tehran, Iran, [email protected] 2 Electrical Engineering Department, Shahid Rajaee Teacher Training University, Tehran, Iran, [email protected] 3 Jinan University, Guangzhou, China [email protected] Abstract. The boomerang and rectangle attacks are adaptions of differential crypt- analysis that regard the target cipher E as a composition of two sub-ciphers, i.e., 2 2 E = E1 ◦ E0, to construct a distinguisher for E with probability p q by concatenat- ing two short differential trails for E0 and E1 with probability p and q respectively. According to the previous research, the dependency between these two differential characteristics has a great impact on the probability of boomerang and rectangle distinguishers. Dunkelman et al. proposed the sandwich attack to formalise such dependency that regards E as three parts, i.e., E = E1 ◦ Em ◦ E0, where Em contains the dependency between two differential trails, satisfying some differential propagation with probability r. Accordingly, the entire probability is p2q2r. Recently, Song et al. have proposed a general framework to identify the actual boundaries of Em and systematically evaluate the probability of Em with any number of rounds, and applied their method to accurately evaluate the probabilities of the best SKINNY’s boomerang distinguishers. In this paper, using a more advanced method to search for boomerang distinguishers, we show that the best previous boomerang distinguishers for SKINNY can be significantly improved in terms of probability and number of rounds.
    [Show full text]
  • Security Evaluation of Stream Cipher Enocoro-128V2
    Security Evaluation of Stream Cipher Enocoro-128v2 Hell, Martin; Johansson, Thomas 2010 Link to publication Citation for published version (APA): Hell, M., & Johansson, T. (2010). Security Evaluation of Stream Cipher Enocoro-128v2. CRYPTREC Technical Report. Total number of authors: 2 General rights Unless other specific re-use rights are stated the following general rights apply: Copyright and moral rights for the publications made accessible in the public portal are retained by the authors and/or other copyright owners and it is a condition of accessing publications that users recognise and abide by the legal requirements associated with these rights. • Users may download and print one copy of any publication from the public portal for the purpose of private study or research. • You may not further distribute the material or use it for any profit-making activity or commercial gain • You may freely distribute the URL identifying the publication in the public portal Read more about Creative commons licenses: https://creativecommons.org/licenses/ Take down policy If you believe that this document breaches copyright please contact us providing details, and we will remove access to the work immediately and investigate your claim. LUND UNIVERSITY PO Box 117 221 00 Lund +46 46-222 00 00 Security Evaluation of Stream Cipher Enocoro-128v2 Martin Hell and Thomas Johansson Abstract. This report presents a security evaluation of the Enocoro- 128v2 stream cipher. Enocoro-128v2 was proposed in 2010 and is a mem- ber of the Enocoro family of stream ciphers. This evaluation examines several different attacks applied to the Enocoro-128v2 design. No attack better than exhaustive key search has been found.
    [Show full text]
  • Mobiceal: Towards Secure and Practical Plausibly Deniable Encryption on Mobile Devices
    2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks MobiCeal: Towards Secure and Practical Plausibly Deniable Encryption on Mobile Devices Bing Chang∗, Fengwei Zhang†, Bo Chen‡, Yingjiu Li∗, Wen-Tao Zhu§, Yangguang Tian∗, Zhan Wang¶ and Albert Ching ∗School of Information Systems, Singapore Management University, {bingchang, yjli, ygtian}@smu.edu.sg †Department of Computer Science, Wayne State University, [email protected] ‡Department of Computer Science, Michigan Technological University, [email protected] §Data Assurance and Communications Security Research Center, Chinese Academy of Sciences, [email protected] ¶RealTime Invent, Inc. i-Sprint Innovations Abstract—We introduce MobiCeal, the first practical Plausibly searched and copied when he was crossing a border, and he Deniable Encryption (PDE) system for mobile devices that can was inspected for seven times during five years [26]. defend against strong coercive multi-snapshot adversaries, who The existing PDE systems on mobile devices [21], [34], may examine the storage medium of a user’s mobile device at different points of time and force the user to decrypt data. [35], [43], [27], [20] are not resilient against such multi- MobiCeal relies on “dummy write” to obfuscate the differences snapshot attacks since they hide sensitive data in the ran- between multiple snapshots of storage medium due to existence domness initially filled across the entire disk. By comparing of hidden data. By incorporating PDE in block layer, MobiCeal storage snapshots at different points of time, a multi-snapshot supports a broad deployment of any block-based file systems on adversary may detect any unaccountable changes to the ran- mobile devices.
    [Show full text]
  • Lecture Note 8 ATTACKS on CRYPTOSYSTEMS I Sourav Mukhopadhyay
    Lecture Note 8 ATTACKS ON CRYPTOSYSTEMS I Sourav Mukhopadhyay Cryptography and Network Security - MA61027 Attacks on Cryptosystems • Up to this point, we have mainly seen how ciphers are implemented. • We have seen how symmetric ciphers such as DES and AES use the idea of substitution and permutation to provide security and also how asymmetric systems such as RSA and Diffie Hellman use other methods. • What we haven’t really looked at are attacks on cryptographic systems. Cryptography and Network Security - MA61027 (Sourav Mukhopadhyay, IIT-KGP, 2010) 1 • An understanding of certain attacks will help you to understand the reasons behind the structure of certain algorithms (such as Rijndael) as they are designed to thwart known attacks. • Although we are not going to exhaust all possible avenues of attack, we will get an idea of how cryptanalysts go about attacking ciphers. Cryptography and Network Security - MA61027 (Sourav Mukhopadhyay, IIT-KGP, 2010) 2 • This section is really split up into two classes of attack: Cryptanalytic attacks and Implementation attacks. • The former tries to attack mathematical weaknesses in the algorithms whereas the latter tries to attack the specific implementation of the cipher (such as a smartcard system). • The following attacks can refer to either of the two classes (all forms of attack assume the attacker knows the encryption algorithm): Cryptography and Network Security - MA61027 (Sourav Mukhopadhyay, IIT-KGP, 2010) 3 – Ciphertext-only attack: In this attack the attacker knows only the ciphertext to be decoded. The attacker will try to find the key or decrypt one or more pieces of ciphertext (only relatively weak algorithms fail to withstand a ciphertext-only attack).
    [Show full text]
  • PHC: Status Quo
    PHC: status quo JP Aumasson @veorq / http://aumasson.jp academic background principal cryptographer at Kudelski Security, .ch applied crypto research and outreach BLAKE, BLAKE2, SipHash, NORX Crypto Coding Standard Password Hashing Competition Open Crypto Audit Project board member do you use passwords? this talk might interest you! Oct 2013 "hash" = 3DES-ECB( static key, password ) users' hint made the guess game easy... (credit Jeremi Gosney / Stricture Group) May 2014; "encrypted passwords" (?) last week that's only the reported/published cases Lesson if Adobe, eBay, and Avast fail to protect their users' passwords, what about others? users using "weak passwords"? ITsec people using "weak defenses"? developers using "weak hashes"? cryptographers, who never bothered? agenda 1. how (not) to protect passwords 2. the Password Hashing Competition (PHC) 3. the 24-2 PHC candidates 4. next steps, and how to contribute WARNING this is NOT about bikeshed topics as: password policies password managers password-strength meters will-technology-X-replace-passwords? 1. how (not) to protect passwords solution of the 60's store "password" or the modern alternative: obviously a bad idea (assuming the server and its DB are compromised) solution of the early 70's store hash("password") "one-way": can't be efficiently inverted vulnerable to: ● efficient dictionary attacks and bruteforce ● time-memory tradeoffs (rainbow tables, etc.) solution of the late 70's store hash("password", salt) "one-way": can't be efficiently inverted immune to time-memory tradeoffs vulnerable to: ● dictionary attacks and bruteforce (but has to be repeated for different hashes) solution of the 2000's store hash("password", salt, cost) "one-way": can't be efficiently inverted immune to time-memory tradeoffs inefficient dictionary attacks and bruteforce main ideas: ● be "slow" ● especially on attackers' hardware (GPU, FPGA) => exploit fast CPU memory access/writes PBKDF2 (Kaliski, 2000) NIST and PKCS standard in Truecrypt, iOS, etc.
    [Show full text]
  • Analysis of Selected Block Cipher Modes for Authenticated Encryption
    Analysis of Selected Block Cipher Modes for Authenticated Encryption by Hassan Musallam Ahmed Qahur Al Mahri Bachelor of Engineering (Computer Systems and Networks) (Sultan Qaboos University) – 2007 Thesis submitted in fulfilment of the requirement for the degree of Doctor of Philosophy School of Electrical Engineering and Computer Science Science and Engineering Faculty Queensland University of Technology 2018 Keywords Authenticated encryption, AE, AEAD, ++AE, AEZ, block cipher, CAESAR, confidentiality, COPA, differential fault analysis, differential power analysis, ElmD, fault attack, forgery attack, integrity assurance, leakage resilience, modes of op- eration, OCB, OTR, SHELL, side channel attack, statistical fault analysis, sym- metric encryption, tweakable block cipher, XE, XEX. i ii Abstract Cryptography assures information security through different functionalities, es- pecially confidentiality and integrity assurance. According to Menezes et al. [1], confidentiality means the process of assuring that no one could interpret infor- mation, except authorised parties, while data integrity is an assurance that any unauthorised alterations to a message content will be detected. One possible ap- proach to ensure confidentiality and data integrity is to use two different schemes where one scheme provides confidentiality and the other provides integrity as- surance. A more compact approach is to use schemes, called Authenticated En- cryption (AE) schemes, that simultaneously provide confidentiality and integrity assurance for a message. AE can be constructed using different mechanisms, and the most common construction is to use block cipher modes, which is our focus in this thesis. AE schemes have been used in a wide range of applications, and defined by standardisation organizations. The National Institute of Standards and Technol- ogy (NIST) recommended two AE block cipher modes CCM [2] and GCM [3].
    [Show full text]
  • Public Auditing for Secure and Efficient Cloud Data Storage: a Comprehensive Survey
    Vol-7 Issue-4 2021 IJARIIE-ISSN(O)-2395-4396 Public Auditing for Secure and Efficient Cloud Data Storage: A Comprehensive Survey 1Ayesha Siddiqha Mukthar, 2Dr. Jitendra Sheetlani 1Research Scholar, Sri Satya Sai University of Technology and Medical Sciences, Sehore 2Associate Professor, Sri Satya Sai University of Technology and Medical Sciences, Sehore Abstract: Nowadays storage of data is big problem because the huge generation of multimedia data likes images, audio, video etc. whose size is very large. For storing of these data size of conventional storage is not sufficient so we need remote storage such as cloud which is resilient infrastructure, reliable and high quality performance for the cloud users. In the cloud there is no direct physical control over the records because the cloud uses its resource pool for storing. Consequently data reliability fortification and auditing is not a modest task. The user prerequisites to depend on a Third Party Auditor (TPA) who is working as a public auditor for authenticating the data integrity and privacy. This paper presents the various auditing techniques of cloud computing for improving security and then future research challenges which need to be adopt by researchers to make system obvious. Keywords: Auditing, Cloud Computing, Storage, TPA, Reliability, Integrity. Introduction: Cloud is offering the different services to its users. Data sharing between two organizations which common in many application areas. The current data sharing and integration among various organizations requires the central and trusted authority to collect data from all data sources and then integrate the collected data. In current trend, there is necessary condition which defines the data sharing while preserving privacy in cloud.
    [Show full text]
  • NSA's Efforts to Secure Private-Sector Telecommunications Infrastructure
    Under the Radar: NSA’s Efforts to Secure Private-Sector Telecommunications Infrastructure Susan Landau* INTRODUCTION When Google discovered that intruders were accessing certain Gmail ac- counts and stealing intellectual property,1 the company turned to the National Security Agency (NSA) for help in securing its systems. For a company that had faced accusations of violating user privacy, to ask for help from the agency that had been wiretapping Americans without warrants appeared decidedly odd, and Google came under a great deal of criticism. Google had approached a number of federal agencies for help on its problem; press reports focused on the company’s approach to the NSA. Google’s was the sensible approach. Not only was NSA the sole government agency with the necessary expertise to aid the company after its systems had been exploited, it was also the right agency to be doing so. That seems especially ironic in light of the recent revelations by Edward Snowden over the extent of NSA surveillance, including, apparently, Google inter-data-center communications.2 The NSA has always had two functions: the well-known one of signals intelligence, known in the trade as SIGINT, and the lesser known one of communications security or COMSEC. The former became the subject of novels, histories of the agency, and legend. The latter has garnered much less attention. One example of the myriad one could pick is David Kahn’s seminal book on cryptography, The Codebreakers: The Comprehensive History of Secret Communication from Ancient Times to the Internet.3 It devotes fifty pages to NSA and SIGINT and only ten pages to NSA and COMSEC.
    [Show full text]
  • Security + Encryption Standards
    Security + Encryption Standards Author: Joseph Lee Email: joseph@ ripplesoftware.ca Mobile: 778-725-3206 General Concepts Forward secrecy / perfect forward secrecy • Using a key exchange to provide a new key for each session provides improved forward secrecy because if keys are found out by an attacker, past data cannot be compromised with the keys Confusion • Cipher-text is significantly different than the original plaintext data • The property of confusion hides the relationship between the cipher-text and the key Diffusion • Is the principle that small changes in message plaintext results in large changes in the cipher-text • The idea of diffusion is to hide the relationship between the cipher-text and the plaintext Secret-algorithm • A proprietary algorithm that is not publicly disclosed • This is discouraged because it cannot be reviewed Weak / depreciated algorithms • An algorithm that can be easily "cracked" or defeated by an attacker High-resiliency • Refers to the strength of the encryption key if an attacker discovers part of the key Data-in-transit • Data sent over a network Data-at-rest • Data stored on a medium Data-in-use • Data being used by an application / computer system Out-of-band KEX • Using a medium / channel for key-exchange other than the medium the data transfer is taking place (phone, email, snail mail) In-band KEX • Using the same medium / channel for key-exchange that the data transfer is taking place Integrity • Ability to determine the message has not been altered • Hashing algorithms manage Authenticity
    [Show full text]
  • Key‐Dependent Side‐Channel Cube Attack on CRAFT
    Received: 26 November 2019 | Revised: 9 September 2020 | Accepted: 5 October 2020 DOI: 10.4218/etrij.2019-0539 ORIGINAL ARTICLE Key- dependent side- channel cube attack on CRAFT Kok- An Pang | Shekh Faisal Abdul- Latip INSFORNET, Centre for Advanced Computing Technology (C- ACT), Fakulti Abstract Teknologi Maklumat dan Komunikasi, CRAFT is a tweakable block cipher introduced in 2019 that aims to provide strong Universiti Teknikal Malaysia Melaka, protection against differential fault analysis. In this paper, we show that CRAFT Melaka, Malaysia is vulnerable to side- channel cube attacks. We apply side-channel cube attacks to Correspondence CRAFT with the Hamming weight leakage assumption. We found that the first half Kok- An Pang and Shekh Faisal Abdul- of the secret key can be recovered from the Hamming weight leakage after the first Latip, INSFORNET, Centre for Advanced Computing Technology (C- ACT), Fakulti round. Next, using the recovered key bits, we continue our attack to recover the sec- Teknologi Maklumat dan Komunikasi, ond half of the secret key. We show that the set of equations that are solvable varies Universiti Teknikal Malaysia Melaka, depending on the value of the key bits. Our result shows that 99.90% of the key space Melaka, Malaysia. Email: [email protected] (Kok- An Pang), can be fully recovered within a practical time. [email protected] (Shekh Faisal Abdul- Latip) KEYWORDS Block cipher, CRAFT, cryptanalysis, cube attack, side- channel attack Funding information This research was supported by the UTeM Zamalah Scheme and Fundamental Research Grant Scheme (FRGS) of Universiti Teknikal Malaysia Melaka (FRGS/1/2015/ICT05/FTMK/02/ F00293) funded by the Ministry of Higher Education, Malaysia 1 | INTRODUCTION attacks varies depending on the implementation, even if the same cipher is adopted.
    [Show full text]
  • Post-Quantum Cryptography
    Post-quantum cryptography Daniel J. Bernstein & Tanja Lange University of Illinois at Chicago; Ruhr University Bochum & Technische Universiteit Eindhoven 12 September 2020 I Motivation #1: Communication channels are spying on our data. I Motivation #2: Communication channels are modifying our data. I Literal meaning of cryptography: \secret writing". I Achieves various security goals by secretly transforming messages. I Confidentiality: Eve cannot infer information about the content I Integrity: Eve cannot modify the message without this being noticed I Authenticity: Bob is convinced that the message originated from Alice Cryptography with symmetric keys AES-128. AES-192. AES-256. AES-GCM. ChaCha20. HMAC-SHA-256. Poly1305. SHA-2. SHA-3. Salsa20. Cryptography with public keys BN-254. Curve25519. DH. DSA. ECDH. ECDSA. EdDSA. NIST P-256. NIST P-384. NIST P-521. RSA encrypt. RSA sign. secp256k1. Cryptography / Sender Receiver \Alice" \Bob" Tsai Ing-Wen picture credit: By =q府, Attribution, Wikimedia. Donald Trump picture credit: By Shealah Craighead - White House, Public Domain, Wikimedia. Daniel J. Bernstein & Tanja Lange Post-quantum cryptography2 Cryptography with symmetric keys AES-128. AES-192. AES-256. AES-GCM. ChaCha20. HMAC-SHA-256. Poly1305. SHA-2. SHA-3. Salsa20. I Literal meaning of cryptography: \secret writing". Cryptography with public keys Achieves various security goals by secretly transforming messages. BN-254I . Curve25519. DH. DSA. ECDH. ECDSA. EdDSA. NIST P-256. NIST P-384. Confidentiality: Eve cannot infer information about the content NISTI P-521. RSA encrypt. RSA sign. secp256k1. I Integrity: Eve cannot modify the message without this being noticed I Authenticity: Bob is convinced that the message originated from Alice Cryptography / Sender Untrustworthy network Receiver \Alice" \Eve" \Bob" I Motivation #1: Communication channels are spying on our data.
    [Show full text]