|
Commercial National Security Algorithm Suite
The Commercial National Security Algorithm Suite (CNSA) is a set of cryptographic algorithms Promulgation, promulgated by the National Security Agency as a replacement for NSA Suite B Cryptography algorithms. It serves as the cryptographic base to protect US National Security Systems information up to the Classified information#Top_Secret_(TS), top secret level, while the NSA plans for a transition to quantum-resistant cryptography. The 1.0 suite included: * Advanced Encryption Standard with 256 bit keys * Elliptic-curve Diffie–Hellman and Elliptic Curve Digital Signature Algorithm with curve P-384 * SHA-2 with 384 bits, Diffie–Hellman key exchange with a minimum 3072-bit modulus, and * RSA (cryptosystem), RSA with a minimum modulus size of 3072. The CNSA transition is notable for moving RSA (cryptosystem), RSA from a temporary ''legacy'' status, as it appeared in Suite B, to ''supported'' status. It also did not include the Digital Signature Algorithm. This, and the overall ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Promulgation
Promulgation is the formal proclamation or the declaration that a new statute, statutory or administrative law is enacted after its final Enactment of a bill, approval. In some jurisdiction (area), jurisdictions, this additional step is necessary before the law can take effect. After a new law is approved, it is announced to the public through the publication of government gazettes and/or on official government bulletins. National laws of extraordinary importance to the public may be announced by the head of state or head of government on a national broadcast. Local laws are usually announced in local newspapers and published in bulletins or compendium, compendia of municipal regulations. Jurisdiction-specific details Armenia Bills are enacted by the President of Armenia and published in the ''Hayastani Hanrapetutyun, Official Gazette of Armenia''. Belgium Statutes are promulgated by the King of the Belgians and published in the ''Belgian Official Journal''. Decrees and Ordin ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Diffie–Hellman Key Exchange
Diffie–Hellman (DH) key exchangeSynonyms of Diffie–Hellman key exchange include: * Diffie–Hellman–Merkle key exchange * Diffie–Hellman key agreement * Diffie–Hellman key establishment * Diffie–Hellman key negotiation * Exponential key exchange * Diffie–Hellman protocol * Diffie–Hellman handshake is a mathematical method of securely generating a symmetric cryptographic key over a public channel and was one of the first public-key protocols as conceived by Ralph Merkle and named after Whitfield Diffie and Martin Hellman. DH is one of the earliest practical examples of public key exchange implemented within the field of cryptography. Published in 1976 by Diffie and Hellman, this is the earliest publicly known work that proposed the idea of a private key and a corresponding public key. Traditionally, secure encrypted communication between two parties required that they first exchange keys by some secure physical means, such as paper key lists transported by a tr ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Cryptography Standards
There are a number of standards related to cryptography. Standard algorithms and protocols provide a focus for study; standards for popular applications attract a large amount of cryptanalysis. Encryption standards * Data Encryption Standard (DES, now obsolete) * Advanced Encryption Standard (AES) * RSA the original public key algorithm * OpenPGP Hash standards * MD5 128-bit (obsolete) * SHA-1 160-bit (obsolete) * SHA-2 available in 224, 256, 384, and 512-bit variants * HMAC keyed hash * PBKDF2 Key derivation function (RFC 2898) Digital signature standards * Digital Signature Standard (DSS), based on the Digital Signature Algorithm (DSA) * RSA * Elliptic Curve DSA Public-key infrastructure (PKI) standards * X.509 Public Key Certificates Wireless Standards * Wired Equivalent Privacy (WEP), severely flawed and superseded by WPA * Wi-Fi Protected Access (WPA) better than WEP, a 'pre-standard' partial version of 802.11i * 802.11i a.k.a. WPA2, uses AES and other improvements o ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
EXtended Merkle Signature Scheme
Extension, extend or extended may refer to: Mathematics Logic or set theory * Axiom of extensionality * Extensible cardinal * Extension (model theory) * Extension (proof theory) * Extension (predicate logic), the set of tuples of values that satisfy the predicate * Extension (semantics), the set of things to which a property applies * Extension (simplicial set) * Extension by definitions * Extensional definition, a definition that enumerates every individual a term applies to * Extensionality Other uses * Extension of a function, defined on a larger domain * Extension of a polyhedron, in geometry * Extension of a line segment (finite) into an infinite line (e.g., extended base) * Exterior algebra, Grassmann's theory of extension, in geometry * Field extension, in Galois theory * Group extension, in abstract algebra and homological algebra * Homotopy extension property, in topology * Kolmogorov extension theorem, in probability theory * Linear extension, in order theory * S ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Lattice-based Cryptography
Lattice-based cryptography is the generic term for constructions of cryptographic primitives that involve lattices, either in the construction itself or in the security proof. Lattice-based constructions support important standards of post-quantum cryptography. Unlike more widely used and known public-key schemes such as the RSA, Diffie-Hellman or elliptic-curve cryptosystems — which could, theoretically, be defeated using Shor's algorithm on a quantum computer — some lattice-based constructions appear to be resistant to attack by both classical and quantum computers. Furthermore, many lattice-based constructions are considered to be secure under the assumption that certain well-studied computational lattice problems cannot be solved efficiently. In 2024 NIST announced the Module-Lattice-Based Digital Signature Standard for post-quantum cryptography. History In 1996, Miklós Ajtai introduced the first lattice-based cryptographic construction whose security could be ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
CRYSTALS-Kyber
Kyber is a key encapsulation mechanism (KEM) designed to be resistant to cryptanalytic attacks with future powerful quantum computers. It is used to establish a shared secret between two communicating parties without an ( IND-CCA2) attacker in the transmission system being able to decrypt it. This asymmetric cryptosystem uses a variant of the learning with errors lattice problem as its basic trapdoor function. It won the NIST competition for the first post-quantum cryptography (PQ) standard. NIST calls its standard, numbered FIPS 203, Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM). Properties The system is based on the module learning with errors (M-LWE) problem, in conjunction with cyclotomic rings. Recently, there has also been a tight formal mathematical security reduction of the ring-LWE problem to MLWE. Compared to competing PQ methods, it has typical advantages of lattice-based methods, e.g. in regard to runtime as well as the size of the ciphertexts and the ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Digital Signature Algorithm
The Digital Signature Algorithm (DSA) is a Public-key cryptography, public-key cryptosystem and Federal Information Processing Standards, Federal Information Processing Standard for digital signatures, based on the mathematical concept of modular exponentiation and the Discrete logarithm, discrete logarithm problem. In a digital signature system, there is a keypair involved, consisting of a private and a public key. In this system a signing entity that declared their public key can generate a signature using their private key, and a verifier can assert the source if it verifies the signature correctly using the declared public key. DSA is a variant of the Schnorr signature, Schnorr and ElGamal signature scheme, ElGamal signature schemes. The National Institute of Standards and Technology (NIST) proposed DSA for use in their Digital Signature Standard (DSS) in 1991, and adopted it as FIPS 186 in 1994. Five revisions to the initial specification have been released. The newest specifi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
RSA (cryptosystem)
The RSA (Rivest–Shamir–Adleman) cryptosystem is a public-key cryptosystem, one of the oldest widely used for secure data transmission. The initialism "RSA" comes from the surnames of Ron Rivest, Adi Shamir and Leonard Adleman, who publicly described the algorithm in 1977. An equivalent system was developed secretly in 1973 at Government Communications Headquarters (GCHQ), the British signals intelligence agency, by the English mathematician Clifford Cocks. That system was declassified in 1997. In a public-key cryptosystem, the encryption key is public and distinct from the decryption key, which is kept secret (private). An RSA user creates and publishes a public key based on two large prime numbers, along with an auxiliary value. The prime numbers are kept secret. Messages can be encrypted by anyone via the public key, but can only be decrypted by someone who knows the private key. The security of RSA relies on the practical difficulty of factoring the product o ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
SHA-2
SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed by the United States National Security Agency (NSA) and first published in 2001. They are built using the Merkle–Damgård construction, from a one-way compression function itself built using the Davies–Meyer structure from a specialized block cipher. SHA-2 includes significant changes from its predecessor, SHA-1. The SHA-2 family consists of six hash functions with digests (hash values) that are 224, 256, 384 or 512 bits: SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256. SHA-256 and SHA-512 are hash functions whose digests are eight 32-bit and 64-bit words, respectively. They use different shift amounts and additive constants, but their structures are otherwise virtually identical, differing only in the number of rounds. SHA-224 and SHA-384 are truncated versions of SHA-256 and SHA-512 respectively, computed with different initial values. SHA-512/224 and SHA-512/256 are also truncate ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
National Security Agency
The National Security Agency (NSA) is an intelligence agency of the United States Department of Defense, under the authority of the director of national intelligence (DNI). The NSA is responsible for global monitoring, collection, and processing of information and data for global intelligence and counterintelligence purposes, specializing in a discipline known as signals intelligence (SIGINT). The NSA is also tasked with the protection of U.S. communications networks and information systems. The NSA relies on a variety of measures to accomplish its mission, the majority of which are clandestine. The NSA has roughly 32,000 employees. Originating as a unit to decipher coded communications in World War II, it was officially formed as the NSA by President Harry S. Truman in 1952. Between then and the end of the Cold War, it became the largest of the U.S. intelligence organizations in terms of personnel and budget. Still, information available as of 2013 indicates that the C ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
P-384
P-384 is the elliptic curve currently specified in Commercial National Security Algorithm Suite for the ECDSA and ECDH algorithms. It is a 384-bit curve over a finite field In mathematics, a finite field or Galois field (so-named in honor of Évariste Galois) is a field (mathematics), field that contains a finite number of Element (mathematics), elements. As with any field, a finite field is a Set (mathematics), s ... of prime order approximately . Its binary representation has 384 bits, with a simple pattern. The curve is given by the equation , where is given by a certain 384-bit number. The curve has order less than the field size. The bit-length of a key is considered to be that of the order of the curve, which is also 384 bits. Notes External links * FIPS 186-4 standards where the curve is define* Commercial National Security Algorithm (CNSA) Suite Factshee Cryptography standards Elliptic curves {{Crypto-stub ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
