|
J-PAKE
The Password Authenticated Key Exchange by Juggling (or J-PAKE) is a password-authenticated key agreement protocol, proposed by Feng Hao and Peter Ryan. This protocol allows two parties to establish private and authenticated communication solely based on their shared (low-entropy) password without requiring a Public Key Infrastructure. It provides mutual authentication to the key exchange, a feature that is lacking in the Diffie–Hellman key exchange protocol. Description Two parties, Alice and Bob, agree on a group G with generator g of prime order q in which the discrete log problem is hard. Typically a Schnorr group is used. In general, J-PAKE can use any prime order group that is suitable for public key cryptography, including Elliptic curve cryptography. Let s be their shared (low-entropy) secret, which can be a password or a hash of a password (s \neq 0). The protocol executes in two rounds. ;Round 1: Alice selects x_1 \in_R , q-1/math>, x_2 \in_R , q-1/math> and sends out ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Password-authenticated Key Agreement
In cryptography, a password-authenticated key agreement method is an interactive method for two or more parties to establish cryptographic keys based on one or more party's knowledge of a password. An important property is that an eavesdropper or man-in-the-middle cannot obtain enough information to be able to brute-force guess a password without further interactions with the parties for each (few) guesses. This means that strong security can be obtained using weak passwords. Types Password-authenticated key agreement generally encompasses methods such as: * Balanced password-authenticated key exchange * Augmented password-authenticated key exchange * Password-authenticated key retrieval * Multi-server methods * Multi-party methods In the most stringent password-only security models, there is no requirement for the user of the method to remember any secret or public data other than the password. Password-authenticated key exchange (PAKE) is a method in which two or more parties, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Zero-knowledge Proof
In cryptography, a zero-knowledge proof or zero-knowledge protocol is a method by which one party (the prover) can prove to another party (the verifier) that a given statement is true while the prover avoids conveying any additional information apart from the fact that the statement is indeed true. The essence of zero-knowledge proofs is that it is trivial to prove that one possesses knowledge of certain information by simply revealing it; the challenge is to prove such possession without revealing the information itself or any additional information. If proving a statement requires that the prover possess some secret information, then the verifier will not be able to prove the statement to anyone else without possessing the secret information. The statement being proved must include the assertion that the prover has such knowledge, but without including or transmitting the knowledge itself in the assertion. Otherwise, the statement would not be proved in zero-knowledge because it ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Bouncycastle
Bouncy Castle is a collection of APIs used in cryptography. It includes APIs for both the Java and the C# programming languages. The APIs are supported by a registered Australian charitable organization: Legion of the Bouncy Castle Inc. Bouncy Castle is Australian in origin and therefore American restrictions on the export of cryptography from the United States do not apply to it. History Bouncy Castle started when two colleagues were tired of having to re-invent a set of cryptography libraries each time they changed jobs working in server-side Java SE. One of the developers was active in Java ME (J2ME at that time) development as a hobby and a design consideration was to include the greatest range of Java VMs for the library, including those on J2ME. This design consideration led to the architecture that exists in Bouncy Castle. The project, founded in May 2000, was originally written in Java only, but added a C# API in 2004. The original Java API consisted of approximatel ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Pale Moon (web Browser)
Pale Moon is an open-source web browser with an emphasis on customization; its motto is "Your browser, Your way". There are official releases for Microsoft Windows and Linux, as well as contributed builds for various platforms. Pale Moon originated as a fork of Firefox, but has subsequently diverged. The main differences are the user interface, add-on support, and running in single-process mode. Pale Moon retains the highly customizable user interface of the Firefox version 4–28 era. It also continues to support some types of add-ons and plugins that are no longer supported by Firefox, including NPAPI plugins such as Adobe Flash Player, as well as legacy Firefox extensions. Overview Pale Moon has diverged from Firefox in a number of ways: *Uses the pre-Australis user interface ("Strata") as carried by Firefox during versions 4-28 *Supports extensions built with XUL and XPCOM, which are no longer supported by Firefox *Supports "Complete Themes", add-ons which can customize t ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Firefox Sync
Firefox Sync, originally branded Mozilla Weave, is a browser synchronization feature for Firefox web browsers. It allows users to partially synchronize bookmarks, browsing history, preferences, passwords, filled forms, add-ons, and the last 25 opened tabs across multiple computers. The feature is now included in Firefox and it's being implemented in Thunderbird. It keeps user data on Mozilla servers, but according to Mozilla the data is encrypted in such a way that no third party, not even Mozilla, can access user information. It is also possible for the user to host their own Firefox Sync servers, or indeed, for any entity to do so. Firefox Sync was originally an add-on for Mozilla Firefox 3.x and SeaMonkey 2.0, but it has been a built-in feature since Firefox 4.0 and SeaMonkey 2.1. Firefox Sync is built on top of Firefox Accounts as of Firefox 29, and therefore Firefox 29 and later cannot sync with Firefox 28 and earlier. Firefox Home Firefox Home was a companion applicat ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Network Security Services
Network Security Services (NSS) is a collection of cryptographic computer libraries designed to support cross-platform development of security-enabled client and server applications with optional support for hardware TLS/SSL acceleration on the server side and hardware smart cards on the client side. NSS provides a complete open-source implementation of cryptographic libraries supporting Transport Layer Security (TLS) / Secure Sockets Layer (SSL) and S/MIME. NSS releases prior to version 3.14 are tri-licensed under the Mozilla Public License 1.1, the GNU General Public License, and the GNU Lesser General Public License. Since release 3.14, NSS releases are licensed under GPL-compatible Mozilla Public License 2.0. History NSS originated from the libraries developed when Netscape invented the SSL security protocol. FIPS 140 validation and NISCC testing The NSS software crypto module has been validated five times (in 1997, 1999, 2002, 2007, and 2010) for conformance to FIPS 140 a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
OpenSSH
OpenSSH (also known as OpenBSD Secure Shell) is a suite of secure networking utilities based on the Secure Shell (SSH) protocol, which provides a secure channel over an unsecured network in a client–server architecture. Network Working Group of the IETF, January 2006, RFC 4252, The Secure Shell (SSH) Authentication Protocol. OpenSSH started as a fork of the free SSH program developed by Tatu Ylönen; later versions of Ylönen's SSH were proprietary software offered by SSH Communications Security. OpenSSH was first released in 1999 and is currently developed as part of the OpenBSD operating system. OpenSSH is not a single computer program, but rather a suite of programs that serve as alternatives to unencrypted protocols like Telnet and FTP. OpenSSH is integrated into several operating systems, namely Microsoft Windows, macOS and most Linux operating systems, while the portable version is available as a package in other systems. History OpenBSD Secure Shell was ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
OpenSSL
OpenSSL is a software library for applications that provide secure communications over computer networks against eavesdropping or need to identify the party at the other end. It is widely used by Internet servers, including the majority of HTTPS websites. OpenSSL contains an open-source implementation of the SSL and TLS protocols. The core library, written in the C programming language, implements basic cryptographic functions and provides various utility functions. Wrappers allowing the use of the OpenSSL library in a variety of computer languages are available. The OpenSSL Software Foundation (OSF) represents the OpenSSL project in most legal capacities including contributor license agreements, managing donations, and so on. OpenSSL Software Services (OSS) also represents the OpenSSL project for support contracts. OpenSSL is available for most Unix-like operating systems (including Linux, macOS, and BSD), Microsoft Windows and OpenVMS. Project history The OpenSSL ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Dining Cryptographers Problem
In cryptography, the dining cryptographers problem studies how to perform a secure multi-party computation of the boolean-XOR function. David Chaum first proposed this problem in the early 1980s and used it as an illustrative example to show that it was possible to send anonymous messages with unconditional sender and recipient untraceability. Anonymous communication networks based on this problem are often referred to as DC-nets (where DC stands for "dining cryptographers"). Despite the word ''dining'', the dining cryptographers problem is unrelated to the dining philosophers problem. Description Three cryptographers gather around a table for dinner. The waiter informs them that the meal has been paid for by someone, who could be one of the cryptographers or the National Security Agency (NSA). The cryptographers respect each other's right to make an anonymous payment, but want to find out whether the NSA paid. So they decide to execute a two-stage protocol. In the first stag ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
David Chaum
David Lee Chaum (born 1955) is an American computer scientist, cryptographer, and inventor. He is known as a pioneer in cryptography and privacy-preserving technologies, and widely recognized as the inventor of digital cash. His 1982 dissertation "Computer Systems Established, Maintained, and Trusted by Mutually Suspicious Groups" is the first known proposal for a blockchain protocol. Complete with the code to implement the protocol, Chaum's dissertation proposed all but one element of the blockchain later detailed in the Bitcoin whitepaper. He has been referred to as "the father of online anonymity", and "the godfather of cryptocurrency". He is also known for developing ecash, an electronic cash application that aims to preserve a user's anonymity, and inventing many cryptographic protocols like the blind signature, mix networks and the Dining cryptographers protocol. In 1995 his company DigiCash created the first digital currency with eCash.Greenberg, Andy (2012). ''This M ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Anonymous Veto Network
In cryptography, the anonymous veto network (or AV-net) is a multi-party secure computation protocol to compute the boolean-OR function. It was first proposed by Feng Hao and Piotr Zieliński in 2006. This protocol presents an efficient solution to the Dining cryptographers problem. A related protocol that securely computes a boolean-count function is open vote network (or OV-net). Description All participants agree on a group \scriptstyle G with a generator \scriptstyle g of prime order \scriptstyle q in which the discrete logarithm problem is hard. For example, a Schnorr group can be used. For a group of \scriptstyle n participants, the protocol executes in two rounds. Round 1: each participant \scriptstyle i selects a random value \scriptstyle x_i \,\in_R\, \mathbb_q and publishes the ephemeral public key \scriptstyle g^ together with a zero-knowledge proof for the proof of the exponent \scriptstyle x_i. A detailed description of a method for such proofs is found in . After ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Forward Secrecy
In cryptography, forward secrecy (FS), also known as perfect forward secrecy (PFS), is a feature of specific key agreement protocols that gives assurances that session keys will not be compromised even if long-term secrets used in the session key exchange are compromised. For HTTPS, the long-term secret is typically the private key of the server. Forward secrecy protects past sessions against future compromises of keys or passwords. By generating a unique session key for every session a user initiates, the compromise of a single session key will not affect any data other than that exchanged in the specific session protected by that particular key. This by itself is not sufficient for forward secrecy which additionally requires that a long-term secret compromise does not affect the security of past session keys. Forward secrecy protects data on the transport layer of a network that uses common Transport Layer Security protocols, including OpenSSL, when its long-term secret keys are ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
