|
Known-key Distinguisher
In cryptography, a known-key distinguishing attack is an attack model against symmetric ciphers, whereby an attacker who knows the key (cryptography), key can find a structural property in cipher, where the transformation from plaintext to ciphertext is not random. There is no common formal definition for what such a transformation may be. The chosen-key distinguishing attack is strongly related, where the attacker can choose a key to introduce such transformations. These attacks do not directly compromise the confidentiality of ciphers, because in a classical scenario, the key is unknown to the attacker. Known-/chosen-key distinguishing attacks apply in the "open key model" instead. They are known to be applicable in some situations where block ciphers are converted to hash functions, leading to practical collision attacks against the hash. Known-key distinguishing attacks were first introduced in 2007 by Lars Knudsen and Vincent Rijmen in a paper that proposed such an attack again ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Cryptography
Cryptography, or cryptology (from grc, , translit=kryptós "hidden, secret"; and ''graphein'', "to write", or ''-logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of adversarial behavior. More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, information security, electrical engineering, digital signal processing, physics, and others. Core concepts related to information security ( data confidentiality, data integrity, authentication, and non-repudiation) are also central to cryptography. Practical applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications. Cryptography prior to the modern age was effectively synonymo ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Feistel Cipher
In cryptography, a Feistel cipher (also known as Luby–Rackoff block cipher) is a symmetric structure used in the construction of block ciphers, named after the German-born physicist and cryptographer Horst Feistel, who did pioneering research while working for IBM; it is also commonly known as a Feistel network. A large proportion of block ciphers use the scheme, including the US Data Encryption Standard, the Soviet/Russian GOST and the more recent Blowfish and Twofish ciphers. In a Feistel cipher, encryption and decryption are very similar operations, and both consist of iteratively running a function called a "round function" a fixed number of times. History Many modern symmetric block ciphers are based on Feistel networks. Feistel networks were first seen commercially in IBM's Lucifer cipher, designed by Horst Feistel and Don Coppersmith in 1973. Feistel networks gained respectability when the U.S. Federal Government adopted the DES (a cipher based on Lucifer, with changes mad ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Pseudorandom Permutation
In cryptography, a pseudorandom permutation (PRP) is a function that cannot be distinguished from a random permutation (that is, a permutation selected at random with uniform probability, from the family of all permutations on the function's domain) with practical effort. Definition Let ''F'' be a mapping \left\^n \times \left\^s \rightarrow \left\^n. ''F'' is a PRP if and only if * For any K \in \left\^s, F_K is a bijection from \left\^n to \left\^n, where F_K(x)=F(x,K). * For any K \in \left\^s, there is an "efficient" algorithm to evaluate F_K(x) for any x \in \left\^n,. * For all probabilistic polynomial-time distinguishers D: \left, Pr\left(D^(1^n) = 1\right) - Pr\left(D^(1^n) = 1\right) \ < \varepsilon(s), where is chosen uniformly at random and is chosen uniformly at random from the set of permutations on ''n''-bit strings. A pseudorandom permutation family is a collection of pseudorandom permutations, where a specific pe ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Distinguishing Attack
In cryptography, a distinguishing attack is any form of cryptanalysis on data encrypted by a cipher that allows an attacker to distinguish the encrypted data from random data. Modern symmetric-key ciphers are specifically designed to be immune to such an attack. In other words, modern encryption schemes are pseudorandom permutations and are designed to have ciphertext indistinguishability. If an algorithm is found that can distinguish the output from random faster than a brute force search, then that is considered a break of the cipher. A similar concept is the known-key distinguishing attack, whereby an attacker knows the key and can find a structural property in cipher, where the transformation from plaintext to ciphertext is not random. Overview To prove that a cryptographic function is safe, it is often compared to a random oracle. If a function would be a random oracle, then an attacker is not able to predict any of the output of the function. If a function is distinguisha ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Skein (hash Function)
Skein is a cryptographic hash function and one of five finalists in the NIST hash function competition. Entered as a candidate to become the SHA-3 standard, the successor of SHA-1 and SHA-2, it ultimately lost to NIST hash candidate Keccak. The name Skein refers to how the Skein function intertwines the input, similar to a skein of yarn. History Skein was created by Bruce Schneier, Niels Ferguson, Stefan Lucks, Doug Whiting, Mihir Bellare, Tadayoshi Kohno, Jon Callas and Jesse Walker. Skein is based on the Threefish tweakable block cipher compressed using Unique Block Iteration (UBI) chaining mode, a variant of the Matyas–Meyer–Oseas hash mode, while leveraging an optional low-overhead argument-system for flexibility. Skein's algorithm and a reference implementation was given to public domain. Functionality Skein supports internal state sizes of 256, 512 and 1024 bits, and arbitrary output sizes. The authors claim 6.1 cycles per byte for any output size on an Inte ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Threefish
Threefish is a symmetric-key tweakable block cipher designed as part of the Skein hash function, an entry in the NIST hash function competition. Threefish uses no S-boxes or other table lookups in order to avoid cache timing attacks; The paper in which Threefish was introduced. its nonlinearity comes from alternating additions with exclusive ORs. In that respect, it is similar to Salsa20, TEA, and the SHA-3 candidates CubeHash and BLAKE. Threefish and the Skein hash function were designed by Bruce Schneier, Niels Ferguson, Stefan Lucks, Doug Whiting, Mihir Bellare, Tadayoshi Kohno, Jon Callas, and Jesse Walker. Description of the cipher Threefish works on words of 64 bits (unsigned Little endian integers). w \in \ is the number of plaintext words and also of key words. The tweak consists of two words. All additions and subtractions are defined modulo 2^. Key schedule Threefish encrypts in r rounds and uses \frac + 1 different round keys. After every four rounds, and bef ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Block Size (cryptography)
In modern cryptography, symmetric key ciphers are generally divided into stream ciphers and block ciphers. Block ciphers operate on a fixed length string of bits. The length of this bit string is the block size. Both the input (plaintext) and output (ciphertext) are the same length; the output cannot be shorter than the input this follows logically from the pigeonhole principle and the fact that the cipher must be reversibleand it is undesirable for the output to be longer than the input. Until the announcement of NIST's AES contest, the majority of block ciphers followed the example of the DES in using a block size of 64 bits (8 bytes). However the birthday paradox tells us that after accumulating a number of blocks equal to the square root of the total number possible, there will be an approximately 50% chance of two or more being the same, which would start to leak information about the message contents. Thus even when used with a proper encryption mode (e.g. CBC or OFB), only ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Advanced Encryption Standard
The Advanced Encryption Standard (AES), also known by its original name Rijndael (), is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001. AES is a variant of the Rijndael block cipher developed by two Belgian cryptographers, Joan Daemen and Vincent Rijmen, who submitted a proposal to NIST during the AES selection process. Rijndael is a family of ciphers with different key and block sizes. For AES, NIST selected three members of the Rijndael family, each with a block size of 128 bits, but three different key lengths: 128, 192 and 256 bits. AES has been adopted by the U.S. government. It supersedes the Data Encryption Standard (DES), which was published in 1977. The algorithm described by AES is a symmetric-key algorithm, meaning the same key is used for both encrypting and decrypting the data. In the United States, AES was announced by the NIST as U.S. FIPS PUB 197 (FIPS 197) on Novemb ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Attack Model
In cryptanalysis, attack models or attack types are a classification of cryptographic attacks specifying the kind of access a Cryptanalysis, cryptanalyst has to a system under attack when attempting to "break" an Encryption, encrypted message (also known as ''ciphertext'') generated by the system. The greater the access the cryptanalyst has to the system, the more useful information they can get to utilize for breaking the cypher. In cryptography, a sending party uses a cipher to encryption, encrypt (transform) a secret ''plaintext'' into a ''ciphertext'', which is sent over an insecure communication channel to the receiving party. The receiving party uses an inverse cipher to decryption, decrypt the ciphertext to obtain the plaintext. A secret knowledge is required to apply the inverse cipher to the ciphertext. This secret knowledge is usually a short number or string called a ''cryptographic key, key''. In a cryptographic attack a third party cryptanalyst analyzes the ciphertex ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Vincent Rijmen
Vincent Rijmen (; born 16 October 1970) is a Belgian cryptographer and one of the two designers of the Rijndael, the Advanced Encryption Standard. Rijmen is also the co-designer of the WHIRLPOOL cryptographic hash function, and the block ciphers Anubis, KHAZAD, Square, NOEKEON and SHARK. In 1993, Rijmen obtained a degree in electronics engineering at the Katholieke Universiteit Leuven. Afterwards, he was a PhD student at the ESAT/COSIC lab of the K.U.Leuven. In 1997, Rijmen finished his doctoral dissertation titled ''Cryptanalysis and design of iterated block ciphers''. After his PhD he did postdoctoral work at the COSIC lab, on several occasions collaborating with Joan Daemen. One of their joint projects resulted in the algorithm Rijndael, which in October 2000 was selected by the National Institute for Standards and Technology (NIST) to become the Advanced Encryption Standard (AES). Since 1 August 2001, Rijmen has been working as chief cryptographer at Cryptomathic where ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
_Round_Function.png "Click for more on -> Advanced Encryption Standard")