|
Poly1305
Poly1305 is a universal hash family designed by Daniel J. Bernstein for use in cryptography. As with any universal hash family, Poly1305 can be used as a one-time message authentication code to authenticate a single message using a key shared between sender and recipient, like a one-time pad can be used to conceal the content of a single message using a key shared between sender and recipient. Originally Poly1305 was proposed as part of Poly1305-AES, a Carter–Wegman authenticator that combines the Poly1305 hash with AES-128 to authenticate many messages using a single short key and distinct message numbers. Poly1305 was later applied with a single-use key generated for each message using XSalsa20 in the NaCl crypto_secretbox_xsalsa20poly1305 authenticated cipher, and then using ChaCha in the ChaCha20-Poly1305 authenticated cipher deployed in TLS on the internet. Description Definition of Poly1305 Poly1305 takes a 16-byte secret key r and an L-byte message m and returns ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ChaCha20-Poly1305
ChaCha20-Poly1305 is an authenticated encryption with additional data (AEAD) algorithm, that combines the ChaCha20 stream cipher with the Poly1305 message authentication code. Its usage in IETF protocols is standardized in RFC 8439. It has fast software performance, and without hardware acceleration, is usually faster than AES-GCM. History The two building blocks of the construction, the algorithms Poly1305 and ChaCha20, were both independently designed, in 2005 and 2008, by Daniel J. Bernstein. In 2013–2014, a variant of the original ChaCha20 algorithm (using 32-bit counter and 96-bit nonce) and a variant of the original Poly1305 (authenticating 2 strings) were combined in an IETF draft to be used in TLS and DTLS, and chosen by Google, for security and performance reasons, as a newly supported cipher. Shortly after Google's adoption for TLS, ChaCha20, Poly1305 and the combined AEAD mode are added to OpenSSH via thechacha20-poly1305@openssh.com authenticated encryption ciph ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
XSalsa20
Salsa20 and the closely related ChaCha are stream ciphers developed by Daniel J. Bernstein. Salsa20, the original cipher, was designed in 2005, then later submitted to the eSTREAM European Union cryptographic validation process by Bernstein. ChaCha is a modification of Salsa20 published in 2008. It uses a new round function that increases diffusion and increases performance on some architectures. Both ciphers are built on a pseudorandom function based on add-rotate-XOR (ARX) operations — 32-bit addition, bitwise addition (XOR) and rotation operations. The core function maps a 256-bit key, a 64-bit nonce, and a 64-bit counter to a 512-bit block of the key stream (a Salsa version with a 128-bit key also exists). This gives Salsa20 and ChaCha the unusual advantage that the user can efficiently seek to any position in the key stream in constant time. Salsa20 offers speeds of around 4–14 cycles per byte in software on modern x86 processors, and reasonable hardware performanc ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ChaCha (cipher)
Salsa20 and the closely related ChaCha are stream ciphers developed by Daniel J. Bernstein. Salsa20, the original cipher, was designed in 2005, then later submitted to the eSTREAM European Union cryptographic validation process by Bernstein. ChaCha is a modification of Salsa20 published in 2008. It uses a new round function that increases diffusion and increases performance on some architectures. Both ciphers are built on a pseudorandom function based on add-rotate-XOR (ARX) operations — 32-bit addition, bitwise addition (XOR) and rotation operations. The core function maps a 256-bit key, a 64-bit nonce, and a 64-bit counter to a 512-bit block of the key stream (a Salsa version with a 128-bit key also exists). This gives Salsa20 and ChaCha the unusual advantage that the user can efficiently seek to any position in the key stream in constant time. Salsa20 offers speeds of around 4–14 cycles per byte in software on modern x86 processors, and reasonable hardware performance. ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
NaCl (software)
NaCl (pronounced "salt") is an abbreviation for "Networking and Cryptography library", a public domain "...high-speed software library for network communication, encryption, decryption, signatures, etc". NaCl was created by the mathematician and programmer Daniel J. Bernstein who is best known for the creation of qmail and Curve25519. The core team also includes Tanja Lange and Peter Schwabe. The main goal while creating NaCl, according to the paper, was to "avoid various types of cryptographic disasters suffered by previous cryptographic libraries".https://cr.yp.to/highspeed/coolnacl-20120725.pdf "The security impact of a new cryptographic library" Daniel J. Bernstein, Tanja Lange, Peter Schwabe Basic functions Public-key cryptography * Signatures using Ed25519. * Key agreement using X25519. Secret-key cryptography * Authenticated encryption using Salsa20-Poly1305. * Encryption using Salsa20 or AES. * Authentication using HMAC-SHA-512-256. * One-time authentication u ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
WolfSSL
wolfSSL is a small, portable, embedded SSL/TLS library targeted for use by embedded systems developers. It is an open source implementation of TLS (SSL 3.0, TLS 1.0, 1.1, 1.2, 1.3, and DTLS 1.0, 1.2, and 1.3) written in the C programming language. It includes SSL/TLS client libraries and an SSL/TLS server implementation as well as support for multiple APIs, including those defined by SSL and TLS. wolfSSL also includes an OpenSSL compatibility interface with the most commonly used OpenSSL functions. A predecessor of wolfSSL, yaSSL is a C++ based SSL library for embedded environments and real time operating systems with constrained resources. Platforms wolfSSL is currently available for Win32/64, Linux, macOS, Solaris, Threadx, VxWorks, FreeBSD, NetBSD, OpenBSD, embedded Linux, Yocto Project, OpenEmbedded, WinCE, Haiku, OpenWrt, iPhone, Android, Nintendo Wii and Gamecube through DevKitPro support, QNX, MontaVista, Tron variants, NonStop OS, OpenCL, Micrium's MicroC/ ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
LibreSSL
LibreSSL is an open-source implementation of the Transport Layer Security (TLS) protocol. The implementation is named after Secure Sockets Layer (SSL), the deprecated predecessor of TLS, for which support was removed in release 2.3.0. The OpenBSD project forked LibreSSL from OpenSSL 1.0.1g in April 2014 as a response to the Heartbleed security vulnerability, with the goals of modernizing the codebase, improving security, and applying development best practices. History After the Heartbleed security vulnerability was discovered in OpenSSL, the OpenBSD team audited the codebase and decided it was necessary to fork OpenSSL to remove dangerous code. The libressl.org domain was registered on 11 April 2014; the project announced the name on 22 April 2014. In the first week of development, more than 90,000 lines of C code were removed. Unused code was removed, and support for obsolete operating systems ( Classic Mac OS, NetWare, OS/2, 16-bit Windows) and some older operating sy ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
OpenSSL
OpenSSL is a software library for applications that provide secure communications over computer networks against eavesdropping or need to identify the party at the other end. It is widely used by Internet servers, including the majority of HTTPS websites. OpenSSL contains an open-source implementation of the SSL and TLS protocols. The core library, written in the C programming language, implements basic cryptographic functions and provides various utility functions. Wrappers allowing the use of the OpenSSL library in a variety of computer languages are available. The OpenSSL Software Foundation (OSF) represents the OpenSSL project in most legal capacities including contributor license agreements, managing donations, and so on. OpenSSL Software Services (OSS) also represents the OpenSSL project for support contracts. OpenSSL is available for most Unix-like operating systems (including Linux, macOS, and BSD), Microsoft Windows and OpenVMS. Project history The OpenSSL ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Message Authentication Code
In cryptography, a message authentication code (MAC), sometimes known as a ''tag'', is a short piece of information used for authenticating a message. In other words, to confirm that the message came from the stated sender (its authenticity) and has not been changed. The MAC value protects a message's data integrity, as well as its authenticity, by allowing verifiers (who also possess the secret key) to detect any changes to the message content. Terminology The term message integrity code (MIC) is frequently substituted for the term ''MAC'', especially in communications to distinguish it from the use of the latter as ''media access control address'' (''MAC address''). However, some authors use MIC to refer to a message digest, which aims only to uniquely but opaquely identify a single message. RFC 4949 recommends avoiding the term ''message integrity code'' (MIC), and instead using ''checksum'', ''error detection code'', '' hash'', ''keyed hash'', ''message authentication code'', ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Transport Layer Security
Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible. The TLS protocol aims primarily to provide security, including privacy (confidentiality), integrity, and authenticity through the use of cryptography, such as the use of certificates, between two or more communicating computer applications. It runs in the presentation layer and is itself composed of two layers: the TLS record and the TLS handshake protocols. The closely related Datagram Transport Layer Security (DTLS) is a communications protocol providing security to datagram-based applications. In technical writing you often you will see references to (D)TLS when it applies to both versions. TLS is a proposed Internet Engineering Task Force (IETF) standard, first defined in 1999, and the c ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Crypto++
Crypto++ (also known as CryptoPP, libcrypto++, and libcryptopp) is a free and open-source C++ class library of cryptographic algorithms and schemes written by Wei Dai. Crypto++ has been widely used in academia, student projects, open-source, and non-commercial projects, as well as businesses.* J. Kelsey, B. Schneier, D. Wagner, C. Hall (1998)"Cryptanalytic Attacks on Pseudorandom Number Generators". ''Fast Software Encryption, 5th International Proceedings''http://www.schneier.com/paper-prngs.pdf. Retrieved 2010-08-10. * C. Adjih, D. Raffo, P. Mühlethaler (2004)"OLSR: Distributed Key Management for Security". ''Independent Research''http://www2.lifl.fr/SERAC/downloads/attacks-olsr-dkm.pdf. Retrieved 2010-08-10. * X. Yinglian, M. K. Reiter, D. O'Hallaron (2006)"Protecting Privacy in Key-Value Search Systems" ''Computer Security Applications Conference (ACSAC)''https://www.cs.cmu.edu/~ylxie/papers/report03.pdf Retrieved 2010-08-10. * T. Zidenberg (2010). ''Technion, Israel Institute o ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Libgcrypt
Libgcrypt is a cryptography library developed as a separated module of GnuPG. It can also be used independently of GnuPG, but depends on its error-reporting library Libgpg-error. It provides functions for all fundamental cryptographic building blocks: Libgcrypt features its own ''multiple precision arithmetic'' implementation, with assembler implementations for a variety of processors, including Alpha, AMD64, HP PA-RISC, i386, i586, M68K, MIPS 3, PowerPC, and SPARC. It also features an ''entropy gathering'' utility, coming in different versions for Unix-like and Windows machines. Usually multiple, stable branches of Libgcrypt are maintained in parallel; since 2022-03-28 this is the Libgrypt 1.10 branch as stable branch, plus the 1.8 branch as LTS ("long-term support") branch, which will be maintained at least until 2024-12-31. See also * Comparison of cryptography libraries The tables below compare cryptography libraries that deal with cryptography algorithms and have A ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Universal Hashing
In mathematics and computing, universal hashing (in a randomized algorithm or data structure) refers to selecting a hash function at random from a family of hash functions with a certain mathematical property (see definition below). This guarantees a low number of collisions in expectation, even if the data is chosen by an adversary. Many universal families are known (for hashing integers, vectors, strings), and their evaluation is often very efficient. Universal hashing has numerous uses in computer science, for example in implementations of hash tables, randomized algorithms, and cryptography. Introduction Assume we want to map keys from some universe U into m bins (labelled = \). The algorithm will have to handle some data set S \subseteq U of , S, =n keys, which is not known in advance. Usually, the goal of hashing is to obtain a low number of collisions (keys from S that land in the same bin). A deterministic hash function cannot offer any guarantee in an adversarial sett ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
