|
ROCA Attack
The ROCA vulnerability is a cryptographic weakness that allows the private key of a key pair to be recovered from the public key in keys generated by devices with the vulnerability. "ROCA" is an acronym for "Return of Coppersmith's attack". The vulnerability has been given the identifier . The vulnerability arises from an approach to RSA key generation used in vulnerable versions of the software library ''RSALib'' provided by Infineon Technologies and incorporated into many smart cards, Trusted Platform Modules (TPM), and Hardware Security Modules (HSM), including YubiKey 4 tokens when used to generate RSA keys on-chip for OpenPGP or PIV. RSA keys of lengths 512, 1024, and 2048 bits generated using these versions of the Infineon library are vulnerable to a practical ROCA attack. The research team that discovered the attack (all with Masaryk University and led by Matúš Nemec and Marek Sýs) estimate that it affected around one-quarter of all current TPM devices globally. Mi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Masaryk University
Masaryk University (MU) (; ) is the second largest university in the Czech Republic, a member of the Compostela Group and the Utrecht Network. Founded in 1919 in Brno, it now consists of ten faculties and 35,115 students. It is named after Tomáš Garrigue Masaryk, the first president of an independent Czechoslovakia as well as the leader of the movement for a second Czech university. In 1960 the university was renamed ''Jan Evangelista Purkyně University'' after Jan Evangelista Purkyně, a Czech biologist. In 1990, following the Velvet Revolution it regained its original name. Since 1922, over 171,000 students have graduated from the university. The Prime Minister of the Czech Republic Petr Fiala has been working part-time at Masaryk University for the entire duration of his mandate. He should therefore devote eight hours a week – thirty-two hours a month – to work for this university. Jan Fischer responded to this as follows: "I also cannot imagine that someone, in ad ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
FIPS 201
FIPS 201 (Federal Information Processing Standard Publication 201) is a United States federal government standard that specifies Personal Identity Verification (PIV) requirements for Federal employees and contractors. In response to HSPD-12, the NIST Computer Security Division initiated a new program for improving the identification and authentication of Federal employees and contractors to access Federal facilities and information systems. FIPS 201 was developed to satisfy the technical requirements of HSPD-12, approved by the Secretary of Commerce, and issued on February 25, 2005. This Standard specifies the architecture and technical requirements for a common identification standard for Federal employees and contractors. FIPS 201 specifies that an identity credential must be stored on a smart card. SP 800-73, a NIST special publication, contains the technical specifications to interface with the smart card to retrieve and use the PIV identity credentials. FIPS 201 was replace ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Estonian Identity Card
The Estonian identity card () is a mandatory identity document for citizens of Estonia. In addition to regular identification of a person, an ID-card can also be used for establishing one's identity in electronic environment and for giving one's digital signature. Within Europe (except Belarus, Russia, Ukraine and United Kingdom) as well as French overseas territories, Georgia and Tunisia (on organized tours only) the Estonian ID-card can be used by the citizens of Estonia as a travel document. The mandatory identity document of a citizen of the European Union is also an identity card, also known as an ID card. The Estonian ID-card can be used to cross the Estonian border, however Estonian authorities cannot guarantee that other EU member states will accept the card as a travel document. With the Estonian ID-card the citizen will receive a personal @eesti.ee e-mail address, which is used by the state to send important information. In order to use the @eesti.ee e-mail address, th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Common Criteria
The Common Criteria for Information Technology Security Evaluation (referred to as Common Criteria or CC) is an international standard (International Organization for Standardization, ISO/International Electrotechnical Commission, IEC 15408) for computer security certification. It is currently in version 3.1 revision 5. Common Criteria is a framework in which computer system users can ''specify'' their security ''functional'' and ''assurance'' requirements (SFRs and SARs, respectively) in a Security Target (ST), and may be taken from Protection Profiles (PPs). Vendors can then ''implement'' or make claims about the security attributes of their products, and testing laboratories can ''evaluate'' the products to determine if they actually meet the claims. In other words, Common Criteria provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard and repeatable manner at a level that is ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
OpenSSL
OpenSSL is a software library for applications that provide secure communications over computer networks against eavesdropping, and identify the party at the other end. It is widely used by Internet servers, including the majority of HTTPS websites. OpenSSL contains an open-source implementation of the SSL and TLS protocols. The core library, written in the C programming language, implements basic cryptographic functions and provides various utility functions. Wrappers allowing the use of the OpenSSL library in a variety of computer languages are available. The OpenSSL Software Foundation (OSF) represents the OpenSSL project in most legal capacities including contributor license agreements, managing donations, and so on. OpenSSL Software Services (OSS) also represents the OpenSSL project for support contracts. OpenSSL is available for most Unix-like operating systems (including Linux, macOS, and BSD), Microsoft Windows and OpenVMS. Project history The OpenSSL project wa ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
GitHub
GitHub () is a Proprietary software, proprietary developer platform that allows developers to create, store, manage, and share their code. It uses Git to provide distributed version control and GitHub itself provides access control, bug tracking system, bug tracking, software feature requests, task management, continuous integration, and wikis for every project. Headquartered in California, GitHub, Inc. has been a subsidiary of Microsoft since 2018. It is commonly used to host open source software development projects. GitHub reported having over 100 million developers and more than 420 million Repository (version control), repositories, including at least 28 million public repositories. It is the world's largest source code host Over five billion developer contributions were made to more than 500 million open source projects in 2024. About Founding The development of the GitHub platform began on October 19, 2005. The site was launched in April 2008 by Tom ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Smooth Number
In number theory, an ''n''-smooth (or ''n''-friable) number is an integer whose prime factors are all less than or equal to ''n''. For example, a 7-smooth number is a number in which every prime factor is at most 7. Therefore, 49 = 72 and 15750 = 2 × 32 × 53 × 7 are both 7-smooth, while 11 and 702 = 2 × 33 × 13 are not 7-smooth. The term seems to have been coined by Leonard Adleman. Smooth numbers are especially important in cryptography, which relies on factorization of integers. 2-smooth numbers are simply the Power of two, powers of 2, while 5-smooth numbers are also known as regular numbers. Definition A negative and positive numbers, positive integer is called B-smooth if none of its prime factors are greater than B. For example, 1,620 has prime factorization 22 × 34 × 5; therefore 1,620 is 5-smooth because none of its prime factors are greater than 5. This definition includes numbers that lack some of the smaller prime factors; for example, both 10 and 12 are 5-smooth, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Pohlig–Hellman Algorithm
In group theory, the Pohlig–Hellman algorithm, sometimes credited as the Silver–Pohlig–Hellman algorithm,#Mollin06, Mollin 2006, pg. 344 is a special-purpose algorithm for computing discrete logarithms in a finite abelian group whose order is a smooth integer. The algorithm was introduced by Roland Silver, but first published by Stephen Pohlig and Martin Hellman, who credit Silver with its earlier independent but unpublished discovery. Pohlig and Hellman also list Richard Schroeppel and H. Block as having found the same algorithm, later than Silver, but again without publishing it. Groups of prime-power order As an important special case, which is used as a subroutine in the general algorithm (see below), the Pohlig–Hellman algorithm applies to Group (mathematics), groups whose order is a prime power. The basic idea of this algorithm is to iteratively compute the p-adic digits of the logarithm by repeatedly "shifting out" all but one unknown digit in the exponent, and co ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
65537
65537 is the integer after 65536 and before 65538. In mathematics 65537 is the largest known prime number of the form 2^ +1 (n = 4), and is most likely the last one. Therefore, a regular polygon with 65537 sides is constructible with compass and unmarked straightedge. Johann Gustav Hermes gave the first explicit construction of this polygon. In number theory, primes of this form are known as Fermat primes, named after the mathematician Pierre de Fermat. The only known prime Fermat numbers are 2^ + 1 = 2^ + 1 = 3, 2^ + 1= 2^ +1 = 5, 2^ + 1 = 2^ +1 = 17, 2^ + 1= 2^ + 1= 257, 2^ + 1 = 2^ + 1 = 65537. In 1732, Leonhard Euler found that the next Fermat number is composite: 2^ + 1 = 2^ + 1 = 4294967297 = 641 \times 6700417 In 1880, showed that 2^ + 1 = 2^ + 1 = 274177 \times 67280421310721 65537 is also the 17th Jacobsthal–Lucas number, and currently the largest known integer ''n'' for which the number 10^ + 27 is a probable prime. Applications 65537 is commonly used ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Discrete Logarithm
In mathematics, for given real numbers a and b, the logarithm \log_b(a) is a number x such that b^x=a. Analogously, in any group G, powers b^k can be defined for all integers k, and the discrete logarithm \log_b(a) is an integer k such that b^k=a. In arithmetic modulo an integer m, the more commonly used term is index: One can write k=\mathbb_b a \pmod (read "the index of a to the base b modulo m") for b^k \equiv a \pmod if b is a primitive root of m and \gcd(a,m)=1. Discrete logarithms are quickly computable in a few special cases. However, no efficient method is known for computing them in general. In cryptography, the computational complexity of the discrete logarithm problem, along with its application, was first proposed in the Diffie–Hellman problem. Several important algorithms in public-key cryptography, such as ElGamal, base their security on the hardness assumption that the discrete logarithm problem (DLP) over carefully chosen groups has no efficient solution. ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
