|
Very Smooth Hash
In cryptography, Very Smooth Hash (VSH) is a secure cryptographic hash function invented in 2005 by Scott Contini, Arjen Lenstra, and Ron Steinfeld. Provably secure means that finding collisions is as difficult as some known hard mathematical problem. Unlike other secure collision-resistant hashes, VSH is efficient and usable in practice. Asymptotically, it only requires a single multiplication per message-bits and uses RSA-type arithmetic. Therefore, VSH can be useful in embedded environments where code space is limited. Two major variants of VSH were proposed. For one, finding a collision is as difficult as finding a nontrivial modular square root of a very smooth number modulo . The other one uses a prime modulus (with no trapdoor), and its security proof relies on the hardness of finding discrete logarithms of very smooth numbers modulo . Both versions have similar efficiency. VSH is not suitable as a substitute for a random oracle, but can be used to build ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Scott Contini
Scott may refer to: Places Canada * Scott, Quebec, municipality in the Nouvelle-Beauce regional municipality in Quebec * Scott, Saskatchewan, a town in the Rural Municipality of Tramping Lake No. 380 * Rural Municipality of Scott No. 98, Saskatchewan United States * Scott, Arkansas * Scott, Georgia * Scott, Indiana * Scott, Louisiana * Scott, Missouri * Scott, New York * Scott, Ohio * Scott, Wisconsin (other) (several places) * Fort Scott, Kansas * Great Scott Township, St. Louis County, Minnesota * Scott Air Force Base, Illinois * Scott City, Kansas * Scott City, Missouri * Scott County (other) (various states) * Scott Mountain (other) (several places) * Scott River, in California * Scott Township (other) (several places) Elsewhere * 876 Scott, minor planet orbiting the Sun * Scott (crater), a lunar impact crater near the south pole of the Moon *Scott Conservation Park, a protected area in South Australia Lists * Scott Point (dis ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Quadratic Residue
In number theory, an integer ''q'' is a quadratic residue modulo operation, modulo ''n'' if it is Congruence relation, congruent to a Square number, perfect square modulo ''n''; that is, if there exists an integer ''x'' such that :x^2\equiv q \pmod. Otherwise, ''q'' is a quadratic nonresidue modulo ''n''. Quadratic residues are used in applications ranging from acoustical engineering to cryptography and the Integer factorization, factoring of large numbers. History, conventions, and elementary facts Fermat, Euler, Joseph Louis Lagrange, Lagrange, Adrien-Marie Legendre, Legendre, and other number theorists of the 17th and 18th centuries established theorems and formed conjectures about quadratic residues, but the first systematic treatment is § IV of Gauss's ''Disquisitiones Arithmeticae'' (1801). Article 95 introduces the terminology "quadratic residue" and "quadratic nonresidue", and says that if the context makes it clear, the adjective "quadratic" may be dropped. For a giv ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Pseudorandomness
A pseudorandom sequence of numbers is one that appears to be statistically random, despite having been produced by a completely deterministic and repeatable process. Pseudorandom number generators are often used in computer programming, as traditional sources of randomness available to humans (such as rolling dice) rely on physical processes not readily available to computer programs, although developments in hardware random number generator technology have challenged this. Background The generation of random numbers has many uses, such as for random sampling, Monte Carlo methods, board games, or gambling. In physics, however, most processes, such as gravitational acceleration, are deterministic, meaning that they always produce the same outcome from the same starting point. Some notable exceptions are radioactive decay and quantum measurement, which are both modeled as being truly random processes in the underlying physics. Since these processes are not practical sources of r ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Security Engineering
Security engineering is the process of incorporating security controls into an information system so that the controls become an integral part of the system's operational capabilities. It is similar to other systems engineering activities in that its primary motivation is to support the delivery of engineering solutions that satisfy pre-defined functional and user requirements, but it has the added dimension of preventing misuse and malicious behavior. Those constraints and restrictions are often asserted as a security policy. In one form or another, security engineering has existed as an informal field of study for several centuries. For example, the fields of locksmithing and security printing have been around for many years. The concerns for modern security engineering and computer systems were first solidified in a RAND paper from 1967, "Security and Privacy in Computer Systems" by Willis H. Ware. This paper, later expanded in 1979, provided many of the fundamental information ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Message Authentication Code
In cryptography, a message authentication code (MAC), sometimes known as an authentication tag, is a short piece of information used for authentication, authenticating and Data integrity, integrity-checking a message. In other words, it is used to confirm that the message came from the stated sender (its authenticity) and has not been changed (its integrity). The MAC value allows verifiers (who also possess a secret key) to detect any changes to the message content. Terminology The term message integrity code (MIC) is frequently substituted for the term ''MAC'', especially in communications to distinguish it from the use of the latter as ''media access control address'' (''MAC address''). However, some authors use MIC to refer to a message digest, which aims only to uniquely but opaquely identify a single message. RFC 4949 recommends avoiding the term ''message integrity code'' (MIC), and instead using ''checksum'', ''error detection code'', ''hash function, hash'', ''keyed hash'' ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
RSA (algorithm)
The RSA (Rivest–Shamir–Adleman) cryptosystem is a public-key cryptosystem, one of the oldest widely used for secure data transmission. The initialism "RSA" comes from the surnames of Ron Rivest, Adi Shamir and Leonard Adleman, who publicly described the algorithm in 1977. An equivalent system was developed secretly in 1973 at Government Communications Headquarters (GCHQ), the British signals intelligence agency, by the English mathematician Clifford Cocks. That system was declassified in 1997. In a public-key cryptosystem, the encryption key is public and distinct from the decryption key, which is kept secret (private). An RSA user creates and publishes a public key based on two large prime numbers, along with an auxiliary value. The prime numbers are kept secret. Messages can be encrypted by anyone via the public key, but can only be decrypted by someone who knows the private key. The security of RSA relies on the practical difficulty of factoring the product of two ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Collision Resistance
In cryptography, collision resistance is a property of cryptographic hash functions: a hash function ''H'' is collision-resistant if it is hard to find two inputs that hash to the same output; that is, two inputs ''a'' and ''b'' where ''a'' ≠ ''b'' but ''H''(''a'') = ''H''(''b''). Goldwasser, S. and Bellare, M.br>"Lecture Notes on Cryptography". Summer course on cryptography, MIT, 1996-2001 The pigeonhole principle means that any hash function with more inputs than outputs will necessarily have such collisions; the harder they are to find, the more cryptographically secure the hash function is. The "birthday paradox" places an upper bound on collision resistance: if a hash function produces ''N'' bits of output, an attacker who computes only 2''N''/2 (or \scriptstyle \sqrt) hash operations on random input is likely to find two matching outputs. If there is an easier method to do this than brute-force attack, it is typically considered a flaw in the hash function.Pass, R"Lectur ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Discrete Logarithm
In mathematics, for given real numbers a and b, the logarithm \log_b(a) is a number x such that b^x=a. Analogously, in any group G, powers b^k can be defined for all integers k, and the discrete logarithm \log_b(a) is an integer k such that b^k=a. In arithmetic modulo an integer m, the more commonly used term is index: One can write k=\mathbb_b a \pmod (read "the index of a to the base b modulo m") for b^k \equiv a \pmod if b is a primitive root of m and \gcd(a,m)=1. Discrete logarithms are quickly computable in a few special cases. However, no efficient method is known for computing them in general. In cryptography, the computational complexity of the discrete logarithm problem, along with its application, was first proposed in the Diffie–Hellman problem. Several important algorithms in public-key cryptography, such as ElGamal, base their security on the hardness assumption that the discrete logarithm problem (DLP) over carefully chosen groups has no efficient solution. ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Ciphertext Indistinguishability
Ciphertext indistinguishability is a property of many encryption schemes. Intuitively, if a cryptosystem possesses the property of indistinguishability, then an adversary will be unable to distinguish pairs of ciphertexts based on the message they encrypt. The property of indistinguishability under chosen plaintext attack is considered a basic requirement for most provably secure public key cryptosystems, though some schemes also provide indistinguishability under chosen ciphertext attack and adaptive chosen ciphertext attack. Indistinguishability under chosen plaintext attack is equivalent to the property of semantic security, and many cryptographic proofs use these definitions interchangeably. A cryptosystem is considered ''secure in terms of indistinguishability'' if no adversary, given an encryption of a message randomly chosen from a two-element message space determined by the adversary, can identify the message choice with probability significantly better than that of rand ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Collision-resistant
In cryptography, collision resistance is a property of cryptographic hash functions: a hash function ''H'' is collision-resistant if it is hard to find two inputs that hash to the same output; that is, two inputs ''a'' and ''b'' where ''a'' ≠ ''b'' but ''H''(''a'') = ''H''(''b''). Goldwasser, S. and Bellare, M.br>"Lecture Notes on Cryptography". Summer course on cryptography, MIT, 1996-2001 The pigeonhole principle means that any hash function with more inputs than outputs will necessarily have such collisions; the harder they are to find, the more cryptographically secure the hash function is. The "birthday paradox" places an upper bound on collision resistance: if a hash function produces ''N'' bits of output, an attacker who computes only 2''N''/2 (or \scriptstyle \sqrt) hash operations on random input is likely to find two matching outputs. If there is an easier method to do this than brute-force attack, it is typically considered a flaw in the hash function.Pass, R"Lecture ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Negligible Function
In mathematics, a negligible function is a function \mu:\mathbb\to\mathbb such that for every positive integer ''c'' there exists an integer ''N''''c'' such that for all ''x'' > ''N''''c'', :, \mu(x), 0 such that for all ''x'' > ''N''poly : , \mu(x), 0, there exists a positive number \delta>0 such that , x-x_0, N_\varepsilon ::, \mu(x), 0 by the functions 1/x^c where c>0 or by 1/\operatorname(x) where \operatorname(x) is a positive polynomial. This leads to the definitions of negligible functions given at the top of this article. Since the constants \varepsilon>0 can be expressed as 1/\operatorname(x) with a constant polynomial, this shows that infinitesimal functions are a superset of negligible functions. Use in cryptography In complexity-based modern cryptography, a security scheme is ''provably secure'' if the probability of security failure (e.g., inverting a one-way function, distinguishing cryptographically strong pseudorandom bits from truly ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
PP (complexity)
In complexity theory, PP, or PPT is the class of decision problems solvable by a probabilistic Turing machine in polynomial time, with an error probability of less than 1/2 for all instances. The abbreviation PP refers to probabilistic polynomial time. The complexity class was defined by Gill in 1977. If a decision problem is in PP, then there is an algorithm running in polynomial time that is allowed to make random decisions, such that it returns the correct answer with chance higher than 1/2. In more practical terms, it is the class of problems that can be solved to any fixed degree of accuracy by running a randomized, polynomial-time algorithm a sufficient (but bounded) number of times. Turing machines that are polynomially-bound and probabilistic are characterized as PPT, which stands for probabilistic polynomial-time machines. This characterization of Turing machines does not require a bounded error probability. Hence, PP is the complexity class containing all problems s ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
