|
Adaptive Chosen Ciphertext Attack
An adaptive chosen-ciphertext attack (abbreviated as CCA2) is an interactive form of chosen-ciphertext attack in which an attacker first sends a number of ciphertexts to be decrypted chosen adaptively, and then uses the results to distinguish a target ciphertext without consulting the oracle on the challenge ciphertext. In an adaptive attack, the attacker is further allowed adaptive queries to be asked after the target is revealed (but the target query is disallowed). It is extending the chosen-ciphertext attack, indifferent (non-adaptive) chosen-ciphertext attack (CCA1) where the second stage of adaptive queries is not allowed. Charles Rackoff and Dan Simon defined CCA2 and suggested a system building on the non-adaptive CCA1 definition and system of Moni Naor and Moti Yung (which was the first treatment of chosen ciphertext attack immunity of public key systems). In certain practical settings, the goal of this attack is to gradually reveal information about an encrypted message ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Chosen-ciphertext Attack
A chosen-ciphertext attack (CCA) is an attack model for cryptanalysis where the cryptanalyst can gather information by obtaining the decryptions of chosen ciphertexts. From these pieces of information the adversary can attempt to recover the hidden secret key used for decryption. For formal definitions of security against chosen-ciphertext attacks, see for example: Michael Luby and Mihir Bellare et al. Introduction A number of otherwise secure schemes can be defeated under chosen-ciphertext attack. For example, the El Gamal cryptosystem is semantic security, semantically secure under chosen-plaintext attack, but this semantic security can be trivially defeated under a chosen-ciphertext attack. Early versions of RSA (algorithm), RSA padding used in the Secure Sockets Layer, SSL protocol were vulnerable to a sophisticated adaptive chosen-ciphertext attack which revealed SSL session keys. Chosen-ciphertext attacks have implications for some self-synchronizing stream ciphers as wel ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Ciphertext
In cryptography, ciphertext or cyphertext is the result of encryption performed on plaintext using an algorithm, called a cipher. Ciphertext is also known as encrypted or encoded information because it contains a form of the original plaintext that is unreadable by a human or computer without the proper cipher to decrypt it. This process prevents the loss of sensitive information via hacking. Decryption, the inverse of encryption, is the process of turning ciphertext into readable plaintext. Ciphertext is not to be confused with codetext because the latter is a result of a code, not a cipher. Conceptual underpinnings Let m\! be the plaintext message that Alice wants to secretly transmit to Bob and let E_k\! be the encryption cipher, where _k\! is a cryptographic key. Alice must first transform the plaintext into ciphertext, c\!, in order to securely send the message to Bob, as follows: : c = E_k(m). \! In a symmetric-key system, Bob knows Alice's encryption key. Once the m ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Charles Rackoff
Charles Weill Rackoff is an American cryptologist. Born and raised in New York City, he attended MIT as both an undergraduate and graduate student, and earned a Ph.D. degree in Computer Science in 1974. He spent a year as a postdoctoral scholar at INRIA in France. Rackoff currently works at the University of Toronto. His research interests are in computational complexity theory. For some time now he has been specializing in cryptography and security protocols. In 1988, he collaborated with Michael Luby in a widely cited analysis of the Feistel cipher construction (one important result shown there is the construction of a strongly pseudo random permutation generator from a pseudo random function generator). Rackoff was awarded the 1993 Gödel Prize for his work on interactive proof systems and for being one of the co-inventors of zero-knowledge proofs. In 2011 he won the RSA Award for Excellence in Mathematics for his various contributions to cryptography. Rackoff's controversial ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Moni Naor
Moni Naor ( he, מוני נאור) is an Israeli Israeli may refer to: * Something of, from, or related to the State of Israel * Israelis, citizens or permanent residents of the State of Israel * Modern Hebrew, a language * ''Israeli'' (newspaper), published from 2006 to 2008 * Guni Israeli ... computer scientist, currently a professor at the Weizmann Institute of Science. Naor received his Ph.D. in 1989 at the University of California, Berkeley. His advisor was Manuel Blum. He works in various fields of computer science, mainly the foundations of cryptography. He is notable for initiating research on public key systems secure against chosen ciphertext attack and creating Malleability (cryptography), non-malleable cryptography, visual cryptography (with Adi Shamir), and suggesting various methods for verifying that users of a computer system are human (leading to the notion of CAPTCHA). His research on Small-bias sample space, give a general framework for combining small k- ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Moti Yung
Mordechai M. "Moti" Yung is a cryptographer and computer scientist known for his work on cryptovirology and kleptography. Career Yung earned his PhD from Columbia University in 1988 under the supervision of Zvi Galil. In the past, he worked at the IBM Thomas J. Watson Research Center, CertCo, RSA Laboratories, and Google. In 2016, Yung moved from Google to Snap Inc. Yung is currently a research scientist at Google. Yung is an adjunct senior research faculty member at Columbia University, and has co-advised PhD students including Gödel Prize winner Matthew K. Franklin, Jonathan Katz, and Aggelos Kiayias. Research Yung research covers primarily the area of cryptography and its applications to information security and data privacy. He has worked on defining and implementing malicious (offensive) cryptography: cryptovirology and kleptography, and on various other foundational and applied fields of cryptographic research, including: user and entity electronic authentication, infor ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Public-key Cryptography
Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic algorithms based on mathematical problems termed one-way functions. Security of public-key cryptography depends on keeping the private key secret; the public key can be openly distributed without compromising security. In a public-key encryption system, anyone with a public key can encrypt a message, yielding a ciphertext, but only those who know the corresponding private key can decrypt the ciphertext to obtain the original message. For example, a journalist can publish the public key of an encryption key pair on a web site so that sources can send secret messages to the news organization in ciphertext. Only the journalist who knows the corresponding private key can decrypt the ciphertexts to obtain the sources' messages—an eavesdropp ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Malleability (cryptography)
Malleability is a property of some cryptographic algorithms. An encryption algorithm is "malleable" if it is possible to transform a ciphertext into another ciphertext which decrypts to a related plaintext. That is, given an encryption of a plaintext m, it is possible to generate another ciphertext which decrypts to f(m), for a known function f, without necessarily knowing or learning m. Malleability is often an undesirable property in a general-purpose cryptosystem, since it allows an attacker to modify the contents of a message. For example, suppose that a bank uses a stream cipher to hide its financial information, and a user sends an encrypted message containing, say, "." If an attacker can modify the message on the wire, and can guess the format of the unencrypted message, the attacker could change the amount of the transaction, or the recipient of the funds, e.g. "". Malleability does not refer to the attacker's ability to read the encrypted message. Both before and after ta ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Daniel Bleichenbacher
Daniel Bleichenbacher (born 1964) is a Swiss cryptographer, previously a researcher at Bell Labs, and currently employed at Google. He received his Ph.D. from ETH Zurich in 1996 for contributions to computational number theory, particularly concerning message verification in the ElGamal and RSA public-key cryptosystems. His doctoral advisor was Ueli Maurer. RSA Attacks Bleichenbacher is particularly notable for devising attacks against the RSA public-key cryptosystem, namely when used with the PKCS#1 v1 standard published by RSA Laboratories. These attacks were able to break both RSA encryption and signatures produced using the PKCS #1 standard. BB'98 attack: chosen ciphertext attack against the RSA PKCS#1 encryption standard In 1998, Daniel Bleichenbacher demonstrated a practical attack against systems using RSA encryption in concert with the PKCS #1 encoding function, including a version of the Secure Sockets Layer (SSL) protocol used by thousands of web servers at t ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Bell Laboratories
Nokia Bell Labs, originally named Bell Telephone Laboratories (1925–1984), then AT&T Bell Laboratories (1984–1996) and Bell Labs Innovations (1996–2007), is an American industrial research and scientific development company owned by multinational company Nokia. With headquarters located in Murray Hill, New Jersey, the company operates several laboratories in the United States and around the world. Researchers working at Bell Laboratories are credited with the development of radio astronomy, the transistor, the laser, the photovoltaic cell, the charge-coupled device (CCD), information theory, the Unix operating system, and the programming languages B, C, C++, S, SNOBOL, AWK, AMPL, and others. Nine Nobel Prizes have been awarded for work completed at Bell Laboratories. Bell Labs had its origin in the complex corporate organization of the Bell System telephone conglomerate. In the late 19th century, the laboratory began as the Western Electric Engineering Department, l ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
PKCS 1
In cryptography, PKCS #1 is the first of a family of standards called Public-Key Cryptography Standards (PKCS), published by RSA Laboratories. It provides the basic definitions of and recommendations for implementing the RSA algorithm for public-key cryptography. It defines the mathematical properties of public and private keys, primitive operations for encryption and signatures, secure cryptographic schemes, and related ASN.1 syntax representations. The current version is 2.2 (2012-10-27). Compared to 2.1 (2002-06-14), which was republished as RFC 3447, version 2.2 updates the list of allowed hashing algorithms to align them with FIPS 180-4, therefore adding SHA-224, SHA-512/224 and SHA-512/256. Keys The PKCS #1 standard defines the mathematical definitions and properties that RSA public and private keys must have. The traditional key pair is based on a modulus, , that is the product of two distinct large prime numbers, and , such that n = pq. Starting with version 2.1, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Secure Sockets Layer
Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible. The TLS protocol aims primarily to provide security, including privacy (confidentiality), integrity, and authenticity through the use of cryptography, such as the use of certificates, between two or more communicating computer applications. It runs in the presentation layer and is itself composed of two layers: the TLS record and the TLS handshake protocols. The closely related Datagram Transport Layer Security (DTLS) is a communications protocol providing security to datagram-based applications. In technical writing you often you will see references to (D)TLS when it applies to both versions. TLS is a proposed Internet Engineering Task Force (IETF) standard, first defined in 1999, and the cu ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Web Server
A web server is computer software and underlying hardware that accepts requests via HTTP (the network protocol created to distribute web content) or its secure variant HTTPS. A user agent, commonly a web browser or web crawler, initiates communication by making a request for a web page or other resource using HTTP, and the server responds with the content of that resource or an error message. A web server can also accept and store resources sent from the user agent if configured to do so. The hardware used to run a web server can vary according to the volume of requests that it needs to handle. At the low end of the range are embedded systems, such as a router that runs a small web server as its configuration interface. A high-traffic Internet website might handle requests with hundreds of servers that run on racks of high-speed computers. A resource sent from a web server can be a preexisting file (static content) available to the web server, or it can be generated ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
