|
Signcryption
In cryptography, signcryption is a public-key primitive that simultaneously performs the functions of both digital signature and encryption. Encryption and digital signature are two fundamental cryptographic tools that can guarantee the confidentiality, integrity, and non-repudiation. Until 1997, they were viewed as important but distinct building blocks of various cryptographic systems. In public key schemes, a traditional method is to digitally sign a message then followed by an encryption (signature-then-encryption) that can have two problems: Low efficiency and high cost of such summation, and the case that any arbitrary scheme cannot guarantee security. Signcryption is a relatively new cryptographic technique that is supposed to perform the functions of digital signature and encryption in a single logical step and can effectively decrease the computational costs and communication overheads in comparison with the traditional signature-then-encryption schemes. Signcryption provid ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Authenticated Encryption
Authenticated Encryption (AE) and Authenticated Encryption with Associated Data (AEAD) are forms of encryption which simultaneously assure the confidentiality and authenticity of data. Programming interface A typical application programming interface, programming interface for an AE implementation provides the following functions: * Encryption ** Input: ''plaintext'', ''key'', and optionally a ''header'' in plaintext that will not be encrypted, but will be covered by authenticity protection. ** Output: ''ciphertext'' and ''authentication tag'' (message authentication code or MAC). * Decryption ** Input: ''ciphertext'', ''key'', ''authentication tag'', and optionally a ''header'' (if used during the encryption). ** Output: ''plaintext'', or an error if the ''authentication tag'' does not match the supplied ''ciphertext'' or ''header''. The ''header'' part is intended to provide authenticity and integrity protection for networking or storage metadata for which confidentiality is ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Yuliang Zheng
Yuliang Zheng is the Chair of the Department of Computer and Information Sciences at the University of Alabama at Birmingham. He is best known for inventing the Signcryption cryptographic primitive that combines the digital signature and encryption operations into one single step. He also invented the HAVAL Haval may refer to * Haval (marque), a Chinese automobile marque owned by Great Wall Motors * Haval (rapper), Swedish rapper * HAVAL, a cryptographic hash function See also * Havel (other) The Havel is a river in Germany. Havel or Havel ... hash function, SPEED cipher, and STRANDOM pseudo-random number generator. Zheng serves as Chief Technology Officer of Calyptix Security Corporation, a company he co-founded in 2002. External linksHomepage of Yuliang Zheng Yokohama National University alumni Monash University alumni University of North Carolina at Charlotte faculty Living people Year of birth missing (living people) Modern cryptographers Chinese cryptog ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Authentication
Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicating a person or thing's identity, authentication is the process of verifying that identity. It might involve validating personal identity documents, verifying the authenticity of a website with a digital certificate, determining the age of an artifact by carbon dating, or ensuring that a product or document is not counterfeit. Methods Authentication is relevant to multiple fields. In art, antiques, and anthropology, a common problem is verifying that a given artifact was produced by a certain person or in a certain place or period of history. In computer science, verifying a user's identity is often required to allow access to confidential data or systems. Authentication can be considered to be of three types: The first type of au ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
M-commerce
The term mobile commerce was originally coined in 1997 by Kevin Duffey at the launch of the Global Mobile Commerce Forum, to mean "the delivery of electronic commerce capabilities directly into the consumer’s hand, anywhere, via wireless technology." Many choose to think of Mobile Commerce as meaning "a retail outlet in your customer’s pocket." Mobile commerce is worth US$800 billion, with Asia representing almost half of the market. History The Global Mobile Commerce Forum, which came to include over 100 organisations, had its fully minuted launch in London on 10 November 1997. Kevin Duffey was elected as the Executive Chairman at the first meeting in November 1997. The meeting was opened by Dr. Mike Short, former chairman of the GSM Association, with the very first forecasts for mobile commerce from Kevin Duffey (Group Telecoms Director of Logica) and Tom Alexander (later CEO of Virgin Mobile and then of Orange). Over 100 companies joined the Forum within a year, many f ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
E-commerce
E-commerce (electronic commerce) is the activity of electronically buying or selling of products on online services or over the Internet. E-commerce draws on technologies such as mobile commerce, electronic funds transfer, supply chain management, Internet marketing, online transaction processing, electronic data interchange (EDI), inventory management systems, and automated data collection systems. E-commerce is in turn driven by the technological advances of the semiconductor industry, and is the largest sector of the electronics industry. Defining e-commerce The term was coined and first employed by Dr. Robert Jacobson, Principal Consultant to the California State Assembly's Utilities & Commerce Committee, in the title and text of California's Electronic Commerce Act, carried by the late Committee Chairwoman Gwen Moore (D-L.A.) and enacted in 1984. E-commerce typically uses the web for at least a part of a transaction's life cycle although it may also use other techno ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Email
Electronic mail (email or e-mail) is a method of exchanging messages ("mail") between people using electronic devices. Email was thus conceived as the electronic ( digital) version of, or counterpart to, mail, at a time when "mail" meant only physical mail (hence '' e- + mail''). Email later became a ubiquitous (very widely used) communication medium, to the point that in current use, an email address is often treated as a basic and necessary part of many processes in business, commerce, government, education, entertainment, and other spheres of daily life in most countries. ''Email'' is the medium, and each message sent therewith is also called an ''email.'' The term is a mass noun. Email operates across computer networks, primarily the Internet, and also local area networks. Today's email systems are based on a store-and-forward model. Email servers accept, forward, deliver, and store messages. Neither the users nor their computers are required to be online simult ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Forward Secrecy
In cryptography, forward secrecy (FS), also known as perfect forward secrecy (PFS), is a feature of specific key agreement protocols that gives assurances that session keys will not be compromised even if long-term secrets used in the session key exchange are compromised. For HTTPS, the long-term secret is typically the private key of the server. Forward secrecy protects past sessions against future compromises of keys or passwords. By generating a unique session key for every session a user initiates, the compromise of a single session key will not affect any data other than that exchanged in the specific session protected by that particular key. This by itself is not sufficient for forward secrecy which additionally requires that a long-term secret compromise does not affect the security of past session keys. Forward secrecy protects data on the transport layer of a network that uses common Transport Layer Security protocols, including OpenSSL, when its long-term secret keys are ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Elliptic Curve
In mathematics, an elliptic curve is a smooth, projective, algebraic curve of genus one, on which there is a specified point . An elliptic curve is defined over a field and describes points in , the Cartesian product of with itself. If the field's characteristic is different from 2 and 3, then the curve can be described as a plane algebraic curve which consists of solutions for: :y^2 = x^3 + ax + b for some coefficients and in . The curve is required to be non-singular, which means that the curve has no cusps or self-intersections. (This is equivalent to the condition , that is, being square-free in .) It is always understood that the curve is really sitting in the projective plane, with the point being the unique point at infinity. Many sources define an elliptic curve to be simply a curve given by an equation of this form. (When the coefficient field has characteristic 2 or 3, the above equation is not quite general enough to include all non-singular cubic cu ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Cryptography
Cryptography, or cryptology (from grc, , translit=kryptós "hidden, secret"; and ''graphein'', "to write", or ''-logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of adversarial behavior. More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, information security, electrical engineering, digital signal processing, physics, and others. Core concepts related to information security ( data confidentiality, data integrity, authentication, and non-repudiation) are also central to cryptography. Practical applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications. Cryptography prior to the modern age was effectively synonymo ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Digital Signature
A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. A valid digital signature, where the prerequisites are satisfied, gives a recipient very high confidence that the message was created by a known sender (authenticity), and that the message was not altered in transit (integrity). Digital signatures are a standard element of most cryptographic protocol suites, and are commonly used for software distribution, financial transactions, contract management software, and in other cases where it is important to detect forgery or tampering. Digital signatures are often used to implement electronic signatures, which includes any electronic data that carries the intent of a signature, but not all electronic signatures use digital signatures. [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Chosen Plaintext Attack
A chosen-plaintext attack (CPA) is an attack model for cryptanalysis which presumes that the attacker can obtain the ciphertexts for arbitrary plaintexts.Ross Anderson, ''Security Engineering: A Guide to Building Dependable Distributed Systems''. The first edition (2001): http://www.cl.cam.ac.uk/~rja14/book.html The goal of the attack is to gain information that reduces the security of the encryption scheme. Modern ciphers aim to provide semantic security, also known as ''ciphertext indistinguishability under chosen-plaintext attack'', and they are therefore, by design, generally immune to chosen-plaintext attacks if correctly implemented. Introduction In a chosen-plaintext attack the adversary can (possibly adaptively) ask for the ciphertexts of arbitrary plaintext messages. This is formalized by allowing the adversary to interact with an encryption oracle, viewed as a black box. The attacker’s goal is to reveal all or a part of the secret encryption key. It may seem infea ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Hybrid Encryption
In cryptography, a hybrid cryptosystem is one which combines the convenience of a public-key cryptosystem with the efficiency of a symmetric-key cryptosystem. Public-key cryptosystems are convenient in that they do not require the sender and receiver to share a common secret in order to communicate securely. However, they often rely on complicated mathematical computations and are thus generally much more inefficient than comparable symmetric-key cryptosystems. In many applications, the high cost of encrypting long messages in a public-key cryptosystem can be prohibitive. This is addressed by hybrid systems by using a combination of both. A hybrid cryptosystem can be constructed using any two separate cryptosystems: * a key encapsulation mechanism, which is a public-key cryptosystem, and * a data encapsulation scheme, which is a symmetric-key cryptosystem. The hybrid cryptosystem is itself a public-key system, whose public and private keys are the same as in the key encapsulation ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
