|
Xor–encrypt–xor
The xor–encrypt–xor (XEX) is a (tweakable) mode of operation of a block cipher. In tweaked-codebook mode with ciphertext stealing (XTS mode), it is one of the more popular modes of operation for whole-disk encryption. XEX is also a common form of key whitening, and part of some smart card proposals. History In 1984, to protect DES against exhaustive search attacks, Ron Rivest proposed DESX: XOR a pre- whitening key to the plaintext, encrypt the result with DES using a secret key, and then XOR a postwhitening key to the encrypted result to produce the final ciphertext.Orr Dunkelman, Nathan Keller, and Adi Shamir"Minimalism in Cryptography: The Even–Mansour Scheme Revisited" In 1991, motivated by Rivest's DESX construction, Even and Mansour proposed a much simpler scheme (the "two-key Even–Mansour scheme"), which they suggested was perhaps the simplest possible block cipher: XOR the plaintext with a prewhitening key, apply a publicly known unkeyed permutation (in prac ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
XTS Mode
Disk encryption is a special case of data at rest protection when the storage medium is a sector-addressable device (e.g., a hard disk). This article presents cryptographic aspects of the problem. For an overview, see disk encryption. For discussion of different software packages and hardware devices devoted to this problem, see disk encryption software and disk encryption hardware. Problem definition Disk encryption methods aim to provide three distinct properties: # The data on the disk should remain confidential. # Data retrieval and storage should both be fast operations, no matter where on the disk the data is stored. # The encryption method should not waste disk space (i.e., the amount of storage used for encrypted data should not be significantly larger than the size of plaintext). The first property requires defining an adversary from whom the data is being kept confidential. The strongest adversaries studied in the field of disk encryption have these abilities: # they can ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Disk Encryption Theory
Disk encryption is a special case of data at rest protection when the storage medium is a sector-addressable device (e.g., a hard disk). This article presents cryptographic aspects of the problem. For an overview, see disk encryption. For discussion of different software packages and hardware devices devoted to this problem, see disk encryption software and disk encryption hardware. Problem definition Disk encryption methods aim to provide three distinct properties: # The data on the disk should remain confidential. # Data retrieval and storage should both be fast operations, no matter where on the disk the data is stored. # The encryption method should not waste disk space (i.e., the amount of storage used for encrypted data should not be significantly larger than the size of plaintext). The first property requires defining an adversary from whom the data is being kept confidential. The strongest adversaries studied in the field of disk encryption have these abilities: # th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Key Whitening
In cryptography, key whitening is a technique intended to increase the security of an iterated block cipher. It consists of steps that combine the data with portions of the key. Details The most common form of key whitening is xor–encrypt–xor using a simple XOR before the first round and after the last round of encryption. The first block cipher to use a form of key whitening is DES-X, which simply uses two extra 64-bit keys for whitening, beyond the normal 56-bit key of DES. This is intended to increase the complexity of a brute-force attack, increasing the effective size of the key without major changes in the algorithm. DES-X's inventor, Ron Rivest, named the technique ''whitening''. The cipher FEAL (followed by Khufu and Khafre) introduced the practice of key whitening using portions of the same key used in the rest of the cipher. This offers no additional protection from brute-force attacks, but it can make other attacks more difficult. In a Feistel cipher or simil ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Ron Rivest
Ronald Linn Rivest (; born May 6, 1947) is an American cryptographer and computer scientist whose work has spanned the fields of algorithms and combinatorics, cryptography, machine learning, and election integrity. He is an Institute Professor at the Massachusetts Institute of Technology (MIT), and a member of MIT's Department of Electrical Engineering and Computer Science and its Computer Science and Artificial Intelligence Laboratory. Along with Adi Shamir and Len Adleman, Rivest is one of the inventors of the RSA algorithm. He is also the inventor of the symmetric key encryption algorithms RC2, RC4, and RC5, and co-inventor of RC6. (''RC'' stands for "Rivest Cipher".) He also devised the MD2, MD4, MD5 and MD6 cryptographic hash functions. Education Rivest earned a bachelor's degree in mathematics from Yale University in 1969, and a Ph.D. degree in computer science from Stanford University in 1974 for research supervised by Robert W. Floyd. Career At MIT, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Key Whitening
In cryptography, key whitening is a technique intended to increase the security of an iterated block cipher. It consists of steps that combine the data with portions of the key. Details The most common form of key whitening is xor–encrypt–xor using a simple XOR before the first round and after the last round of encryption. The first block cipher to use a form of key whitening is DES-X, which simply uses two extra 64-bit keys for whitening, beyond the normal 56-bit key of DES. This is intended to increase the complexity of a brute-force attack, increasing the effective size of the key without major changes in the algorithm. DES-X's inventor, Ron Rivest, named the technique ''whitening''. The cipher FEAL (followed by Khufu and Khafre) introduced the practice of key whitening using portions of the same key used in the rest of the cipher. This offers no additional protection from brute-force attacks, but it can make other attacks more difficult. In a Feistel cipher or simil ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Xor Encrypt Xor
Exclusive or, exclusive disjunction, exclusive alternation, logical non-equivalence, or logical inequality is a logical operator whose negation is the logical biconditional. With two inputs, XOR is true if and only if the inputs differ (one is true, one is false). With multiple inputs, XOR is true if and only if the number of true inputs is odd. It gains the name "exclusive or" because the meaning of "or" is ambiguous when both operands are true. XOR ''excludes'' that case. Some informal ways of describing XOR are "one or the other but not both", "either one or the other", and "A or B, but not A and B". It is symbolized by the prefix operator J Translated as and by the infix operators XOR (, , or ), EOR, EXOR, \dot, \overline, \underline, , \oplus, \nleftrightarrow, and \not\equiv. Definition The truth table of A\nleftrightarrow B shows that it outputs true whenever the inputs differ: Equivalences, elimination, and introduction Exclusive disjunction essentially me ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
BestCrypt
BestCrypt, developed bJetico is a commercial disk encryption app available for Windows, Linux, macOS and Android. BestCrypt comes in two editions: BestCrypt Volume Encryption to encrypt entire disk volumes; BestCrypt Container Encryption to encrypt virtual disks stored as computer files. BestCrypt also provides the complimentary data erasure utility BCWipe. Cryptographic Algorithms BestCrypt supports a wide variety of block cipher algorithms including AES, Serpent, Blowfish, Twofish, DES, Triple DES, GOST 28147-89. All ciphers support CBC and LRW modes of operation while AES, Twofish and Serpent also support XTS mode. Features * Create and mount a virtual drive encrypted using AES, Blowfish, Twofish, CAST-128 and various other encryption methods. BestCrypt v.8 and higher can alternatively mount a subfolder on a NTFS disk instead of a drive. Encrypted virtual disk images are compatible across Windows, Linux and Mac OS X. * Encrypt a set of files into a single, se ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
FileVault
FileVault is a disk encryption program in Mac OS X 10.3 Panther (2003) and later. It performs on-the-fly encryption with volumes on Mac computers. Versions and key features FileVault was introduced with Mac OS X 10.3 Panther, and could only be applied to a user's home directory, not the startup volume. The operating system uses an encrypted sparse disk image (a large single file) to present a volume for the home directory. Mac OS X 10.5 Leopard and Mac OS X 10.6 Snow Leopard use more modern sparse bundle disk images which spread the data over 8 MB files (called ''bands'') within a bundle. Apple refers to this original iteration of FileVault as "legacy FileVault". OS X 10.7 Lion and newer versions offer FileVault 2, which is a significant redesign. This encrypts the entire OS X startup volume and typically includes the home directory, abandoning the disk image approach. For this approach to disk encryption, authorised users' information is loaded from a separate non-e ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Geli (software)
geli is a block device-layer disk encryption system written for FreeBSD, introduced in version 6.0. It uses the GEOM disk framework. It was designed and implemented by Paweł Jakub Dawidek. Design details geli was initially written to protect data on a user's computer in situations of physical theft of hardware, disallowing the thief access to the protected data. This has changed over time with the introduction of optional data authentication/integrity verification. geli allows the key to consist of several information components (a user entered passphrase, random bits from a file, etc.), permits up to 2 keys (a user key and a company key, for example), and can attach a provider with a random, one-time key. The user passphrase is strengthened with PKCS#5. Differences from GBDE The geli utility is different from gbde in that it offers different features and uses a different scheme for doing cryptographic work. It supports the crypto framework within FreeBSD, allowing hardwar ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
TrueCrypt
TrueCrypt is a discontinued source-available freeware utility software, utility used for on-the-fly encryption (OTFE). It can create a virtual encrypted disk within a file, encrypt a Disk partitioning, partition, or encrypt the whole Data storage device, storage device (pre-boot authentication). On 28 May 2014, the TrueCrypt website announced that the project #End of life announcement, was no longer maintained and recommended users find alternative solutions. Though development of TrueCrypt has ceased, an independent audit of TrueCrypt published in March 2015 concluded that no significant flaws were present. Two projects forked from TrueCrypt: VeraCrypt (active) and CipherShed (abandoned). History TrueCrypt was initially released as version 1.0 in February 2004, based on E4M (Encryption for the Masses). Several versions and many additional minor releases have been made since then, with the most current version being 7.1a. E4M and SecurStar dispute Original release of True ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
