AES (Advanced Encryption Standard) is a symmetric cipher defined in Federal Information Processing (FIPS) Standard Number 197 in 2001 as the federal government approved encryption algorithm. The NSA has approved 128-bit AES for use up to SECRET level and 192-bit AES for use up to TOP SECRET level. AES is based upon the Rijndael algorithm, which was invented by Joan Daemen and Vincent Rijmen. AES specifies three approved key lengths: 128-bits, 192-bits and 256-bits. Nicolas Courtois maintains an excellent web page on the current state of attacks on AES. Read More
Cryptography
Cryptography is the study and practice of encoding data using transformation techniques so that it can only be decoded by specific users. In simpler words, it is a theory of secret writing. Practitioners of cryptography are known as cryptographers. Cryptography is the technique of using mathematics, computer science and engineering to encrypt and decrypt information. It facilitates a user to store vital information or send it across insecure networks (like the Internet) so that it cannot be interpreted by any user except the intentional receiver. While cryptography is the technique Read More
Digital Signature
A digital signature is a mathematical technique that is used to validate the authenticity of a message, webpage, or other document. Digital signatures can be used to give the reader reason to believe that the message or document was sent from the party the file claims it was sent from and that the document was not altered or intercepted during transit. Digital signatures range in structure and use and may be held to varying legal responsibilities, depending on the country in which it was signed and received. How Digital Read More
Root Certificate
A Root Certificate is a self-signed certificate or an unsigned public key certificate which forms an important part of the PKI (public key infrastructure). The most common commercial type of root certificates is based on the ISO X.509 standard. Such a certificate (a X.509 certificate) usually carries the digital signature of a certification authority (CA), which is the authorized body for validating the embedded data. In most enterprise-scale public key infrastructure systems, certificate chains prove or verify the identity of a party. When the certificate is issued by a certification Read More
Substitution and Transposition Ciphers
Substitution and transposition ciphers are two categories of ciphers used in classical cryptography. Substitution and transposition differ in how chunks of the message are handled by the encryption process. Substitution ciphers Substitution ciphers encrypt plaintext by changing the plaintext one piece at a time. The Caesar Cipher was an early substitution cipher. In the Caesar Cipher, each character is shifted three places up. Therefore, A becomes D and B becomes E, etc… This table shows “VOYAGER” being encrypted with the Caesar substitution cipher: Plaintext V O Y A G E Read More
Cryptographic Algorithms
Symmetric Cryptographic Algorithms DES (Data Encryption Standard) is perhaps the most widely used cryptographic algorithm. DES is based upon IBM’s Lucifer algorithm. The NBS (National Bureau of Standards) and the NSA (National Security Agency) adopted DES as a federal standard in 1977. DES is a symmetric cipher with an effective key length of 56 bits. Triple-DES is a variant of DES which encrypts the plaintext with the DES algorithm three times. IDEA (International Data Encryption Algorithm) is a commercial symmetric cipher developed in 1990 which uses 128-bit keys. Blowfish is Read More
PKI (Public Key Infrastructure)
PKI stands for Public Key Infrastructure and represents a wide array of devices, software, agencies and protocols that create and control electronic certificates. Some PKI systems are used for registration methods and keeping track of users. For example, when a game manufacturer sells you a copy of their game, you will be asked to fill out a form with your personal information to help the company form an idea of what kind of people are buying their game. The game may also require you to enter a serial number to Read More
RC4 (Rivest Cipher 4)
RC4 is a symmetric stream cipher with an arbitrary key size. RC4 was created by Ron Rivest of RSA Security in 1987. RC4 is used in many applications, including TLS (Transport Layer Security), WEP (Wired Equivalent Privacy), WPA (Wi-Fi Protected Access), TKIP (Temporal Key Integrity Protocol), Microsoft XBOX, Oracle SQL, Microsoft PPTP, Microsoft Office, and Adobe Acrobat. RC4 is not patented, but it is a trade secret of RSA Security. An alleged copy of the RC4 source code was published anonymously in 1994. This code behaves identically to the official Read More
ROT-13
ROT-13 is a simple substitution cipher used to obfuscate Usenet posts. ROT-13 is not meant for use as a data encryption cipher. ROT-13 is so named because every character is rotated 13 places. ROT-13 “Encryption” Chart Plaintext A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Ciphertext N O P Q R S T U V W X Y Z A B C D E F G H I J K L M Read More
Cryptographic Libraries
Cryptography is very difficult. It is even more difficult to tell if you have done it correctly. If you design and implement your own cryptographic algorithm, the odds are that you will fail to create a secure system. It is much better to code your application to use an existing cryptographic library which has been tested with extensive peer review. Adam Shostack maintains a good list of cryptographic libraries at Source Available Cryptographic Libraries. PCL is an interesting cryptanalysis library with functions for dictionary attacks and brute force attacks.
Share on: