Category Archives: Cryptography

Proofs in Cryptography: Lecture 14 ROM Construction Example – RSA FDH Signatures – Video

Posted on by


Proofs in Cryptography: Lecture 14 ROM Construction Example - RSA FDH Signatures
Proofs in Cryptography Lecture 14 ROM Construction Example - RSA FDH Signatures ALPTEKN KP Assistant Professor of Computer Science and Engineering Ko Un...

By: Kolt KU

Continued here:
Proofs in Cryptography: Lecture 14 ROM Construction Example - RSA FDH Signatures - Video

Proofs in Cryptography: Lecture 6 Reduction Proof Example – PRG based Encryption – Video

Posted on by


Proofs in Cryptography: Lecture 6 Reduction Proof Example - PRG based Encryption
Proofs in Cryptography Lecture 6 Reduction Proof Example - PRG based Encryption ALPTEKN KP Assistant Professor of Computer Science and Engineering Ko Un...

By: Kolt KU

Original post:
Proofs in Cryptography: Lecture 6 Reduction Proof Example - PRG based Encryption - Video

Elliptic curve cryptography – Wikipedia, the free encyclopedia

Posted on by

Elliptic curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. One of the main benefits in comparison with non-ECC cryptography (with plain Galois fields as a basis) is the same level of security provided by keys of smaller size.

Elliptic curves are applicable for encryption, digital signatures, pseudo-random generators and other tasks. They are also used in several integer factorization algorithms that have applications in cryptography, such as Lenstra elliptic curve factorization.

Public-key cryptography is based on the intractability of certain mathematical problems. Early public-key systems are secure assuming that it is difficult to factor a large integer composed of two or more large prime factors. For elliptic-curve-based protocols, it is assumed that finding the discrete logarithm of a random elliptic curve element with respect to a publicly known base point is infeasible: this is the "elliptic curve discrete logarithm problem" or ECDLP. The entire security of ECC depends on the ability to compute a point multiplication and the inability to compute the multiplicand given the original and product points. The size of the elliptic curve determines the difficulty of the problem.

The primary benefit promised by ECC is a smaller key size, reducing storage and transmission requirements, i.e. that an elliptic curve group could provide the same level of security afforded by an RSA-based system with a large modulus and correspondingly larger key: for example, a 256-bit ECC public key should provide comparable security to a 3072-bit RSA public key.

The use of elliptic curves in cryptography was suggested independently by Neal Koblitz[1] and Victor S. Miller[2] in 1985. Elliptic curve cryptography algorithms entered wide use in 2004 to 2005.

For current cryptographic purposes, an elliptic curve is a plane curve over a finite field (rather than the real numbers) which consists of the points satisfying the equation

along with a distinguished point at infinity, denoted . (The coordinates here are to be chosen from a fixed finite field of characteristic not equal to 2 or 3, or the curve equation will be somewhat more complicated.)

This set together with the group operation of elliptic curves is an Abelian group, with the point at infinity as identity element. The structure of the group is inherited from the divisor group of the underlying algebraic variety. As is the case for other popular public key cryptosystems, no mathematical proof of security has been published for ECC as of 2009[update].

The U.S. National Institute of Standards and Technology (NIST) has endorsed ECC in its Suite B set of recommended algorithms, specifically Elliptic Curve DiffieHellman (ECDH) for key exchange and Elliptic Curve Digital Signature Algorithm (ECDSA) for digital signature. The U.S. National Security Agency (NSA) allows their use for protecting information classified up to top secret with 384-bit keys.[3]

While the RSA patent expired in 2000, there may be patents in force covering certain aspects of ECC technology, though some (including RSA Laboratories[4] and Daniel J. Bernstein[5]) argue that the Federal elliptic curve digital signature standard (ECDSA; NIST FIPS 186-3) and certain practical ECC-based key exchange schemes (including ECDH) can be implemented without infringing them.

Link:
Elliptic curve cryptography - Wikipedia, the free encyclopedia

Quantum cryptography – Wikipedia, the free encyclopedia

Posted on by

Quantum cryptography describes the use of quantum mechanical effects (in particular quantum communication and quantum computation) to perform cryptographic tasks or to break cryptographic systems.

Well-known examples of quantum cryptography are the use of quantum communication to exchange a key securely (quantum key distribution) and the hypothetical use of quantum computers that would allow the breaking of various popular public-key encryption and signature schemes (e.g., RSA and ElGamal).

The advantage of quantum cryptography lies in the fact that it allows the completion of various cryptographic tasks that are proven or conjectured to be impossible using only classical (i.e. non-quantum) communication (see below for examples). For example, quantum mechanics guarantees that measuring quantum data disturbs that data; this can be used to detect eavesdropping in quantum key distribution.

Quantum cryptography was proposed first by Stephen Wiesner, then at Columbia University in New York, who, in the early 1970s, introduced the concept of quantum conjugate coding. His seminal paper titled "Conjugate Coding" was rejected by IEEE Information Theory but was eventually published in 1983 in SIGACT News (15:1 pp.7888, 1983). In this paper he showed how to store or transmit two messages by encoding them in two "conjugate observables", such as linear and circular polarization of light, so that either, but not both, of which may be received and decoded. He illustrated his idea with a design of unforgeable bank notes. In 1984, building upon this work, Charles H. Bennett, of the IBM Thomas J. Watson Research Center, and Gilles Brassard, of the Universit de Montral, proposed a method for secure communication based on Wiesners "conjugate observables", which is now called BB84.[1] In 1990 Artur Ekert developed a different approach to quantum key distribution based on peculiar quantum correlations known as quantum entanglement.[2]

Random rotations of the polarization by both parties (usually called Alice and Bob) have been proposed in Kak's three-stage quantum cryptography protocol.[3] In principle, this method can be used for continuous, unbreakable encryption of data if single photons are used.[4] The basic polarization rotation scheme has been implemented.[5]

The BB84 method is at the basis of quantum key distribution methods. Companies that manufacture quantum cryptography systems include MagiQ Technologies, Inc. of Boston, ID Quantique of Geneva, Switzerland, QuintessenceLabs (Canberra, Australia) and SeQureNet (Paris).

The most well known and developed application of quantum cryptography is quantum key distribution (QKD), which is the process of using quantum communication to establish a shared key between two parties without a third party (Eve) learning anything about that key, even if Eve can eavesdrop on all communication between Alice and Bob. This is achieved by Alice encoding the bits of the key as quantum data and sending them to Bob; if Eve tries to learn these bits, the messages will be disturbed and Alice and Bob will notice. The key is then typically used for encrypted communication using classical techniques. For instance, the exchanged key could be used as the seed of the same random number generator both by Alice and Bob.

The security of QKD can be proven mathematically without imposing any restrictions on the abilities of an eavesdropper, something not possible with classical key distribution. This is usually described as "unconditional security", although there are some minimal assumptions required including that the laws of quantum mechanics apply and that Alice and Bob are able to authenticate each other, i.e. Eve should not be able to impersonate Alice or Bob as otherwise a man-in-the-middle attack would be possible.

Following the discovery of quantum key distribution and its unconditional security, researchers tried to achieve other cryptographic tasks with unconditional security. One such task was commitment. A commitment scheme allows a party Alice to fix a certain value (to "commit") in such a way that Alice cannot change that value while at the same time ensuring that the recipient Bob cannot learn anything about that value until Alice decides to reveal it. Such commitment schemes are commonly used in cryptographic protocols. In the quantum setting, they would be particularly useful: Crpeau and Kilian showed that from a commitment and a quantum channel, one can construct an unconditionally secure protocol for performing so-called oblivious transfer.[6]Oblivious transfer, on the other hand, had been shown by Kilian to allow implementation of almost any distributed computation in a secure way (so-called secure multi-party computation).[7] (Notice that here we are a bit imprecise: The results by Crpeau and Kilian[6] and Kilian[7] together do not directly imply that given a commitment and a quantum channel one can perform secure multi-party computation. This is because the results do not guarantee "composability", that is, when plugging them together, one might lose security. Later works showed, however, how composability can be ensured in this setting.)

Unfortunately, early quantum commitment protocols[8] were shown to be flawed. In fact, Mayers showed that (unconditionally secure) quantum commitment is impossible: a computationally unlimited attacker can break any quantum commitment protocol.[9]

Here is the original post:
Quantum cryptography - Wikipedia, the free encyclopedia

Portable PGP – SourceForge

Posted on by

Portable PGP :: PGP Everywhere!

Portable PGP is a fully featured, lightweight, java based, open source PGP tool.

It allows to encrypt,decrypt,sign and verify text and files with a nice and absolutely straight graphical interface.

It's absolutely simple to use and provides everything you need to get started with PGP cryptography.

(Jun 2012) New version 1.0.7 released ! Works with Oracle Java 7, Windows 7 x64 and Ubuntu (x64) OpenJDK

Downloads

On the go USB-Stick version available ! After a long wait, the USB-Stick version of PortablePGP is ready. It's a simple zip file that you've to decompress on the root folder of your USB drive and allows to run PortablePGP on both Windows and Linux platforms without the need of installing it and without the need to have a Java virtual machine installed(a private JRE is bundled in)

Runs everywhere USB-Stick : Proceed to download

Otherwise, if you prefer to download and install it as a standard application

Fully automatic setup for Windows : PortablePGP-setup.exe

Continue reading here:
Portable PGP - SourceForge