NESSIE NESSIE (New European Schemes for Signatures, Integrity and Encryption) was a European research project funded from 2000–2003 to identify secure cryptographic primitives. The project was comparable to the NIST AES process and the Japanese Government-sponsored CRYPTREC project, but with notable differences from both. In particular, there is both overlap and disagreement between the selections and recommendations from NESSIE and CRYPTREC (as of the August 2003 draft report). The NESSIE participants include some of the foremost active cryptographers in the world, as does the CRYPTREC project. NESSIE was intended to identify and evaluate quality cryptographic designs in several categories, and to that end issued a public call for submissions in March 2000. Selected algorithms The selected algorithms and their submittors or developers are listed below. None of the six stream ciphers submitted to NESSIE were selected because every one fell to cryptanalysis. Block ciphers
How To Look Like A UNIX Guru Terence Parr Last updated: August 30, 2006 Translations: UNIX is an extremely popular platform for deploying server software partly because of its security and stability, but also because it has a rich set of command line and scripting tools. Programmers use these tools for manipulating the file system, processing log files, and generally automating as much as possible. If you want to be a serious server developer, you will need to have a certain facility with a number of UNIX tools; about 15. This lecture takes you through the basic commands and then shows you how to combine them in simple patterns or idioms to provide sophisticated functionality like histogramming. [By the way, this page gets a lot of attention on the net and unfortunately I get mail from lots of people that have better solutions or stuff I should add. Everything is a stream The first thing you need to know is that UNIX is based upon the idea of a stream. $ ls > /dev/null # ignore output of ls $ ls -l | grep Aug | wc -l cd
This is a fast software implementation in C of the FIPS 180-2 hash algorithms SHA-224, SHA-256, SHA-384 and SHA-512. The code is distributed under the BSD license. For each algorithm the implementation has been verified with the NIST test vectors and with the additional vectors provided by Aaron D. Gifford. News: February 2, 2007: Add new optimizations and minor bug fix. May 23, 2005: Include support of SHA-224. April 30, 2005: First release. Download: sha2.tar.gz github: Users: This SHA-2 version is used in Adobe AIR (see license file), in Cisco ASA 5500 Series Software (license), in HP Compliance Log Warehouse (license), or in Yahoo! Compilation options: There is an UNROLL_LOOPS option which is disabled by default. Performances: SHA-256 can achieve hashing at 27 cycles per byte for long size data on a Pentium 4 with the Intel compiler. Arch: Pentium 4 (Prescott), compiler: icc 8.1, compiler options: -O2 -xP -ip, software options: -DUNROLL_LOOPS Portability:
Secure Quick Reliable Login The first time you use SQRL the app will require you to invent a master password, from which a Master Key is cryptographically generated. This Key is a 256-bit (very very large) random number, unique and never shared. Additionally the first time using SQRL a public Identity Lock Key and a private Identity Unlock Key pair are generated via the SQRL app. The Identity Lock Key is stored alongside the Master Key but the Identity Unlock Key must be safely stored away (such as printing it as a QR code) prior to being deleted from the app. The Identity Unlock Key is used to cancel and replace your Master Key in the event that it is compromised. When you visit a SQRL enabled website the QR code/link contains the website address and a random cryptographic challenge number. The SQRL app hashes the website address and your Master Key together to create a website unique identity. Once the signed random cryptographic challenge is verified by the website it is then able to authenticate your device.
SHA-2 SHA-2 is a set of cryptographic hash functions (SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256) designed by the U.S. National Security Agency (NSA) and published in 2001 by the NIST as a U.S. Federal Information Processing Standard (FIPS). SHA stands for Secure Hash Algorithm. SHA-2 includes a significant number of changes from its predecessor, SHA-1. SHA-2 currently consists of a set of six hash functions with digests that are 224, 256, 384 or 512 bits. SHA-256 and SHA-512 are novel hash functions computed with 32 and 64-bit words, respectively. In 2005, security flaws were identified in SHA-1, namely that a mathematical weakness might exist, indicating that a stronger hash function would be desirable. Although SHA-2 bears some similarity to the SHA-1 algorithm, these attacks have not been successfully extended to SHA-2. Hash standard One iteration in a SHA-2 family compression function. The bitwise rotation uses different constants for SHA-512. Applications
Feistel cipher In cryptography, a Feistel cipher is a symmetric structure used in the construction of block ciphers, named after the German-born physicist and cryptographer Horst Feistel who did pioneering research while working for IBM (USA); it is also commonly known as a Feistel network. A large proportion of block ciphers use the scheme, including the Data Encryption Standard (DES). The Feistel structure has the advantage that encryption and decryption operations are very similar, even identical in some cases, requiring only a reversal of the key schedule. A Feistel network is an iterated cipher with an internal function called a round function. Historical Theoretical work Many modern and also some old symmetric block ciphers are based on Feistel networks (e.g. Because of this very important result of Luby and Rackoff, Feistel ciphers are sometimes called Luby–Rackoff block ciphers. Construction details Let be the round function and let be the sub-keys for the rounds respectively.
/cfAES: Compact Framework and Rijndael / AES 7/19/2004 Introduction the table below shows the different crypto algorithms listed on the left, and where they live. X means that it is supported, 0 means partial support. you can see that System.Security.Cryptography for CFv2 is going to lack many algorithms compared to the desktop. OpenNETCF 1.2 and the /cfAes library are intended to be used together, to provide almost all of the crypto functionality of .NET 2005 (desktop) RijndaelManaged, RijndaelCryptoServiceProvider 1st off, i think it is pronounced 'rain doll' :) i'm not certain of the history, but Rijndael and AES are related. something to the effect of Rijndael being the candidate for what is now known as AES. AES, EBC, NoPadding, KeyWrap the Rijndeal implementations above were tested against WSE 2.0. TripleDesEx, NoPadding, KeyWrap the TripleDES KeyWrap implementation was brought over from the WSE bits (where it was tested). SHA256Managed, SHA384Managed, SHA512Managed, SHA1Managed SecureString
authentication - Could SQRL really be as secure as they say Overall, the protocol does not appear to increase security over existing technology. If you are looking for the best way to protect your identity online, this is without question not it. But let's go over the pros and cons: It's impossible to "share" a password in the narrow sense that a malicious website can't use the authentication provided to one site to log in to another site. A brute-force attack against the authentication token is not feasible. Credentials are not stored on your computer. This technique is dangerously susceptible to MITM attacks and social engineering. So, for example, a phishing site can display an authentic login QR code which logs in the attacker instead of the user. This technique combines both authentication and identity into a physical object which is frequently lost or stolen. This technique combines all your authentication tokens into a single key unless you manually create others.
SHA-3 SHA-3, a subset of the cryptographic primitive family Keccak (/ˈkætʃæk/, or /kɛtʃɑːk/), is a cryptographic hash function designed by Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche, building upon RadioGatún. On October 2, 2012, Keccak was selected as the winner of the NIST hash function competition. SHA-3 is not meant to replace SHA-2, as no significant attack on SHA-2 has been demonstrated. Because of the successful attacks on MD5 and SHA-0 and theoretical attacks on SHA-1 and SHA-2, NIST perceived a need for an alternative, dissimilar cryptographic hash, which became SHA-3. SHA-3 uses the sponge construction in which message blocks are XORed into the initial bits of the state, which is then invertibly permuted. The block permutation The state can be considered to be a 5×5×w array of bits. The basic block permutation function consists of 12+2ℓ iterations of five sub-rounds, each individually very simple: θ ρ π χ ι Comparison of SHA functions