Index
A
access control list (ACL)
accumulator
events
pools
randomness
ACL. See access control list
addition
bitwise
modular
modulo
without carry
AddRandomEvent
add-with-carry, CPU
Adelman, Leonard
administrators
Advanced Encryption Standard (AES)
initialization
128-bit
randomness generator
rounds
RSA
S-box
testing
adversarial setting
failure rate
AES. See Advanced Encryption Standard
algorithms
binary
distinguishers
efficiency
extended Euclidian algorithm
Kerckhoff's principle
primes
public keys
secure channel
wooping
Anderson, Ross
Applied Cryptography (Schneier)
The Art of Computer Programming (Knuth)
ASN.1
assertions
asymmetric key, encryption
ATM, PIN code
atomicity, file system updates
attack tree
attacks. See also specific attack types
block ciphers
entropy
hash functions
MAC
plaintext
quantum physics
RF
RSA
steps
authentication. See also message authentication code
clock
conventions
encryption
GMAC
key negotiation
MAC
message order
messages
protocols
public key
secret keys
secure channel
session keys
symmetric keys
authorization, PKI
B
backups, VMs
banks
CA
credit card organization
Biham, Eli
binary algorithm
biometrics
birthday attacks
hash functions
HMAC
meet-in-the-middle attacks
bitslice implementation
bitwise addition
blind signatures
block cipher mode
ciphertext c
padding
block ciphers
attacks
chosen-plaintext attack
ciphertext c
ciphertext-only attack
generic attacks
GMAC
hash functions
ideal
interface
Kerckhoff's principle
128-bit
permutations
plaintext
rounds
secret keys
testing
256-bit
Boojum
Bos, Jurjen
bridges
buffer overflow
C
C++
CA. See certificate authority
cache
CPU
secrets
Carmichael numbers
CBC. See cipher block chaining
CCM
CEN. See European Committee for Standardization
certificate(s)
credential systems
multilevel
PKI
self-certifying
SSL
certificate authority (CA)
banks
fast expiration
liability
PKI
RA
root key
trust
certificate chain
certificate revocation list (CRL)
key servers
Chaum, David
checks. See testing
Chinese Remainder Theorem (CRT)
complexity
exponentiations
multiplication
signatures
chosen-ciphertext attack
chosen-key attack
chosen-plaintext attack
block ciphers
distinguishers
cipher block chaining (CBC)
information leakage
MAC
ciphertext c
block cipher mode
block ciphers
plaintext
ciphertext-only attack
block ciphers
distinguishers
clock
authentication
counters
expiration time
monotonicity
PKI
real-time clock chip
real-time transactions
security
setting back
setting forward
stopping
time
time synchronization
unique value
CMAC
code quality
The Codebreakers (Kahn)
collision(s)
chances of
hash functions
collision attacks
DH
stream cipher
collision resistance
complexity
CRT
protocols
security
test-and-fix
composites
constant-time operations
conventions, authentication
correct programs
test-and-fix
counter IV
counter mode (CTR)
encryption
GMAC
information leakage
counters
clock
same-state problem
CPU
add-with-carry
cache
hash functions
multiplication
registers
secrets
credential systems
delegation
PKI
credit card(s)
digital signature
PIN code
SET
viruses
credit card organization, banks
CRL. See certificate revocation list
CRT. See Chinese Remainder Theorem
Crypto-Gram
CTR. See counter mode
current events
CWC
D
Data Encryption Standard (DES)
exhaustive search attack
56-bits
rounds
64-bit
data integrity
data-dependent rotation
DataEncryption Standard (DES)
Davies-Meyer hash function
debuggers
decryption
RSA
decryptRandomKeyWithRSA
defense in depth
delegation, credential systems
denial-of-service attack (DOS)
DES. See Data Encryption Standard
detection, security
DH. See Diffie-Hellman key exchange protocol
dictionary attack
offline
passwords
Diffie, Whitfield
Diffie-Hellman key exchange protocol (DH)
collision attacks
groups
information leakage
man-in-the-middle attack
pitfalls
public keys
safe primes
Station-to-Station protocol
subgroups
testing
digest
digital rights management (DRM)
digital signature
credit cards
public key
public keys
RSA
SET
Dijkstra, Edsger
direct authorization
discrete logarithm (DL)
distinguishers
algorithms
chosen-plaintext attack
ciphertext-only attack
known-plaintext attack
distinguishing attack
divisibility, primes
DL. See discrete logarithm
Document Template Definition (DTD)
DOS. See denial-of-service attack
DRAM. See Dynamic RAM
DRM. See digital rights management
DTD. See Document Template Definition
Dynamic RAM (DRAM)
E
EC. See error-correcting code memory
ECB. See electronic cookbook
EEPROM
efficiency
algorithms
public keys
safe primes
Einstein-Podolsky-Rosen paradox
Electrical and Electronics Engineers (IEEE)
electronic banking
electronic cookbook (ECB)
information leakage
electronic payment systems
encryption
asymmetric key
authentication
CTR
MAC
public keys
RSA
secret keys
secure channel
storage
symmetric keys
encryptRandomKeyWithRSA
entropy
attacks
keystrokes
mouse movements
passwords
pools
sources of
EPROM
Eratosthenes
error-correcting code memory (ECC)
errors
large integer arithmetic
PIN code
protocols
timing attacks
wooping
ethics, trust
Euclid
extended Euclidian algorithm
European Committee for Standardization (CEN)
even permutations
ideal block ciphers
events
accumulator
pools
randomness
evolving systems, security
exception handling
exclusive-or operation (XOR)
MAC
memory
modulo 2
storage
stream cipher
execution states, protocols
exhaustive search attack
DES
hash functions
expiration time
certificates
clock
keys
public keys
exponentiations
CRT
extended Euclidean algorithm
extendedGCD
RSA
F
failure rate, adversarial setting
fast expiration, CA
FEAL
Feistel construction
Twofish
Ferguson, Niels
Fermat test
56-bits, DES
file system updates, atomicity
finally
fingerprint
fingerprint scanners
finite fields
firewall, LAN
512-bit
fixed IV
floating point registers
Fortuna
forward secrets
Foundations of Cryptography (Goldreich)
functional specification
fundamental theorem of arithmetic
G
garbage collection
Garner's formula
GCD. See greatest common divisor
GCM
GMAC
GenerateBlocks
GenerateLargePrime
generateRSAKey
generateRSAPrime
generator. See also pseudorandom number generators; random number generators
pools
randomness
reseeds
speed
generic attacks
block ciphers
hash functions
GMAC
authentication
GCM
interface
Goldbach conjecture
Goldreich, Oded
greatest common divisor (GCD)
groups
DH
Gutmann, Peter
H
Handbook of Applied Cryptography (Menezes, van Oorschot, and Vanstone)
hard drive, secrets
hash functions
attacks
birthday attacks
block ciphers
collisions
CPU
exhaustive search attack
generic attacks
ideal
iterative
length extension bug
NIST
partial-message collision
pools
random mapping
security
testing
universal
weaknesses
Hellman, Martin
HMAC
birthday attacks
iterative hash functions
key recovery attacks
SHA-1
Horton Principle
message identifiers
Housley, Russ
human memory
passwords
secrets
I
iButton
IDEA
side-channel attacks
ideals
block ciphers
hash functions
MAC
identifiers
messages
protocols
IEEE. See Electrical and Electronics Engineers
IETF. See Internet Engineering Task Force
IKE. See Internet Key Exchange
implementation
design
incentive, protocols
indirect authorization
information leakage
DH
initialization
AES
secure channel
SSL
initialization vector
InitializeGenerator
InitializePRNG
InitializeSecureChannel
insiders
instance identifiers, protocols
interface
block ciphers
GMAC
International Organization for Standardization (ISO)
Internet Engineering Task Force (IETF)
Internet Key Exchange (IKE)
Introduction to Modern Cryptography (Katz and Lindell)
IPsec
message order
iris scanners
ISO. See International Organization for Standardization
ISO 9001
isPrime
iterative hash functions
HMAC
J
Java
K
Kahn, David
Katz, Jonathan
Kelsey, John
Kerberos
Kerckhoff's principle
algorithms
block ciphers
key(s). See also specific key types
compromise of
expiration time
key servers
phases of
secure channel
64-bit
key negotiation
authentication
passwords
secret keys
key recovery attacks, HMAC
key servers
CRL
keys
PKI
rekeying
secure channel
keystrokes
entropy
randomness
known-plaintext attack
distinguishers
Knuth, Donald E.
Kohno, Tadayoshi
L
LAN, firewall
large integer arithmetic
errors
side-channel attacks
wooping
law, trust
LCM. See least common multiple
least common multiple (LCM)
Legendre symbol
length extension bug, hash functions
liability
CA
VeriSign
Lindell, Yehuda
local time
long-term card key
M
MAC. See message authentication code
MAD. See Mutually Assured Destruction
man-in-the-middle attack, DH
MARS
side-channel attacks
mathematics
RSA
MD4
MD5
meet-in-the-middle attacks
birthday attacks
memory
human
secrets
XOR
memset
Menezes, A.J.
message authentication code (MAC)
attacks
authentication
CBC
data integrity
encryption
ideal
meet-in-the-middle attacks
passwords
random mapping
security
tags
XOR
message digest functions. See hash functions
message identifiers
Horton Principle
protocols
message numbers
secure channel
message order
authentication
secure channel
messages
authentication
encoding
identifiers
parsing
protocols
secure channel
TCP
MinPoolSize
modular addition
modular multiplication
modularization
protocols
modulo
addition
multiplication
primes
subtraction
wooping
modulo 2
modulo n
monotonicity, clock
Monte Carlo simulation
Montgomery multiplication
Moore's law
mouse movements, entropy
MsgCntSend
MsgToRSANumber
multilevel certificates
multiplication
CPU
CRT
modular
modulo
Montgomery
multiplicative group modulo p
Mutually Assured Destruction (MAD)
N
names, PKI
National Institute of Standards and Technology (NIST)
hash functions
primes
SHA
network security
NIST. See National Institute of Standards and Technology
nonce-generated IV
GMAC
nonrepudiation
NSA
SHA
NTP
O
OCB
OCSP. See Online Certificate Status Protocol
odd permutations
OFB. See output feedback
offline
chosen-plaintext attack
dictionary attack
128-bit
AES
block ciphers
GMAC
MD5
passwords
security
160-bit
192-bit
online
certificate verification
chosen-plaintext attack
Online Certificate Status Protocol (OCSP)
output feedback (OFB)
information leakage
overwriting data
P
padding
block cipher mode
RSA
paranoia
exercises
protocols
parity, permutations
parity attacks
parsing, messages
partial-message collision, hash functions
passphrases
Password Safe
passwords
dictionary attack
entropy
human memory
key negotiation
MAC
128-bit
salting
64-bit
stretching
256-bit
patents
PayPal, phishing
PC Card
PDA, secrets
performance, security
permutations
block ciphers
even
odd
parity
phishing, PayPal
PHT
physical threat, trust
PIN code
ATM
credit cards
errors
secure token
SET
PKCS#1 v2.1
PKI. See public key infrastructure
plaintext
attacks
block cipher mode
block ciphers
ciphertext c
pools
accumulator
entropy
events
generator
hash functions
randomness
reseeds
portable storage
powers
prevention, security
primes
algorithms
divisibility
large
modulo
NIST
primitive elements
safe
small
testing
256-bit
wooping
primitive elements
primes
privacy, storage
private keys
PRNGs. See pseudorandom number generators
probabilities
professional paranoia
exercises
protocols
proof by contradiction
proof of security
protocols. See also specific protocols
authentication
complexity
errors
execution states
identifiers
incentive
instance identifiers
message identifiers
messages
modularization
paranoia
professional paranoia
roles
secure channel
smart cards
steps
timeouts
trust
versions
pseudorandom data
pseudorandom function
pseudorandom number generators (PRNGs)
PseudoRandomData
public exponents, RSA
public key(s)
algorithms
authentication
DH
digital signature
efficiency
encryption
expiration time
PKI
primes
RSA
secret keys
SSL
symmetric keys
timing attacks
public key infrastructure (PKI)
authorization
CA
certificates
clock
credential systems
dream of
key servers
names
practicalities
public keys
reality of
refinery sensors
revocation
secret keys
SSL
trust
universal
VPN
Q
quantum physics, attacks
R
RA. See Registration Authority
Rabin-Miller test
random delay
random IV
random mapping
hash functions
MAC
random number generators
same-state problem
RandomData
randomness
accumulator
events
generator
keystrokes
pools
secret keys
RC4
RC6
real-time clock chip
same-state problem
real-time transactions, clock
ReceiveMessage
reductio ad absurdum (proof by contradiction)
refinery sensors, PKI
registers, CPU
Registration Authority (RA), CA
rekeying, key servers
related-key attack
replay attacks
reputation, trust
requirements
ReseedCnt
reseeds
generator
pools
resends
secure channel
timing of
response, security
retry attacks
TCP
UDP packets
revocation, PKI
RF
attacks
side-channel attacks
Rijndael
randomness generator
risk, trust
Rivest, Ron
roles
protocols
secure channel
root key, CA
rounds
AES
block ciphers
DES
RSA
AES
attacks
decryption
digital signature
encryption
extendedGCD
mathematics
padding
pitfalls
public exponents
public keys
signatures
SSL
symmetric keys
testing
RSA-OAEP
RSA-PSS
S
safe primes
DH
efficiency
salting, passwords
same-state problem
S-box. See substitution box
Schilder, Marius
Schneier, Bruce
secret keys
authentication
block ciphers
encryption
key negotiation
management
PKI
public keys
randomness
secure tokens
storage
256-bit
secrets
cache
CPU
forward
hard drive
human memory
memory
PDA
secure channel
sharing
smart phones
storage
swap files
virtual memory
wiping state
Secrets and Lies (Scheier)
secure channel
algorithms
authentication
encryption
initialization
key servers
keys
message numbers
message order
messages
properties
protocols
resends
roles
secrets
Secure Hash Algorithm (SHA)
secure tokens
PIN code
secret keys
secure UI
security
clock
complexity
detection
evolving systems
features
hash functions
level
MAC
mindset
128-bit
performance
prevention
response
reviews
standards
weakest link
Security Engineering (Anderson)
seed files
self-certifying certificate
SendMessage
sequences
Serpent
randomness generator
session keys
authentication
SET
credit cards
digital signature
PIN code
viruses
SHA. See Secure Hash Algorithm
SHA-0
SHA-1
HMAC
SHA-2, fixes for
SHA-3
SHA-224
SHA-256
SHA-384
SHA-512
Shamir, Adi
side-channel attacks
countermeasures
IDEA
large integer arithmetic
MARS
RF
signatures. See also digital signature
blind
CRT
RSA
SignWithRSA
simplicity
single sign-on
64-bit
DES
encryption
keys
message numbers
passwords
SmallPrimeList
smart cards
protocols
smart phones, secrets
SNTP
Social Security number (SSN)
SoFi number
software bugs
specifications
splitting operations
SRAM. See Static RAM
SRP
SSH
SSL
certificates
initialization
PKI
public keys
RSA
standards
SSL/TLS
SSN. See Social Security number
standards
security
SSL
start-of-protocol attack
Static RAM (SRAM)
Station-to-Station protocol, DH
steps
attacks
protocols
storage
encryption
portable
privacy
secret keys
secrets
XOR
stream cipher
collision attacks
XOR
stretching, passwords
STU-III
subgroups, DH
subsequences
substitution box (S-box)
AES
Twofish
subtraction, modulo
Sun Tzu
superusers
swap files, secrets
symmetric keys
authentication
encryption
public keys
RSA
SYN flood attack
System.gc()
System.runFinalization()
T
Tag-Length-Value (TLV)
tags, MAC
TCP
messages
retry attacks
TCP/IP
message order
test-and-fix
complexity
correct programs
testing
AES
block ciphers
DH
Fermat
hash functions
primes
Rabin-Miller
RSA
32-bit
encryption
MD4
message numbers
SHA-1
threat model
time, clock
time server
time stamps
time synchronization, clock
timeouts, protocols
timing attacks
errors
public keys
TLS
TLV. See Tag-Length-Value
traffic analysis
transient secrets
transport layer
trust
CA
ethics
law
MAD
physical threat
PKI
protocols
reputation
risk
try-finally
256-bit
block ciphers
passwords
primes
secret keys
Twofish
randomness generator
U
UDP packets
retry attacks
uncertainty
unique value, clock
universal hash function
CWC
universal PKI
UNIX
UpdateSeedFile
USB dongle
USB stick
storage
UTC
V
van Oorschot, Paul C.
Vanstone, S.A.
VerifyRSASignature
VeriSign, liability
version-rollback attack
versions, protocols
Viega, John
virtual machines (VMs)
backups
virtual memory, secrets
virtual private network (VPN), PKI
viruses
credit cards
SET
VMs. See virtual machines
VPN. See virtual private network
W
weakest link, security
WEP. See wired equivalent privacy
whitening
Whiting, Doug
wiping state
secrets
wired equivalent privacy (WEP)
wooping
algorithms
errors
large integer arithmetic
modulo
primes
WriteSeedFile
X
XML
XOR. See exclusive-or operation
X.509v3
Y
Yarrow
Z
Zener diode