Security

Ten Risks of PKI: What You're Not Being Told About Public Key Infrastructure by C. Ellison and B. Schneier
Public-key infrastructure has been oversold as the answer to many network security problems. We discuss the problems that PKI doesn't solve, and that PKI vendors don't like to mention.

Authenticating Secure Tokens Using Slow Memory Access by John Kelsey and Bruce Schneier
We present an authentication protocol that allows a token, such as a smart card, to authenticate itself to a back-end trusted computer system through an untrusted reader. This protocol relies on the fact that the token will only respond to queries slowly, and that the token owner will not sit patiently while the reader seems not to be working. This protocol can be used alone, with "dumb" memory tokens or with processor-based tokens.

Design Principles for Tamper-Resistant Smartcard Processors by Oliver Kömmerling and Markus G. Kuhn (May 10, 1999)
We describe techniques for extracting protected software and data from smartcard processors. This includes manual microprobing, laser cutting, focused ion-beam manipulation, glitch attacks, and power analysis. Many of these methods have already been used to compromise widely-fielded conditional-access systems, and current smartcards offer little protection against them. We give examples of low-cost protection concepts that make such attacks considerably more difficult.

Breaking Up Is Hard to Do: Modeling Security Threats for Smart Cards by B. Schneier and A. Shostack (February 5, 1999)
Smart card systems differ from conventional computer systems in that different aspects of the system are not under a single trust boundary. The processor, I/O, data, programs, and network may be controlled by different, and hostile, parties. We discuss the security ramifications of these "splits" in trust, showing that they are fundamental to a proper understanding of the security of systems that include smart cards.

An Overview of Smart Card Security by CHAN, Siu-cheung Charles (August 17, 1997)
This paper discusses the security of the smart card in three different aspects. Firstly, we will have a look of the physical structure of a smart card, and how it protects the data through the card’s life cycle. Secondly, we will examine how the data is protected through logical controls over the files in the card. Thirdly, we will discuss how the smart card can provide a secure and authenticated environment for applications through procedural operation and mechanism. At last, before we conclude whether the smart card is secure or not, some of the available techniques of attacking the smart card will be reviewed.

Cryptography FAQ
Welcome to the fourth version of RSA Laboratories' Frequently Asked Questions About Today's Cryptography. This FAQ covers the technical mathematics of cryptography as well as export law and basic fundamentals of information security.

The Elliptic Curve Cryptosystem for Smart Cards (May 1998)
This paper focuses on implementing cryptographic services on the smart card platform, explaining how elliptic curve cryptography (ECC) can not only significantly reduce the cost, but also accelerate the deployment of smart cards in next-generation applications. ECC permits reductions in key and certificate size that translate to smaller memory requirements (especially for EEPROM), which represent significant cost savings. Additionally, because of efficient implementation techniques from Certicom, the ECC algorithm does not require the addition of a cryptographic coprocessor to deliver subsecond performance. This means that high-strength public-key cryptosystems with subsecond transactions times can now be offered on conventional, 8-bit, inexpensive smart cards.

The Data Encryption Standard (DES)
The Data Encryption Standard (DES) specifies a FIPS approved cryptographic algorithm as required by FIPS 140-1. This publication provides a complete description of a mathematical algorithm for encrypting (enciphering) and decrypting (deciphering) binary coded information. Encrypting data converts it to an unintelligible form called cipher. Decrypting cipher converts the data back to its original form called plaintext. The algorithm described in this standard specifies both enciphering and deciphering operations which are based on a binary number called a key.

Tutorial: Digital IDs
Digital IDs provide an electronic means of proving your identity, much like a driver license or passport does in face-to-face interactions. This exhaustive tutorial from Verisign covers all aspects of Digital IDs: public key cryptography, standards X.509), certificate management, implementations (internet, e-mail).

RSA Laboratories' Public-Key Cryptography Standards: PKCS
RSA Laboratories' Public-Key Cryptography Standards (PKCS), the informal intervendor standards was developed in 1991 by RSA Laboratories with representatives of Apple, Digital, Lotus, Microsoft, MIT, Northern Telecom, Novell and Sun. These standards cover RSA encryption, Diffie-Hellman key agreement, password-based encryption, extended-certificate syntax, cryptographic message syntax, private-key information syntax, and certification request syntax, as well as selected attributes.

The MD5 Message-Digest Algorithm (RFC 1321) by R. Rivest (April 1992)
This document describes the MD5 message-digest algorithm. The algorithm takes as input a message of arbitrary length and produces as output a 128-bit "fingerprint" or "message digest" of the input. It is conjectured that it is computationally infeasible to produce two messages having the same message digest, or to produce any message having a given prespecified target message digest. The MD5 algorithm is intended for digital signature applications, where a large file must be "compressed" in a secure manner before being encrypted with a private (secret) key under a public-key cryptosystem such as RSA.

Secure Hash Algorithm (SHA-1) FIPS PUB 180-1 (1995 April 17)
This standard specifies a Secure Hash Algorithm (SHA-1) which can be used to generate a condensed representation of a message called a message digest. The SHA-1 is required for use with the Digital Signature Algorithm (DSA) as specified in the Digital Signature Standard (DSS) and whenever a secure hash algorithm is required for Federal applications. The SHA-1 is used by both the transmitter and intended receiver of a message in computing and verifying a digital signature.

Digital Signature Standard (DSS) FIPS PUB 186-2 (2000 January 27)
This standard specifies a suite of algorithms which can be used to generate a digital signature. Digital signatures are used to detect unauthorized modifications to data and to authenticate the identity of the signatory. In addition, the recipient of signed data can use a digital signature in proving to a third party that the signature was in fact generated by the signatory. This is known as nonrepudiation since the signatory cannot, at a later time, repudiate the signature.

The Internet Key Exchange (IKE) (RFC 2409) by D. Harkins and D. Carrel (November 1998)
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. ISAKMP provides a framework for authentication and key exchange but does not define them. ISAKMP is designed to be key exchange independant; that is, it is designed to support many different key exchanges.

The hash function RIPEMD-160
RIPEMD-160 is a 160-bit cryptographic hash function, designed by Hans Dobbertin, Antoon Bosselaers, and Bart Preneel. It is intended to be used as a secure replacement for the 128-bit hash functions MD4, MD5, and RIPEMD. MD4 and MD5 were developed by Ron Rivest for RSA Data Security, while RIPEMD was developed in the framework of the EU project RIPE (RACE Integrity Primitives Evaluation, 1988-1992).
[ Top ] [ Home ]
created ~Jun/1998 -- last updated: 01/04/2004 -- http://www.pochendorfer.com/macchiato/security.html