Introduction to cryptography, Part 7: Contents and resource list

This article summarizes the contents in the "Introduction to cryptography" series and includes a glossary of terms.

Share:

Murdoch Mactaggart (IBMDev@TextBiz.com), Freelance Writer

Murdoch Mactaggart is a freelance writer and business consultant who writes on software development, the Internet, and on business and management issues around these areas. Whether readers can make accurate sense of what he writes is a moot point but, flexible though he tries to be, he generally sticks to English rather than introducing languages of his own making. Contact him at IBMDev@TextBiz.com.



01 March 2001

Cryptography Articles

The URLs listed below all point to the various features in this series on cryptography.

Part 1: The broad view
- General
- Why use cryptography?
- What's in it for developers?
- Cryptographic techniques
- Conclusion

Part 2: Symmetric cryptography
- Introduction
- Types of symmetric cipher
- Block ciphers
- Stream ciphers
- Message authentication codes
- Examples of symmetric ciphers
- DES
- IDEA
- CAST
- The one-time pad
- AES
- Conclusion
Part 3: Asymmetric cryptography
- Introduction
- Examples of asymmetric ciphers
- Diffie-Hellman
- RSA
- Other asymmetric cryptosystems
- Hash functions
- MD4 and MD5
- SHA and SHA-1
- Conclusion
Part 4: Cryptography on the Internet
- Internet related protocols and mechanisms
- RFC
- IPSec
- S-HTTP
- SSL
- TLS
- WTLS
- SET
- S/WAN
- SSH
-Encrypted e-mail
Part 5: Practical applications
- Introduction
- Combining cryptographic methods
- Digital signatures
- Pretty Good Privacy
- Covert communication
- Steganography
- Security mechanisms
- SecurID
- Smartcards
- Biometrics
- Electronic transfer of value
- Conclusion
Part 6: Miscellaneous issues
- Introduction
- Attacks and vulnerabilities
- Cryptanalysis
- Eavesdropping and other attacks
- Key management and related issues
- Secret sharing
- Zero knowledge proofs and special signature schemes
- Certificates
- Digital timestamping
- Conclusion

Glossary of terms

TermDefinition
AESThe Advanced Encryption Standard, intended to replace DES. The winner of the competition organized by NIST is Rijndael.
AlgorithmThe model of the rules by which a task, such as encryption or decryption, is carried out.
Asymmetric cryptographyA recently developed form of cryptography involving two keys, mathematically linked such that one key is used for encrypting plain text, which can then only be decrypted using the corresponding other key; known also as public key cryptography.
AuthenticationThe process of verifying identity, authorization and so on, so that something can be trusted.
BiometricsThe science of using unique physical characteristics to establish identity.
Birthday attack A particular form of brute-force attack named for the fact that in a group of 23 people, the probability of two or more sharing the same birthday is greater than 1 / 2.
Blind signature schemeA method allowing digital signing of documents without the contents being known to the signer. Block A sequence of bits of fixed length.
Block cipherA type of symmetric cipher that breaks down the plain text into blocks, encrypting these in turn.
Brute force attackA process whereby up to every possible value is tried until a match is found (Also known as an exhaustive search).
CBCCipher Block Chaining; a process whereby a plain text block is XORed with the previous cipher text block before being encrypted.
Certifying authority (CA)An organization or individual who creates digital certificates; also known as certificate authority.
CFMCipher Feedback Mode, a block cipher mode whereby it's implemented as a self-synchronizing stream cipher.
CipherAn encryption-decryption algorithm.
Cipher textData that has been encrypted.
Clear text See plain text.
Collision The situation where two different texts return the same hash value from the same algorithm.
Covert channel A communications medium that is hidden or is seemingly not used for transferring data.
Cracker A person or computer program that attempts to defeat computer security measures, including cryptography.
CRL Certificate Revocation List; a list of certificates that have been revoked and so are no longer valid.
CryptanalysisThe process whereby an attempt is made to break cryptography whether by analysis or some other means.
CryptosystemA cipher together with all possible plain texts, cipher texts, and keys.
Dictionary attackA form of brute force attack, possibly modified selectively by probability, whereby words or phrases are tried in sequence.
Digital certificateAn electronic document authenticated by a trusted public key and providing confidence that the public key specified is correctly associated with the identified individual or organization and has not been compromised; often known simply as a "certificate."
Data Encryption Standard (DES)The formal description of the Data Encryption Algorithm, developed by IBM and adopted by the U.S. Government as a formal standard in 1977.
DecryptionThe process of transforming cipher text into plain text.
Diffie-HellmanThe first public-key algorithm, published in 1976, and named after the authors.
Digital cashElectronic representation of cash, typically presented in mixed-value "coins" capable of being used anonymously.
Digital envelopeA mechanism for enclosing cipher text and its associated session key in an encrypted form protected by another key, typically, but not necessarily, a private key.
Digital signatureA process of linking a document mathematically to a particular private key; note that this is not the same as linking a document so signed to a particular individual.
Digital timestamp A process of linking mathematically a document to a particular date and time.
Electronic money See Digital cash.
EncryptionThe process of transforming plain text into cipher text.
EntropyIn mathematics, a measurement of the amount of uncertainty or randomness.
Exhaustive search See brute force attack.
Factor Any number that divides an integer; for example, the factors of 15 are 5 and 3.
Factoring Here the process of breaking down a large integer formed of two prime numbers into those primes.
HackerA person, often of considerable experience, with skills in writing and modifying software, particularly in arcane areas; used erroneously as a synonym for cracker (qv).
Hash functionA function designed to give a fixed-length output (typically 128 or 160 bits in cryptography) from text input of variable and arbitrary length.
IETFInitialism of the Internet Engineering Task Force, a body responsible for many of the Internet standards.
IPSecThe IETF's security additions specifications providing for authentication, integrity, and privacy services at the IP datagram layer.
ISOAcronym of the International Standards Organisation, the function of which is given by its name.
KerberosA trusted third-party authentication protocol associated with key delivery mechanisms; developed at MIT.
Key The general name used for a string of bits which, when used with a cipher, determines the relationship between given plain text and associated cipher text.
Key escrow The process whereby a third party holds a key in trust against some agreed-upon eventuality.
Key lengthA measure of the number of bits in a given key; note that although increasing the key length gives added security, it's not appropriate to compare the lengths used with one cipher with those in another and, in general, that key lengths in symmetric ciphers do not equate directly with key lengths in asymmetric ciphers.
Key pairIn asymmetric cryptography, the public and private keys together.
Key recoveryA feature designed to allow messages to be recovered even if a key has been lost. This might involve key escrow, back doors into a system, or other methods.
MAC Acronym for Message Authentication Code.
Message digestA (virtually) unique value associated with a given message, typically generated by applying a specialized hash function.
MIMEMultipurpose Internet Mail Extensions, an Internet mail standard that offers a way to exchange text in multiple languages using different character sets.
Modular arithmeticA form of arithmetic whereby integers leaving the same remainder when divided by the modulus are considered equal.
Modulus An integer used for division in modular arithmetic.
NISTAcronym for the U.S. agency, the National Institute of Standards and Technology, charged with, among other things, producing cryptography standards.
NSAThe initialism of yet another U.S. government agency, the National Security Agency, which busies itself checking out foreign electronic and other communications.
Number theoryThe area of mathematics involved with investigating the properties of numbers and their relationships.
One time padAlso known as the Vernam cipher and considered unbreakable although not easy to manage; the key consists of a random selection of bits exactly as long as the message itself and with which it is XORed.
PasswordA string of printable characters intended to be used as a key of some sort in controlling access to files or systems. A passphrase is, as the name suggests, similar but longer, and consists of several words.
Plain textData before encryption.
Prime number Any integer greater than 1 that is divisible only by 1 and itself; 2, 3, and 5 are prime numbers, 4 is not.
Private key The secret key in an asymmetric system. It's used for the encryption process when creating digital signatures and for the decryption process when viewing received messages.
PRNGPseudo-Random Number Generator, a mechanism used in a computer system to create, in as non-deterministic a manner as possible, a seed value from which a pseudo-random number will be derived.
Public keyThe widely publicized component of an asymmetric key pair. It's used in contrary manner to the private key.
Public key cryptographySee asymmetric cryptography.
Random numberA number that is produced quite independently of its generating criteria. It's extremely difficult to have a computer generate a truly random number and so pseudo-random numbers, which are made as non-deterministic as possible, are used.
RepudiationThe denying that some action was performed; hence "non-repudiation" is used as a property of systems that can show unequivocally that some action was indeed carried out as purported.
Revocation The cancellation of the validity of a certificate.
RFCRequest For Comment, an IETF document used as a means for disseminating information and consulting with users.
RSA algorithmA widely-used asymmetric cryptosystem based on a factoring problem. The initialism derives from the names of the developers, Ron Rivest, Adi Shamir, and Leonard Adelman.
Secure channelA means of conveying information from one source to another such that it's protected from third party access.
S-HTTPSecure Hypertext Transfer Protocol.
S/MIME Secure MIME.
SSHSecure Shell, an IETF-proposed protocol for securing the transport layer.
SSL Secure Socket Layer, a protocol developed by Netscape to provide secure communication during an Internet session.
Secret keyIn symmetric cryptography systems, a single key that is used for both encryption and decryption.
Secret sharingTypically applied to keys, whereby a key is split in such a way that a minimum number of pieces taken from the total possible need to be combined to provide access; for example, access might be given by combining at least five of eight elements.
Session keyKey generated for use during a single session of encryption and subsequently discarded; this will typically be a secret key.
SETSecure Electronic Transmission, a standard developed principally by the VISA and MasterCard consortia and intended to provide security in the area of bank card information interchange.
SMTPSimple Mail Transfer Protocol, widely used for sending e-mail.
Smartcard A small device, typically plastic and of the size of a credit card, which has a computer chip used for storing and processing small amounts of information.
Stream cipherA secret key algorithm that processes a stream of bits one bit at a time.
Substitution cipherA generally simple mechanism whereby plain text characters are replaced with other characters to form the cipher text.
S/WANSecure Wide Area Network, an initiative intended to support VPNs.
Symmetric cryptographyThe providing of encryption/decryption facilities depending on the use of the same secret key for each.
Symmetric keyAn alternative name for secret key.
Transposition cipher Another generally simple mechanism whereby the plain text characters remain unchanged but their order is transposed in some way.
TLSTransport Layer Security, an IETF draft similar to SSL and intended to provide communications privacy over the Internet.
Vernam cipherSee one time pad.
VPNVirtual Private Network, a means of allowing secure network use between remote systems but across a public network such as the Internet.
WAPWireless Access Protocol.
Weak keyOne of a number of keys that may produce regularities in cipher text, or may otherwise offer poor security, so allowing relatively easy breaking of the encryption.
WTLSWireless Transport Layer Security, the security layer protocol in the WAP architecture.
XORAn abbreviation for exclusive XOR, a logical operation returning true if two values compared are different and returning false if they're the same. Used in bitwise operations 1 XOR 0 or 0 XOR 1 gives 1 and 1 XOR 1 or 0 XOR 0 gives 0.

Reading List

A wide range of books on cryptography is available from bookshops, libraries which haven't been reduced through misguided management policies and lack of funds to stocking only meretricious junk, and from various online sources. The following book titles are a few that are particularly useful but there are many more. Journals such as Scientific American, Wired and others also publish useful articles on aspects of cryptography.

Biham, Elia, and Shamir, Adi, Differential Cryptanalysis of the Data Encryption Standard. Springer Verlag, ISBN 0387942939

Cheswick, William R. and Bellovin, Steven M., Firewalls and Internet Security.Addison Wesley, ISBN 0201924803

Diffie, Whitfield, and Landau, Susan Eva, Privacy on the Line. MIT Press, ISBN 0262041677

Kahn, David, The Codebreakers. Scribner, ISBN 0684831309

Kaufman, Radia Perlman, and Spencer, Mike, Network Security: Private Communication in a Public World. Prentice Hall, ISBN 01306145661

Kiblitz, Neal, A Course in Number Theory and Cryptography. Springer Verlag, ISBN 0387942939

Menezes, Alfred J., van Oorschot, Paul C. and Vanstone, Scott, Handbook of Applied Cryptography. CRC Press, ISBN 0849385237

RSA Laboratories, Frequently Asked Questions about Today's Cryptography. Available on-line from the RSA site, qv.

Rubin, Geer and Ranum, Web Security Sourcebook. John Wiley & Sons, ISBN 047118148X

Schneier, Bruce, Applied Cryptography. John Wiley & Sons, ISBN 0471117099

Schneier, Bruce, Secrets and Lies; Digital Security in a Networked World. John Wiley & Sons, ISBN 0471253111

Smith, Richard, Internet Cryptography. Addison Wesley, ISBN: 0201924803

Resources

Comments

developerWorks: Sign in

Required fields are indicated with an asterisk (*).


Need an IBM ID?
Forgot your IBM ID?


Forgot your password?
Change your password

By clicking Submit, you agree to the developerWorks terms of use.

 


The first time you sign into developerWorks, a profile is created for you. Information in your profile (your name, country/region, and company name) is displayed to the public and will accompany any content you post, unless you opt to hide your company name. You may update your IBM account at any time.

All information submitted is secure.

Choose your display name



The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerWorks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

Required fields are indicated with an asterisk (*).

(Must be between 3 – 31 characters.)

By clicking Submit, you agree to the developerWorks terms of use.

 


All information submitted is secure.

Dig deeper into Tivoli (service management) on developerWorks


static.content.url=http://www.ibm.com/developerworks/js/artrating/
SITE_ID=1
Zone=Tivoli
ArticleID=15020
ArticleTitle=Introduction to cryptography, Part 7: Contents and resource list
publish-date=03012001