|
A Bibliography of Encryption Texts |
| This section cites publications on the theoretical and practical aspects
of cryptography, cryptanalysis, and cryptographic protocols. |
|
A Software Encryption Function |
by Ralph C. Merkle |
| Encryption hardware is not available on most computer systems in use today. Despite this fact, there is no well accepted encryption function designed for software implementation -- instead, hardware designs are emulated in software and the resulting performance loss is tolerated. The obvious solution is to design an encryption function for implementation in software. |
|
About the "Unbreakable Code" |
by oddballz194 |
| Critiques of the box code and the only known truly unbreakable code. |
|
Air Force Cryptologic Support Center's Newsletter - 28 Feb 92 |
| THE CONNECTION information letter is produced by the Air Force
Cryptologic Support Center Communications-Computer Systems Security
Education, Training, and Awareness Branch. |
|
An Introduction to Steganography |
by Duncan Sellars |
| Steganography in images has truly come of age with the invention of fast, powerful computers. Software is readily available off the Internet for any user to hide data inside images. The most popular technique is Least Significant Bit insertion, which we will look at. Also, we look at more complex methods such as masking and filtering, and algorithms and transformations, which offer the most robustness to attack, such as the Patchwork method in [1], which exploits the human eye's weakness to luminance variation. |
|
Analysis of SSH crc32 Compensation Attack Detector Exploit |
by David A. Dittrich |
| Once in the system, a series of operating system commands were replaced with trojan horses to provide back doors for later entry and to conceal the presence of the intruders in the system. A second SSH server was run on a high numbered port (39999/tcp). |
|
Clipper/Capstone Key Escrow Management |
by A. Padgett Peterson, P.E. |
| A means to avoid the key-management problems inherent with authorized wiretaps. |
|
Computer Generated Random Numbers |
by David W. Deley |
| Although there is nothing "random" about a completely deterministic computer generated sequence of numbers, we can analyze the sequence of numbers to see if there is any reason to doubt that the sequence could have come from a truly random stochastic process. |
|
Cracking Cube: Cryptology and Ichnography |
by Mark Featherstone |
| Thus, Kazan exemplifies the figure of the Cryptologist, the body that can decipher the machine's codes and break out of the tomb, the box that keeps its inhabitants trapped in a state of deathly inertia, docile bodies confined by suffocating capital roles. |
|
Cracking DES: Encryption Research, Wiretap Politics and Chip Design |
by EFF |
| We noticed an increasing number of situations in which highly talented and respected people from the U.S. Government were making statements about how long it takes to crack DES. In all cases, these statements were at odds with our own estimates and those of the cryptographic research community. A less polite way to say it is that these government officials were lying, incompetent, or both. |
|
Cracking PGP Myth Banishment Notes |
by Route |
| PGP is a hybrid cryptosystem. It contains 4 crytpographic elements, each of which is subject to a different type of cryptographic attack. It contains a symmetric cipher, an asymmetric cipher, a one-way hash, and a random number generator. |
|
Cracking the Universal Product Code |
by Count Nibble |
| Everyone encounters the UPC nowadays. You know, it's that set of black bars
you see on virtually every product whenever you go to the grocery store, to
buy a book or a magazine, or even to buy software (assuming that you do,
indeed, BUY your software). Have you ever though of what fun you could have
by altering that little set of black bars? |
|
Creating a file representing more than 203 million Prime Numbers |
by Vernon Nemitz |
| A 32-bit number is any number smaller than 4,294,967,296. A "prime number" is any number only perfectly divisible by itself and 1. There are 203,280,221 primes that fit in 32 bits. Here is a computer program that generates a file holding them. |
|
Crypto-Anarchist Manifesto |
by Timothy C. May |
| A specter is haunting the modern world, the specter of crypto anarchy. |
|
Cryptographic Issue Statement |
by Jason Hillyard |
| The fundamental question boils down to this: How much access should the government have to our personal communications? This presents a trade-off between the obligations of the government to protect national security and the rights of the citizens to privacy and free speech. Proponents of government control insist restrictions on encryption technology are necessary to conduct lawful investigations of terrorists, drug dealers, and gangsters. Opponents cry out that any restrictions intrude on our right to privacy and right to free speech. |
|
Cryptographic Policies and Social/Public Policy Issues |
by George Forman |
| I believe no attempt should be made to limit domestic use of strong encryption techniques... |
|
Cryptography References |
| Cryptography references from a whole bunch of different folks. |
|
Cryptography and John Dee - A True Mystery |
by Windmill |
| Anyone who is interested in cryptography and who also is interested in
the occult and or bizzarre should be aware of the Voynich Manuscript. Here
is a brief rundown along with some references and speculations.
I am doing this all from memory (mine, not the computer's), so I can't
guarantee that it's accurate, but I think I've got all the major details
straight. (I did some research on it a few years back.) |
|
Data Encryption Standard Fact Sheet |
| The National Institute of Standards and Technology (NIST) of the
Department of Commerce has recently received many inquiries
regarding various aspects of the Data Encryption Standard (DES).
This document addresses those frequently asked questions and
provides interested individuals with sources of additional
information. |
|
Digital Privacy: The Ethics of Encryption |
by Lester Dorman & Phil Lin |
| "When does the pursuit of national security begin to infringe upon the rights of the individual?" Should the government succeed in its attempt to enforce its encryption standard, some of the rights of the individual would be compromised for the sake of the utilitarian good. |
|
Energy Limits to the Computational Power of the Human Brain |
by Ralph C. Merkle |
| The view that the brain can be seen as a type of computer has gained
general acceptance in the philosophical and computer science community.
Just as we ask how many mips or megaflops an IBM PC or a Cray can perform,
we can ask how many operations the human brain can perform. Neither the
mip nor the megaflop seems quite appropriate, though; we need something
new. One possibility is the number of synapse operations per second. |
|
Extracting One Prime Number From a Compressed-Data File |
by Vernon Nemitz |
| This is a computer program to be used in conjunction with the datafiles created by PRMPRESS.C. It simply allows you to request the Nth prime number from among the first 203,280,221. Also, if N is smaller than 4,294,967,296, it will tell you if N is a prime. |
|
FOIA Results For Clipper Chip Development from the NSA |
by John Gilmore |
| The major revelations in these documents: at one point the terminology
`required' is noted, suggesting a mandatory encryption scheme was conceived
from the start (although some question the Defense Department involvement).
Interestingly, it is absent in the memorandum passed lower in the chain of
command. Why was it removed? |
|
Frequently asked questions about PGP encryption |
|
G. Scott Granados of Mindport Internet Services (P |
|
Glossary of Crypto Terms |
by Timothy C. May |
| Here's the glossary of crypto terms we passed out in printed form at
the first Cypherpunks meeting in September 1992. Some compromises had
to be made in going from the printed form to the ASCII of this
transmission, so I hope you'll bear with me. |
|
HR695: The Security and Freedom Through Encryption |
|
Hints & Tricks using PGP |
by Laszlo Baranyi |
| Informative text file on PGP encryption and encryption in general. |
|
How to Choose a Good Password |
| The fundamental reason why attacking or trying to guess the user's password or phrase will increasingly be the focus of cryptanalysis is that the user's choice of password may represent a much simpler cryptographic key than optimal for the encryption algorithm. This weakness of the user's password choice provides the cryptanalytic wedge. |
|
Improving Resistance to Differential Cryptanalysis |
by Brown, Kwan, Pieprzyk, and Seberry |
| Improving Resistance to Differential Cryptanalysis and the Redesign of LOKI. |
|
Info file on visa card pin encryption |
|
Info on Reverse and Double Reverse Lookups |
|
Introduction to Cryptography |
by Peter Meyer |
| Cryptography is the art or science of secret writing, or more exactly, of storing information (for a shorter or longer period of time) in a form which allows it to be revealed to those you wish to see it yet hides it from all others. A cryptosystem is a method to accomplish this. Cryptanalysis is the practice of defeating such attempts to hide information. |
|
Is DES Breakable? Of Course. |
by Ray Kaplan |
| In the question of DES breakability, I like his approach. They designed an attack on DES that is based on the most intensive cryptanalysis: exhaustive search. The beauty of this theoretical DES solution machine is that is can be
used for plain text, ciphertext and chosen text attacks on the algorithm. Solve the hardest problems first and the easy ones follow quickly, I say.
|
|
Jackboots on the Infobahn |
by John Perry Barlow |
| Clipper is a last ditch attempt by the United States, the last great power
from the old Industrial Era, to establish imperial control over cyberspace.[WIRED] |
|
Keep Out magazine Volume 1, Number 1 - The first i |
|
Keep Out magazine Volume 1, Number 2 - Keep Out fe |
|
Logical Access Control |
by NIST |
| Logical access controls are protection mechanisms that limit users' access to information and restrict their forms of access on the system to only what is appropriate for them. Logical access controls are often built into the operating system, or may be part of the "logic" of applications programs or major utilities, such as Database Management Systems. They may also be implemented in add-on security packages that are installed into an operating
system; such packages are available for a variety of systems, including PCs and mainframes. |
|
Microsoft's Digital Rights Management Scheme - Technical Details |
by Beale Screamer |
| This document describes version 2 of the Microsoft Digital Rights Management (MS-DRM), as applied to audio (.wma files). The sources for this material are varied, and some of the information might be slightly incomplete; however, the fundamental ideas are solid and easily verified. |
|
Mini-DES 6-Bit Blocks |
| From my final exam in cryptology. This was one of three problems in a 3-hour exam, so it should only take you 1 to 1-1/2 hours to solve. But it illustrates an interesting attack.... |
|
Misconceptions about PGP 2.6 from MIT |
by Philip Zimmermann |
| I'd like to clear up some widely held misconceptions about PGP
version 2.6 from MIT. I get a lot of email and phone calls from
people who report a lot of misinformation on many Internet newsgroups
about this MIT version of PGP. |
|
NIST Clipper Chip |
by Peter Wayner |
| Comments on the National Institute of Standards and Technology's (NIST) Proposed Encryption Chip with Key Escrow. |
|
NIST Privacy Board Resolutions on Clipper Technology |
| The Computer System Security and Privacy Advisory Board devoted its
June 2-4 meeting to the issue of the Administration's recently
announced government-developed key escrow encryption chip (called
"Clipper chip" in the April 16 announcement) and, more broadly, to
public use of cryptography and government cryptographic policies
and regulations. All sessions were open to the public. |
|
NIST resolutions (6/4/93) on Clipper Chip & Key Es |
|
No Regrets About Developing PGP |
by Philip Zimmermann |
| The Friday September 21st Washington Post carried an article by Ariana Cha that I feel misrepresents my views on the role of PGP encryption software in the September 11th terrorist attacks. |
|
PDF 1.3 Encryption Explained |
by Anonymous |
| Adobe's PDF protection scheme is a classic example of security throughd obscurity. They encrypt the content of a PDF file and hope that no one figures out how to decrypt it. When Adobe's viewer encounters an encrypted PDF file, it checks a set of flags, and allows certain operations (typically viewing) while disabling others (typically printing). |
|
PGP 2.6 UNIX Command Line |
| PGP (Pretty Good Privacy) is a public key encryption package to protect E-mail and data files. It lets you communicate securely with people you've never met, with no secure channels needed for prior exchange of keys. |
|
PGP How-To |
| This manual was written specifically for PGP Version 5.5.3i, which was the best version available at the time the manual was written. I just checked out the US freeware PGP Version 6.5.1, and it seems to be the best choice to use at this time. This manual is still pretty darned good for 6.5.1, however, some of the instructions are a little off. |
|
PGP User's Guide v2.6.2 |
by Philip Zimmermann |
| Pretty Good(tm) Privacy (PGP), from Phil's Pretty Good Software, is a high security cryptographic software application for MSDOS, Unix, VAX/VMS, and other computers. PGP allows people to exchange files or
messages with privacy, authentication, and convenience. |
|
Primary Cryption |
by Vernon Nemitz |
| This C-language computer program (CRYPTION.C) is a proposed new algorithm for very strong (60,000-bit+) encryption. It works in conjuction with a large datafile holding prime numbers, such as is created by the program PRMPRESS.C (after compiling/execution). |
|
Primes, Codes and the National Security Agency |
by Susan Landau |
| The National Security Agence (NSA) has
asked for and recieved an agreement of prior review on articles concerning
cryptography. It recently sought to fund proposals for research in
computational mathematics submitted to the National Science Foundation (NSF).
Mathematics rarely makes the headlines, but the article on the front page of
The New York TImes of August 27, 1980 was startling -- "Science Agency Blocks
Funds to Aid Research on Computer Coding." Even more surprising is that the
NSA is funding research on factoring integers. Factoring is so basic a
problem that schoolchildren are asked to do it; how could it be a threat to
national security?
|
|
Privacy as Roadkill |
by Brock N. Meeks |
| This cunning and calculated move by law enforcement to install interception technologies all along the information superhighway was blithely referred to as "proactive" law enforcement policy by Assistant U.S. Attorney, Northern Dist. of California Kent Walker. Designing these technologies into future networks, which include all telephone systems, would ensure that law enforcement
organizations "have the same capabilities that we all enjoy right now," Walker said.
|
|
Problems with DES Encryption |
by Ratsnatcher |
| The Gov't. standard encryption scheme was proven breakable
before official adoption. |
|
Public-Key Cryptography |
by James Nechvatal |
| Three of the most important services provided by cryptosystems are secrecy, authenticity, and integrity. Secrecy refers to denial of access to information by unauthorized individuals. |
|
RFC1750: Randomness Recommendations for Security. |
| Password guidelines, randomness algorithms and more. |
|
RSA Encryption and Decryption |
by Modern UART |
| This text file is intended to serve as a tutorial for those who
wish to encrypt and decrypt their files using the RSA scheme. While the
scheme is explained in detail, I suggest that another scheme be utilized.
My reasons for making this recommendation can be found scattered
throughout the text. |
|
Rob Szarka, Sea of Noise (PGP Public Key) |
|
Security Program Management |
| Organizations should view information resources security as a management issue, treated like any other item of strategic importance. Information and information processing assets are a critical component of most organizations' ability to perform their mission and business functions. |
|
Security in a Public World: A Survey |
by DCE Team at Stanford |
| Cryptography allows users to disguise data do that attackers gain no information from listening to the information as transmitted. Authentication allows clients and servers to securely determine each other*s identities. In this paper, we are going to discuss two cryptography techniques: RC4, and MD5, as well as one authentication technique: Kerberos. |
|
Security without Identification |
by Kent Hastings |
| Security without Identification - a bibliographic reference. |
|
Senate Commitee Approves Domestic Key- Recovery Bil |
|
Simple Data Encryption with Applied Algebra |
by Pyrotech |
| An easy way to encrypt data using an encryption matrix key. Easy to do, hard to decrypt! |
|
Steganography: Hidden Writing |
| The word steganography comes from the Greek steganos (covered or secret) and -graphy (writing or drawing) and thus means, literally, covered writing. Through recent usage, steganography has come to mean hidden writing, i.e., writing that is not readily discernible to the casual observer. |
|
Stego and Cypherella |
by Sandy Sandfort |
| Cypherella is an ace software developer who has unleashed a subversive program called Stego, a different kind of encryption software that works because snoops can't even tell that you are using encryption software.The Stego program uses steganography, a method of disguising messages within other media. |
|
The Bletchley Park 1944 Cryptographic Dictionary |
| It seems desirable to point out that this present edition of the Cryptographic Dictionary is not as complete or as useful, or even, perhaps, as accurate, as such a work of reference should be. |
|
The Blowfish Cipher |
by Bruce Schneier |
| Description of a New Variable-Length Key, 64-Bit Block Cipher
(Blowfish) |
|
The Crypto Anarchist's Manifesto |
by Timothy C. May |
| The technology for this revolution--and it surely will be both a social and economic revolution--has existed in theory for the past decade. The methods are based upon public-key encryption, zero-knowledge interactive proof systems, and various software protocols for interaction, authentication, and verification. |
|
The Dining Cryptographers Problem |
by David Chaum |
| Keeping confidential who sends which messages, in a
world where any physical transmission can be traced to its
origin, seems impossible. The solution presented here is
unconditionally or cryptographically secure, depending on whether
it is based on one-time-use keys or on public keys, respectively.
It can be adapted to address efficiently a wide variety of
practical considerations. |
|
The Fight for Privacy: The Govt. Raises the Stakes |
by Stanton McCandlish |
| In a "proposal" this summer, Clinton announced the creation of the Clipper/Capstone/Skipjack "encryption" "standard". This scheme uses a secret algorithm, for both voice and data encryption in all applications, which has not been reviewed for security publicly by cryptography experts. There is no doubt in the mind of the vast majority of such professionals that Clipper is intentionally weak and has built in "backdoors", in addition to the publicly- announced backdoor: Key escrow. |
|
The Green Book |
| The Green Book - Security Of Information Systems [European Community] |
|
The Orange Book |
by DoD |
| Department of Defense: Trusted Computer System Evaluation Criteria [The Orange Book] |
|
The Risks of Key Escrow, Key Recovery and Third-Party Encryption |
by Various Authors |
| A variety of "key recovery," "key escrow," and "trusted third-party" encryption requirements have been suggested in recent years by government agencies seeking to conduct covert surveillance within the changing environments brought about by new technologies. This report examines the fundamental properties of these requirements and attempts to outline the technical risks, costs, and implications of deploying systems that provide government access to encryption keys. |
|
The Se7en Digit Flush Code |
by Andrew Benham (Lord Infestation) |
| A cryptogram which could be useful for sending private messages. |
|
The Skipjack Encryption Algorithm Review |
by Various Authors |
| The objective of the SKIPJACK review was to provide a mechanism whereby persons outside the government could evaluate the strength of the classified encryption algorithm used in the escrowed encryption devices and publicly report their findings. Because SKIPJACK is but one component of a large, complex system, and because the security of communications encrypted with SKIPJACK depends on the security of the system as a whole, the review was extended to encompass other components of the system. |
|
The True Unbreakable Code |
by Mental Ego |
| Really now? Someone actually thinks they have the theory of the "Unbreakable Code." Pishaw! I have the true one, which is now available for you to use... And it's easier than you think! |
|
The U.S. Government Wants to Ban Cryptography! |
by Urizen and Marc Rotenberg |
| Once again the U.S. government is embarked upon a campaign to restrict
our personal freedom on the electronic frontier. This time, the FBI &
NSA are asking the Congress to severly restrict the use of cryptography
in digital communications so that their electronic eavesdropping may
continue to be effective. |
|
The Voynich Manuscript |
by Windmill |
| The Voynich Manuscript is named for a fellow named Voynich, who discovered it while looking for old illuminated manuscripts. When he died, he donated it to Yale, where, when last I heard, it still resides. It is a couple hundred pages long. Most of each page is "text". The margins of many or most of the pages contain illustrations of EXTREMELY obscure significance; for instance, some of the drawings look like naked women standing in what looks like a cross between a tree root system and a set of vertical baths. |
|
USAF Cryptologic Support Center Newsletter 03/10/93 |
| Attached is the latest edition of our information letter, THE CONNECTION.
This issue will reach over 900 addressees, and we need your help to give it the
widest dissemination. Please feel free to copy and make this issue available
to all your COMSEC, COMPUSEC, and TEMPEST managers. |
|
Unbreakable Code? |
by Ich |
| How to write in a code that, if proper precautions are taken, is practically unbreakable. |
|
Variable-Length key, 64-bit Block Cipher (Blowfish) Source Code |
| The Source Code for Blowfish |
|
WARNING to anyone who uses GUARDIAN FILE PROTECTIO |
|
Why Cryptosystems Fail |
by Ross Anderson |
| Designers of cryptographic systems are at a disadvantage to most other engineers, in that information on how their systems fail is hard to get: their major users have traditionally been government agencies, which are very secretive about their mistakes. |
|
e-t-a-o-n-r-i Spy and the F.B.I. |
by Les Earnest |
| A funny story about a cryptographic misadventure. |