CRYPTOGRAPHY
Local information
Global issues
High level stuff
Selecting what to use
See also Post Quantum.
- NIST - standards and guidelines
- SOGIS - Senior Officials Group Information Security
- Coordinates the standardisation of Common Criteria protection profiles and certification policies between European Certification Bodies in order to have a common position in the international CCRA group
- Coordinates the development of protection profiles whenever the European commission launches a directive that should be implemented in national laws as far as IT-security is involved
- As such, makes protection profiles (passports, tachograph, SSCD, ...) available
- ETSI - cryptographic suites
- ENISA- initial recommendations
- PQcrypto.eu.org - initial recommendations
- Symmetric encryption: AES-256 and Salsa20 with a 256-bit key
- Symmetric authentication: GCM using a 96-bit nonce and a 128-bit authenticator, and Poly1305
- Public key encryption: McEliece with binary Goppa codes
- Public key signatures: XMSS and SPHINCS-256 (both are hash-based) - it can be observed
- XMSS: size of the XMSS signature is about 2.5 kB, which is large compared with the ECDSA signature (71 bytes), and requires an
increase in the block size; however, this is seen as an option for PQ signature in a blockchain
- Sphincs: for a 128-bit security level, the size of such a signature is about 41 kB, which is too expensive to use in a
blockchain and is more suitable for authentication systems
- Keylenght.com - A. Lenstra/E. Verheul - key lengths etc
- Cryptosavvy - A. Lenstra/E. Verheul - key lengths etc
Post Quantum
People
- Michele Mosca - quantum computing - Uni of Waterloo
- Steven Galbraith - ECC - Auckland, NZ - slides, publication, handbook
- Dieter Gollman
- Nigel Smart - MPC- at COSIC
- Wang Xiaoyun - MD5, SHA1 collisions, ...
- Jianying Zhou - private homepage - non-repudiation, cyber-physical, ...
- Jianying Zhou - SUTD homepage
- Thomas Hardjono - MIT
- Martin Helman
- Diffie-Hellman - New directions in cryptography - 1976
- Andrew Clark IACR's President
- Ron Rivest's homepage - with further crypto links ...
- David Chaum's homepage - Berkeley, CWI, DigiCash, ... see also www.vreceipt.com
- BE - COSIC - Bart Preneel - Vincent Rijmen
- Marc Stevens - hashing, MD5 - SHA1
- Ralph Merkle
- Cryptography Research - US, San Francisco, Paul Kocher - SSL V3.0 - differential power analysis - ...
- Sergei Skorobogatov - hacking iPhone 5c
Conferences - IACR (Crypto - EuroCrypt - AsiaCrypt - .../ IEEE / and also RSA
Math aspects, formal verification and cryptanalysis
- Project Everest - Microsoft, INREA, CMU
- aims to build and deploy a verified HTTPS stack
- formally verified implementation of components in HTTPS ecosystem, including TLS and
AES, SHA2 and X25519 (DH function on Curve25519)
- Everest consists of:
- F*- a verification language for effectful programs
- By default F* only verifies the input code, it does not execute it.
To execute F* code one needs to extract it to OCaml or F# and then compile it using the OCaml or F# compiler
- miTLS, reference implementation of the TLS protocol in F*
- KreMLin, a compiler from a subset of F* to C
- HACL*, a verified library of cryptographic primitives written in F*
- Vale, a domain-specific language for verified cryptographic primitives in assembly
- EverCrypt, a verified crypto provider that combines HACL* and Vale via an agile, multi-platform,
self-configuring cryptographic API
- EverParse, a library and tool to automatically generate verified parsers and serializers for binary data formats
- => When combined together, the projects above generate a mixture of C and assembly code that implements TLS 1.3,
with proofs of safety, correctness, security and various forms of side-channel resistance
- SageMath
- The Random Oracle model
- DE - TU Darmstadt - Lindner - links to Jalgebra
- EFF - 1999-01-19 56 bit DES crack in 22 1/4 h.
- CWI - Lenstra, Te Riel, Montgomery - cracking RSA-155/512 bits
- MD5Crack - Gregory Duchemin
- DeCSS - decryption of DVD CSS - Dave Touretzky - Carnegie Mellon University - note that originally this seems to have been done by MoRE, a Norwegian group - Masters of Reverse Engineering
- Univ of Maryland - William Arbaugh - chosen plaintext against WEP/WEP2
- Copacobana - Cost-Optimized Parallel COde Breaker for e.g. DES (FPGA-based machine)
Standards
Refer to crypto standards.
Crypto - R and D
EMEA R&D
- EU - STORK - STrategic Roadmap for Crypto - establishing a roadmap for future European research in cryptography within the EC's 6th Framework
- EU - eCrypt - Network of Excellence for Cryptology
- EU - Ripemd
- EU - CryptoNessie - refers to COSIC
- EU - PAMPAS - Pioneering Advanced Mobile Privacy and Security - an IST FP5 roadmap project - next generation GSM etc
- EU - EESSI - European Electronic Signature Standardization Initiative - Preneel, Rijmen, Bosselaers, Biham, Knudsen, Stern, JJQ, ...
- BE - K.U.Leuven - ESAT/COSIC
- BE - K.U.Leuven - links also to ICRI
- BE/VL - IBBT - Instituut voor BreedBand Technologie - Flemish/cross-university
- BE/DK - Alice and Bob Technologies - Preneel/Knudsen
- BE - UCL - J.J. Quisquater
- BE - K2Crypt - J.J. Quisquater and Francois Koeune
- BE - BlueKrypt - UCL
- BE - Integri - suggested by KDB
- NL - Kerckhoff Institute inclusief Eric Verheul
- NL - Radboud Universiteit Nijmegen - Eric Verheul
- NL - Radboud Universiteit Nijmegen - Digital Security group - Mifare hack demo - Wouter Teepe
- NL - XTR - Arjen Lenstra & Eric Verheul
- NL - Werkgemeenschap Informatie en Communicatietheorie - Henk van Tilborg
- NL - Tanja Lange PQcrypto - EC crypto
- UK - Royal Holloway - Information Security Group - Fred Piper, Chris Mitchell...
- UK - Ross Anderson - lecture notes, analysis, Serpent, stegano...
- UK - Bletchley Park
- UK - Brian Gladman - UK MOD/NATO - AES in C etc
- ES - Safelayer - Spanish PKI and security products and consulting - Spanish governemental PKI/e-Signature implementations
- DE - TU Darmstadt - Lindner - Algebra in Java
- DE - Fraunhofer/GMD
- DE - CAST Forum - Competence Centre for Applied Security Technology - Committee on Digital Watermarking
- PEPP-PT - centralised philosophy
- DP-3T Cosic et al. - decentralised philosophy
- CH - EPFL/Cosic - Carmela Troncoso - privacy and DP-3T
- CH - IBM-Zurich - Jan Camenisch - anonymous credentials - FP6/FP7 Prime/PrimeLife
- CH - IBM-Zurich - Jan Camenisch - anonymous credentials - FP6/FP7 Prime/PrimeLife
- CH - ETH-Zurich - James Massey
- CH - ETH-Zurich - Ueli Maurer
- CH - SWITCH - Swiss Academic and Research Network
- CH - IBM Zurich
- NO - Bergen Lars Knudsen - ...James Massey
- FI - University of Wasa in Finland, check out /pc/crypto
- IL - Weizmann - Oded Goldreich Crypto teaching
- IL - Technion - Eli Biham - Serpent
- IL - Technion - overview of courses
US/CA R&D
Other R&D - Israel, Asia/Japan ...
Digital Rights Management / secure music and copying
Sundry
Browser step-up demo's (old stuff)
Newsgroups include sci.crypt, sci.crypt.research, comp.risks