ENCRYPTION
Contents
Symmetric encryption
DES and 3DES
DES: FIPS 81, DES/3DES FIPS 46-3
AES
Asymmetric encryption of symmetric keys
- RFC 3766 Determining Strengths For Public Keys Used For Exchanging Symmetric Keys
Asymmetric encryption
RSA encryption
Based on the difficulty of factorisation.
ECC encryption
Based on the difficulty of DLP on an elliptic curve.
Pairing-base encryption
Is a variant of elliptic curve cryptography, where a pairing is a special map defined over elliptic curves.
Generally, elliptic curves is defined so that pairing is not efficiently computable since elliptic curve cryptography is broken if pairing is efficiently computable.
As the importance of pairing grows, elliptic curves where pairing is efficiently computable are studied and the special curves called pairing-friendly curves are proposed.
Thanks to the characteristics of pairing, it can be applied to construct several cryptographic algorithms and protocols such as identity-based encryption (IBE), attribute-based encryption (ABE), authenticated key exchange (AKE), short signatures and so on.
- Weil-pairing - Wikipedia
- IETF on pairing-friendly curves - several applications using pairing-based cryptography are standardized and implemented.
- IETF issues RFCs for pairing-based cryptography such as identity-based cryptography, certificateless signatures, Sakai-Kasahara Key Encryption (SAKKE), and Identity-Based Authenticated Key Exchange (IBAKE), SAKKE is applied to Multimedia Internet KEYing (MIKEY) and used in 3GPP
- Pairing-based key agreement protocols are standardized in ISO/IEC 11770-3:2015, which contains a key agreement scheme by Joux, identity-based key agreement schemes by Smart-Chen-Cheng and by Fujioka-Suzuki-Ustaoglu.
- MIRACL implements M-Pin, a multi-factor authentication protocol. M-Pin protocol includes a kind of zero-knowledge proof, where pairing is used for its construction.
- Trusted Computing Group (TCG) specifies ECDAA (Elliptic Curve Direct Anonymous Attestation) in the specification of Trusted Platform Module (TPM).
ECDAA is a protocol for proving the attestation held by a TPM to a verifier without revealing the attestation held by that TPM. Pairing is used for constructing ECDAA.
- FIDO Alliance and W3C also published ECDAA algorithm similar to TCG.
- Zcash implements their zero-knowledge proof algorithm named zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge), used for protecting privacy of transactions of Zcash. T
hey use pairing for constructing zk-SNARKS.
- Cloudflare introduced Geo Key Manager to restrict distribution of customers' private keys to the subset of their data centers. To achieve this functionality, attribute-based encryption is used based on
pairing.
- DFINITY utilized threshold signature scheme to generate the decentralized random beacons. They constructed a BLS signature-based scheme, which is based on pairings.
- In Ethereum 2.0, project Prysm applies signature aggregation for scalability benefits by leveraging DFINITY's random-beacon chain playground. Their codes are published on GitHub.
NTRU encryption
NTRU is an open source public-key cryptosystem that uses lattice-based cryptography to encrypt and decrypt data.
It consists of two algorithms: NTRUEncrypt, which is used for encryption,
and NTRUSign, which is used for digital signatures.
Unlike other popular public-key cryptosystems, it is resistant to attacks using Shor's algorithm.
NTRUEncrypt was patented, but it was placed in the public domain in 2017.
NTRUSign is patented, but it can be used by software under the GPL.
NTRU is an abbreviation for "Nth degree truncated polynomial ring units."
- NTRU - Wikipedia
- 1996 by Jeffrey Hoffstein, Jill Pipher, and Joseph H. Silverman
- 2016, Daniel Bernstein, Chitchanok Chuengsatiansup, Tanja Lange and Christine van Vredendaal released NTRU Prime
XTR encryption
XTR is an algorithm for public-key encryption, relying on the difficulty of the DLP.
XTR stands for 'ECSTR', which is an abbreviation for Efficient and Compact Subgroup Trace Representation.
It relies on the difficulty of solving Discrete Logarithm related problems in the full multiplicative group of a
finite field. Unlike many cryptographic protocols that are based on the generator of the full multiplicative group of a
finite field, XTR uses the generator g of a relatively small subgroup of some prime order q of a subgroup.
Authenticated encryption
Authenticated encryption (AE) and authenticated encryption with associated data (AEAD) are forms
of encryption which simultaneously assure the confidentiality and authenticity of data.
Six different authenticated encryption modes (namely OCB 2.0, Key Wrap, CCM, EAX, Encrypt-then-MAC (EtM), and GCM)
have been standardized in ISO/IEC 19772:2009. More authenticated encryption methods were developed in response to
NIST solicitation.
Basics
Homomorphic encryption
Homomorphic encryption is a form of encryption that allows computation on ciphertexts, generating an encrypted result which,
when decrypted, matches the result of the operations as if they had been performed on the plaintext.
Basics
Systems
- Paillier - Wikipedia
- Invented by and named after Pascal Paillier in 1999
- Is a probabilistic asymmetric algorithm for public key cryptography
- Based on the problem of computing n-th residue classes, i.e. the decisional composite residuosity assumption
- Is an additive homomorphic cryptosystem; this means that, given only the public key and the encryption
of m1 and m2 , one can compute the encryption of m1 + m2.
MPC
Secure multi-party computation (also known as secure computation, multi-party computation (MPC),
or privacy-preserving computation) is a subfield of cryptography with the goal of creating methods for parties
to jointly compute a function over their inputs while keeping those inputs private.
Unlike traditional cryptographic tasks, where cryptography assures security and integrity of communication or storage
and the adversary is outside the system of participants (an eavesdropper on the sender and receiver),
the cryptography in this model protects participants' privacy from each other.
Related to Shamir's 'How to share a secret'.
Basics
Lightweight Cryptography (LWC)
Functional encryption
Functional encryption (FE) is a generalization of public-key encryption in which possessing a secret key allows one to learn a function of what the ciphertext is encrypting.