Zcash
Zcash is a cryptocurrency aimed at using cryptography to provide enhanced privacy for its users compared to other cryptocurrencies such as Bitcoin. Zcash is based on Bitcoin's codebase. It shares many
Group key
In cryptography, a group key is a cryptographic key that is shared between a group of users. Typically, group keys are distributed by sending them to individual users, either physically, or encrypted
SIGINT Activity Designator
A SIGINT Activity Designator (or SIGAD) identifies a signals intelligence (SIGINT) line of collection activity associated with a signals collection station, such as a base or a ship. For example, the
Honey encryption
Honey encryption is a type of data encryption that "produces a ciphertext, which, when decrypted with an incorrect key as guessed by the attacker, presents a plausible-looking yet incorrect plaintext
Secure Hash Algorithms
The Secure Hash Algorithms are a family of cryptographic hash functions published by the National Institute of Standards and Technology (NIST) as a U.S. Federal Information Processing Standard (FIPS),
Master/Session
In cryptography, Master/Session is a key management scheme in which a pre-shared Key Encrypting Key (called the "Master" key) is used to encrypt a randomly generated and insecurely communicated Workin
Security protocol notation
In cryptography, security (engineering) protocol notation, also known as protocol narrations and Alice & Bob notation, is a way of expressing a protocol of correspondence between entities of a dynamic
123 Reg
123 Reg is a British domain registrar and web hosting company founded in 2000 and now under the ultimate ownership of GoDaddy. The company claims to be the UK's largest accredited domain registrar and
Voice inversion
Voice inversion scrambling is an analog method of obscuring the content of a transmission. It is sometimes used in public service radio, automobile racing, cordless telephones and the Family Radio Ser
Subliminal channel
In cryptography, subliminal channels are covert channels that can be used to communicate secretly in normal looking communication over an insecure channel. Subliminal channels in digital signature cry
Pseudorandom ensemble
In cryptography, a pseudorandom ensemble is a family of variables meeting the following criteria: Let be a uniform ensembleand be an ensemble. The ensemble is called pseudorandom if and are indistingu
Cryptographic multilinear map
A cryptographic -multilinear map is a kind of multilinear map, that is, a function such that for any integers and elements , , and which in addition is efficiently computable and satisfies some securi
PrivateCore
PrivateCore is a venture-backed startup located in Palo Alto, California that develops software to secure server data through server attestation and memory encryption. The company's attestation and me
MIME Object Security Services
MIME Object Security Services (MOSS) is a protocol that uses the multipart/signed and multipart/encrypted framework to apply digital signature and encryption services to MIME objects.
Key checksum value
In cryptography, a Key Checksum Value (KCV) is the checksum of a cryptographic key. It is used to validate the key integrity or compare keys without knowing their actual values. The KCV is computed by
Hardware-based encryption
Hardware-based encryption is the use of computer hardware to assist software, or sometimes replace software, in the process of data encryption. Typically, this is implemented as part of the processor'
Signatures with efficient protocols
Signatures with efficient protocols are a form of digital signature invented by Jan Camenisch and Anna Lysyanskaya in 2001. In addition to being secure digital signatures, they need to allow for the e
SIPRNet
The Secure Internet Protocol Router Network (SIPRNet) is "a system of interconnected computer networks used by the U.S. Department of Defense and the U.S. Department of State to transmit classified in
Lattice-based cryptography
Lattice-based cryptography is the generic term for constructions of cryptographic primitives that involve lattices, either in the construction itself or in the security proof. Lattice-based constructi
Learning with errors
Learning with errors (LWE) is the computational problem of inferring a linear -ary function over a finite ring from given samples some of which may be erroneous.The LWE problem is conjectured to be ha
Direct Anonymous Attestation
Direct Anonymous Attestation (DAA) is a cryptographic primitive which enables remote authentication of a trusted computer whilst preserving privacy of the platform's user. The protocol has been adopte
List of cryptosystems
A cryptosystem is a set of cryptographic algorithms that map ciphertexts and plaintexts to each other.
Cover-coding
Cover-coding is a technique for obscuring the data that is transmitted over an insecure link, to reduce the risks of snooping. An example of cover-coding would be for the sender to perform a bitwise X
Cryptographic hash function
A cryptographic hash function (CHF) is a mathematical algorithm that maps data of an arbitrary size (often called the "message") to a bit array of a fixed size (the "hash value", "hash", or "message d
CrypTool
CrypTool is an open-source projectthat is a free e-learning software for illustrating cryptographic and cryptanalytic concepts.According to "Hakin9", CrypTool is worldwide the most widespread e-learni
SPKAC
SPKAC is an acronym that stands for Signed Public Key and Challenge, also known as Netscape SPKI. It is a format for sending a Certification Signing Request: it encodes a public key, that can be manip
Pseudorandom generator
In theoretical computer science and cryptography, a pseudorandom generator (PRG) for a class of statistical tests is a deterministic procedure that maps a random seed to a longer pseudorandom string s
Unknown key-share attack
As defined by , an unknown key-share (UKS) attack on an authenticated key agreement (AK) or authenticated key agreement with (AKC) protocol is an attack whereby an entity ends up believing she shares
Cryptography
Cryptography, or cryptology (from Ancient Greek: κρυπτός, romanized: kryptós "hidden, secret"; and γράφειν graphein, "to write", or -λογία -logia, "study", respectively), is the practice and study of
Kurzsignale
The Short Signal Code, also known as the Short Signal Book (German: Kurzsignalbuch), was a short code system used by the Kriegsmarine (German Navy) during World War II to minimize the transmission dur
Microsoft Security Development Lifecycle
The Microsoft Security Development Lifecycle is a software development process used and proposed by Microsoft to reduce software maintenance costs and increase reliability of software concerning softw
Naor–Reingold pseudorandom function
In 1997, Moni Naor and Omer Reingold described efficient constructions for various cryptographic primitives in private key as well as public-key cryptography. Their result is the construction of an ef
CrySyS Lab
CrySyS Lab (Hungarian pronunciation: [ˈkriːsis]) is part of the Department of Telecommunications at the Budapest University of Technology and Economics. The name is derived from "Laboratory of Cryptog
Discriminant Book
The Discriminant Book (German: Kenngruppenbuch; literally: Groups to identify the key to the receiver) shortened to K-Book (K. Buch), and also known as the indicator group book or identification group
MDS matrix
An MDS matrix (maximum distance separable) is a matrix representing a function with certain diffusion properties that have useful applications in cryptography. Technically, an matrix over a finite fie
Philco computers
Philco was one of the pioneers of transistorized computers. After the company developed the surface barrier transistor, which was much faster than previous point-contact types, it was awarded contract
Data at rest
Data at rest in information technology means data that is housed physically on computer data storage in any digital form (e.g. cloud storage, file hosting services, databases, data warehouses, spreads
Polygraphic substitution
Polygraphic substitution is a cipher in which a uniform substitution is performed on blocks of letters. When the length of the block is specifically known, more precise terms are used: for instance, a
Discrete logarithm
In mathematics, for given real numbers a and b, the logarithm logb a is a number x such that bx = a. Analogously, in any group G, powers bk can be defined for all integers k, and the discrete logarith
Conjugate coding
Conjugate coding is a cryptographic tool, introduced by Stephen Wiesner in the late 1960s. It is part of the two applications Wiesner described for quantum coding, along with a method for creating fra
Quantum key distribution
Quantum key distribution (QKD) is a secure communication method which implements a cryptographic protocol involving components of quantum mechanics. It enables two parties to produce a shared random s
Nothing-up-my-sleeve number
In cryptography, nothing-up-my-sleeve numbers are any numbers which, by their construction, are above suspicion of hidden properties. They are used in creating cryptographic functions such as hashes a
BREACH
BREACH (a backronym: Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext) is a security vulnerability against HTTPS when using HTTP compression. BREACH is built based on the
Ciphertext expansion
In cryptography, the term ciphertext expansion refers to the length increase of a message when it is encrypted. Many modern cryptosystems cause some degree of expansion during the encryption process,
Messaging Layer Security
Messaging Layer Security (MLS), is a security layer for end-to-end encrypting messages in arbitrarily sized groups. It is being built by the IETF MLS working group and designed to be efficient, practi
Proof of work
Proof of work (PoW) is a form of cryptographic proof in which one party (the prover) proves to others (the verifiers) that a certain amount of a specific computational effort has been expended. Verifi
Secure two-party computation
Secure two-party computation (2PC) a.k.a. Secure function evaluation is sub-problem of secure multi-party computation (MPC) that has received special attention by researchers because of its close rela
Completeness (cryptography)
In cryptography, a boolean function is said to be complete if the value of each output bit depends on all input bits. This is a desirable property to have in an encryption cipher, so that if one bit o
Stencil Subtractor
The Stencil Subtractor frame was a ciphered text recyphering tool that was invented by British Army Intelligence Officer and cryptographer John Tiltman and was ready for trial by April 1941 but was no
HTTP Strict Transport Security
HTTP Strict Transport Security (HSTS) is a policy mechanism that helps to protect websites against man-in-the-middle attacks such as protocol downgrade attacks and cookie hijacking. It allows web serv
Key derivation function
In cryptography, a key derivation function (KDF) is a cryptographic algorithm that derives one or more secret keys from a secret value such as a master key, a password, or a passphrase using a pseudor
Prince (cipher)
Prince is a block cipher targeting low latency, unrolled hardware implementations. It is based on the so-called FX construction. Its most notable feature is the alpha reflection: the decryption is the
Hardware random number generator
In computing, a hardware random number generator (HRNG) or true random number generator (TRNG) is a device that generates random numbers from a physical process, rather than by means of an algorithm.
Plaintext
In cryptography, plaintext usually means unencrypted information pending input into cryptographic algorithms, usually encryption algorithms. This usually refers to data that is transmitted or stored u
Online credentials for learning
Online credentials for learning are digital credentials that are offered in place of traditional paper credentials for a skill or educational achievement. They are directly linked to the accelerated d
SFINKS
In cryptography, SFINKS is a stream cypher algorithm developed by , , , Bart Preneel, and Ingrid Verbauwhede. It includes a message authentication code. It has been submitted to the eSTREAM Project of
Hybrid argument (Cryptography)
In cryptography, the hybrid argument is a proof technique used to show that two distributions are computationally indistinguishable.
Ephemeral key
A cryptographic key is called ephemeral if it is generated for each execution of a key establishment process. In some cases ephemeral keys are used more than once, within a single session (e.g., in br
Server-Gated Cryptography
Server-Gated Cryptography (SGC), also known as International Step-Up by Netscape, is a defunct mechanism that was used to step up from 40-bit or 56-bit to 128-bit cipher suites with SSL. It was create
Smart-ID
Smart-ID is an electronic authentication tool developed by SK ID Solutions, an Estonian company. Users can log in to various electronic services and sign documents with an electronic signature. Smart-
Cryptographic nonce
In cryptography, a nonce is an arbitrary number that can be used just once in a cryptographic communication. It is often a random or pseudo-random number issued in an authentication protocol to ensure
I2P
The Invisible Internet Project (I2P) is an anonymous network layer (implemented as a mix network) that allows for censorship-resistant, peer-to-peer communication. Anonymous connections are achieved b
Device-independent quantum cryptography
A quantum cryptographic protocol is device-independent if its security does not rely on trusting that the quantum devices used are truthful.Thus the security analysis of such a protocol needs to consi
Crypto-shredding
Crypto-shredding is the practice of 'deleting' data by deliberately deleting or overwriting the encryption keys. This requires that the data have been encrypted. Data may be considered to exist in thr
Mix network
Mix networks are routing protocols that create hard-to-trace communications by using a chain of proxy servers known as mixes which take in messages from multiple senders, shuffle them, and send them b
Colored Coins
Colored Coins is an open-source protocol built on the Bitcoin 2.0 that allows users to represent and manipulate immutable digital resources on top of Bitcoin transactions. They are a class of methods
HashClash
HashClash was a volunteer computing project running on the Berkeley Open Infrastructure for Network Computing (BOINC) software platform to find collisions in the MD5 hash algorithm. It was based at De
Crypto Wars
Attempts, unofficially dubbed the "Crypto Wars", have been made by the United States (US) and allied governments to limit the public's and foreign nations' access to cryptography strong enough to thwa
Electronic signature
An electronic signature, or e-signature, is data that is logically associated with other data and which is used by the signatory to sign the associated data. This type of signature has the same legal
Undeniable signature
An undeniable signature is a digital signature scheme which allows the signer to be selective to whom they allow to verify signatures. The scheme adds explicit signature repudiation, preventing a sign
Point-to-point encryption
Point-to-point encryption (P2PE) is a standard established by the PCI Security Standards Council. Payment solutions that offer similar encryption but do not meet the P2PE standard are referred to as e
Yao's test
In cryptography and the theory of computation, Yao's test is a test defined by Andrew Chi-Chih Yao in 1982, against pseudo-random sequences. A sequence of words passes Yao's test if an attacker with r
Mask generation function
A mask generation function (MGF) is a cryptographic primitive similar to a cryptographic hash function except that while a hash function's output has a fixed size, a MGF supports output of a variable
Trace zero cryptography
In 1998 Gerhard Frey firstly proposed using trace zero varieties for cryptographic purpose. These varieties are subgroups of the divisor class group on a low genus hyperelliptic curve defined over a f
Trapdoor function
In theoretical computer science and cryptography, a trapdoor function is a function that is easy to compute in one direction, yet difficult to compute in the opposite direction (finding its inverse) w
Quark (hash function)
Quark is a cryptographic hash function (family).It was designed by Jean-Philippe Aumasson, Luca Henzen, Willi Meier and María Naya-Plasencia. Quark was created because of the expressed need by applica
Cryptographic High Value Product
Cryptographic High Value Product (CHVP) is a designation used within the information security community to identify assets that have high value, and which may be used to encrypt / decrypt secure commu
Backdoor (computing)
A backdoor is a typically covert method of bypassing normal authentication or encryption in a computer, product, embedded device (e.g. a home router), or its embodiment (e.g. part of a cryptosystem, a
Digital credential
Digital credentials are the digital equivalent of paper-based credentials. Just as a paper-based credential could be a passport, a driver's license, a membership certificate or some kind of ticket to
Encryption
In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as cipherte
KLJN Secure Key Exchange
Random-resistor-random-temperature Kirchhoff-law-Johnson-noise key exchange, also known as RRRT-KLJN or simply KLJN, is an approach for distributing cryptographic keys between two parties that claims
Security parameter
In cryptography, a security parameter is a way of measuring of how "hard" it is for an adversary to break a cryptographic scheme. There are two main types of security parameter: computational and stat
Multiple encryption
Multiple encryption is the process of encrypting an already encrypted message one or more times, either using the same or a different algorithm. It is also known as cascade encryption, cascade cipheri
Probabilistic signature scheme
Probabilistic Signature Scheme (PSS) is a cryptographic signature scheme designed by Mihir Bellare and Phillip Rogaway. RSA-PSS is an adaptation of their work and is standardized as part of PKCS#1 v2.
Relativistic quantum cryptography
Relativistic quantum cryptography is a sub-field of quantum cryptography, in which in addition to exploiting the principles of quantum physics, the no-superluminal signalling principle of relativity t
Proof of knowledge
In cryptography, a proof of knowledge is an interactive proof in which the prover succeeds in 'convincing' a verifier that the prover knows something. What it means for a machine to 'know something' i
CryptoParty
CryptoParty (Crypto-Party) is a grassroots global endeavour to introduce the basics of practical cryptography such as the Tor anonymity network, I2P, Freenet, key signing parties, disk encryption and
Cryptovirology
Cryptovirology refers to the use of cryptography to devise particularly powerful malware, such as ransomware and asymmetric backdoors. Traditionally, cryptography and its applications are defensive in
Privilege Management Infrastructure
In cryptography Privilege Management is the process of managing user authorisations based on the ITU-T Recommendation X.509. The 2001 edition of X.509 specifies most (but not all) of the components of
Key ceremony
In cryptography, a key ceremony is a ceremony held to generate or use a cryptographic key. A public example is the signing of the DNS root zone for DNSSEC.
Link encryption
Link encryption is an approach to communications security that encrypts and decrypts all network traffic at each network routing point (e.g. network switch, or node through which it passes) until arri
Tokenization (data security)
Tokenization, when applied to data security, is the process of substituting a sensitive data element with a non-sensitive equivalent, referred to as a token, that has no intrinsic or exploitable meani
Key-agreement protocol
In cryptography, a key-agreement protocol is a protocol whereby two or more parties can agree on a key in such a way that both influence the outcome. If properly done, this precludes undesired third p
Short Weather Cipher
The Short Weather Cipher (German: Wetterkurzschlüssel, abbreviated WKS), also known as the weather short signal book, was a cipher, presented as a codebook, that was used by the radio telegraphists ab
Proxy re-encryption
Proxy re-encryption (PRE) schemes are cryptosystems which allow third parties (proxies) to alter a ciphertext which has been encrypted for one party, so that it may be decrypted by another.
Kerckhoffs's principle
Kerckhoffs's principle (also called Kerckhoffs's desideratum, assumption, axiom, doctrine or law) of cryptography was stated by Dutch-born cryptographer Auguste Kerckhoffs in the 19th century. The pri
One-way function
In computer science, a one-way function is a function that is easy to compute on every input, but hard to invert given the image of a random input. Here, "easy" and "hard" are to be understood in the
Security level
In cryptography, security level is a measure of the strength that a cryptographic primitive — such as a cipher or hash function — achieves. Security level is usually expressed as a number of "bits of
Outline of cryptography
The following outline is provided as an overview of and topical guide to cryptography: Cryptography (or cryptology) – practice and study of hiding information. Modern cryptography intersects the disci
Proof of identity (blockchain consensus)
Proof of identity (PoID) is a consensus protocol for permission-less blockchains, in which each uniquely identified individual receives one equal unit of voting power and associated rewards (minting t
Designated verifier signature
A designated verifier signature is a signature scheme in which signatures can only be verified by a single, designated verifier, designated as part of the signature creation. Designated verifier signa
Musical cryptogram
A musical cryptogram is a cryptogrammatic sequence of musical symbols, a sequence which can be taken to refer to an extra-musical text by some 'logical' relationship, usually between note names and le
Salt (cryptography)
In cryptography, a salt is random data that is used as an additional input to a one-way function that hashes data, a password or passphrase. Salts are used to safeguard passwords in storage. Historica
Codebook
A codebook is a type of document used for gathering and storing cryptography codes. Originally codebooks were often literally books, but today codebook is a byword for the complete record of a series
Bus encryption
Bus encryption is the use of encrypted program instructions on a data bus in a computer that includes a secure cryptoprocessor for executing the encrypted instructions. Bus encryption is used primaril
Signals intelligence
Signals intelligence (SIGINT) is intelligence-gathering by interception of signals, whether communications between people (communications intelligence—abbreviated to COMINT) or from electronic signals
Visual cryptography
Visual cryptography is a cryptographic technique which allows visual information (pictures, text, etc.) to be encrypted in such a way that the decrypted information appears as a visual image. One of t
Factorization of polynomials over finite fields
In mathematics and computer algebra the factorization of a polynomial consists of decomposing it into a product of irreducible factors. This decomposition is theoretically possible and is unique for p
WYSIWYS
In cryptography, What You See Is What You Sign (WYSIWYS) is a property of digital signature systems that ensures the semantic content of signed messages can not be changed, either by accident or inten
Chaotic cryptology
Chaotic cryptology is the application of the mathematical chaos theory to the practice of the cryptography, the study or techniques used to privately and securely transmit information with the presenc
Trusted third party
In cryptography, a trusted third party (TTP) is an entity which facilitates interactions between two parties who both trust the third party; the Third Party reviews all critical transaction communicat
Lattice reduction
In mathematics, the goal of lattice basis reduction is to find a basis with short, nearly orthogonal vectors when given an integer lattice basis as input. This is realized using different algorithms,
Password strength
Password strength is a measure of the effectiveness of a password against guessing or brute-force attacks. In its usual form, it estimates how many trials an attacker who does not have direct access t
Self-shrinking generator
A self-shrinking generator is a pseudorandom generator that is based on the shrinking generator concept. Variants of the self-shrinking generator based on a linear-feedback shift register (LFSR) are s
Ciphertext indistinguishability
Ciphertext indistinguishability is a property of many encryption schemes. Intuitively, if a cryptosystem possesses the property of indistinguishability, then an adversary will be unable to distinguish
CloudMask
CloudMask is a data privacy company for public or private cloud applications.
Trusted Computing
Trusted Computing (TC) is a technology developed and promoted by the Trusted Computing Group. The term is taken from the field of trusted systems and has a specialized meaning that is distinct from th
Symmetric Boolean function
In mathematics, a symmetric Boolean function is a Boolean function whose value does not depend on the order of its input bits, i.e., it depends only on the number of ones (or zeros) in the input. For
Code (cryptography)
In cryptology, a code is a method used to encrypt a message that operates at the level of meaning; that is, words or phrases are converted into something else. A code might transform "change" into "CV
Advanced Encryption Standard
The Advanced Encryption Standard (AES), also known by its original name Rijndael (Dutch pronunciation: [ˈrɛindaːl]), is a specification for the encryption of electronic data established by the U.S. Na
Database encryption
Database encryption can generally be defined as a process that uses an algorithm to transform data stored in a database into "cipher text" that is incomprehensible without first being decrypted. It ca
Anonymous remailer
An anonymous remailer is a server that receives messages with embedded instructions on where to send them next, and that forwards them without revealing where they originally came from. There are cyph
Noisy-storage model
The noisy-storage model refers to a cryptographic model employed in quantum cryptography. It assumes that the quantum memory device of an attacker (adversary) trying to break the protocol is imperfect
Offensive Security
Offensive Security is an American international company working in information security, penetration testing and digital forensics. Operating from around 2007, the company created open source projects
Standard model (cryptography)
In cryptography the standard model is the model of computation in which the adversary is only limited by the amount of time and computational power available. Other names used are bare model and plain
Structured encryption
Structured encryption (STE) is a form of encryption that encrypts a data structure so that it can be privately queried. Structured encryption can be used as a building block to design end-to-end encry
Knapsack cryptosystems
Knapsack cryptosystems are cryptosystems whose security is based on the hardness of solving the knapsack problem. They remain quite unpopular because simple versions of these algorithms have been brok
Normal basis
In mathematics, specifically the algebraic theory of fields, a normal basis is a special kind of basis for Galois extensions of finite degree, characterised as forming a single orbit for the Galois gr
Snake oil (cryptography)
In cryptography, snake oil is any cryptographic method or product considered to be bogus or fraudulent. The name derives from snake oil, one type of patent medicine widely available in 19th century Un
Security association
A security association (SA) is the establishment of shared security attributes between two network entities to support secure communication. An SA may include attributes such as: cryptographic algorit
Accumulator (cryptography)
In cryptography, an accumulator is a one way membership hash function. It allows users to certify that potential candidates are a member of a certain set without revealing the individual members of th
Niederreiter cryptosystem
In cryptography, the Niederreiter cryptosystem is a variation of the McEliece cryptosystem developed in 1986 by Harald Niederreiter. It applies the same idea to the parity check matrix, H, of a linear
S/MIME
S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption and signing of MIME data. S/MIME is on an IETF standards track and defined in a number of documents, most
Randomness
In common usage, randomness is the apparent or actual lack of pattern or predictability in events. A random sequence of events, symbols or steps often has no order and does not follow an intelligible
Crypto naming controversy
The meaning of the word crypto as an abbreviation is controversial. Cryptographers - people who specialize in cryptography - have used the term "crypto" as an abbreviation for their field of study. Ho
Encrypted function
An encrypted function is an attempt to provide mobile code privacy without providing any tamper-resistant hardware. It is a method where in mobile code can carry out cryptographic primitives even thou
Keyring (cryptography)
In cryptography, a keyring stores known encryption keys (and, in some cases, passwords). For example, GNU Privacy Guard makes use of keyrings.
Key Management Interoperability Protocol
The Key Management Interoperability Protocol (KMIP) is an extensible communication protocol that defines message formats for the manipulation of cryptographic keys on a key management server. This fac
Communications security
Communications security is the discipline of preventing unauthorized interceptors from accessing telecommunications in an intelligible form, while still delivering content to the intended recipients.
PURB (cryptography)
In cryptography, a padded uniform random blob or PURB is a discipline for encrypted data formats designed to minimize unintended information leakage either from its encryption format metadata or from
Floradora
"Floradora", also called Keyword, was a doubly enciphered diplomatic code used by the Germans during the Second World War. The Allies used tabulating equipment, created by IBM, to break the code over
End-to-end encryption
End-to-end encryption (E2EE) is a system of communication where only the communicating users can read the messages. In principle, it prevents potential eavesdroppers – including telecom providers, Int
Cryptographic Module Testing Laboratory
A Cryptographic Module Testing Laboratory (CMTL) is an information technology (IT) computer security testing laboratory that is accredited to conduct cryptographic module evaluations for conformance t
Chaos Communication Congress
The Chaos Communication Congress is an annual conference organized by the Chaos Computer Club. The congress features a variety of lectures and workshops on technical and political issues related to se
Mulabhadra
Mūlabhadra (മൂലഭദ്ര) aka Mūlabhadri (ml:മൂലഭദ്രി) was a secret method of communication employed by the royal spies of the erstwhile Travancore Kingdom during the medieval period. The scheme was also c
YAK (cryptography)
The YAK is a public-key authenticated key-agreement protocol, proposed by Feng Hao in 2010. It is claimed to be the simplest authenticated key exchange protocol among the related schemes, including MQ
Strong cryptography
Strong cryptography or cryptographically strong are general terms applied to cryptographic systems or components that are considered highly resistant to cryptanalysis. Demonstrating the resistance of
Three-stage quantum cryptography protocol
The three-stage quantum cryptography protocol, also known as Kak's three-stage protocol is a method of data encryption that uses random polarization rotations by both Alice and Bob, the two authentica
Key distribution in wireless sensor networks
Key distribution is an important issue in wireless sensor network (WSN) design [1]. WSNs are networks of small, battery-powered, memory-constraint devices named sensor nodes, which have the capability
Human rights and encryption
Human rights applied to encryption is a concept of freedom of expression where encryption is a technical resource in the implementation of basic human rights. With the evolution of the digital age, th
Lattice problem
In computer science, lattice problems are a class of optimization problems related to mathematical objects called lattices. The conjectured intractability of such problems is central to the constructi
Transmission security
Transmission security (TRANSEC) is the component of communications security (COMSEC) that results from the application of measures designed to protect transmissions from interception and exploitation
Mlecchita vikalpa
Mlecchita Vikalpa is one of the 64 arts listed in Vatsyayana's Kamasutra. The list appears in Chapter 3 of Part I of Kamasutra and Mlecchita Vikalpa appears as the 44th item in the list. The term Mlec
Password Authenticated Key Exchange by Juggling
The Password Authenticated Key Exchange by Juggling (or J-PAKE) is a password-authenticated key agreement protocol, proposed by Feng Hao and Peter Ryan. This protocol allows two parties to establish p
Tropical cryptography
In tropical analysis, tropical cryptography refers to the study of a class of cryptographic protocols built upon tropical algebras. In many cases, tropical cryptographic schemes have arisen from adapt
Entropic security
Entropic security is a security definition used in the field of cryptography. Modern encryption schemes are generally required to protect communications even when the attacker has substantial informat
Padding (cryptography)
In cryptography, padding is any of a number of distinct practices which all include adding data to the beginning, middle, or end of a message prior to encryption. In classical cryptography, padding ma
Quantum Byzantine agreement
Byzantine fault tolerant protocols are algorithms that are robust to arbitrary types of failures in distributed algorithms. The Byzantine agreement protocol is an essential part of this task. The cons
Sacher hexachord
The Sacher hexachord (6-Z11, musical cryptogram on the name of Swiss conductor Paul Sacher) is a hexachord notable for its use in a set of twelve compositions (12 Hommages à Paul Sacher) created at th
Chaffing and winnowing
Chaffing and winnowing is a cryptographic technique to achieve confidentiality without using encryption when sending data over an insecure channel. The name is derived from agriculture: after grain ha
Format-transforming encryption
In cryptography, format-transforming encryption (FTE) refers to encryption where the format of the input plaintext and output ciphertext are configurable. Descriptions of formats can vary, but are typ
Critical security parameter
In cryptography, a critical security parameter (CSP) is information that is either user or system defined and is used to operate a cryptography module in processing encryption functions including cryp
Knapsack problem
The knapsack problem is a problem in combinatorial optimization: Given a set of items, each with a weight and a value, determine the number of each item to include in a collection so that the total we
RCCA security
Replayable CCA security (RCCA security) is a security notion in cryptography that relaxes the older notion of Security against Chosen-Ciphertext Attack (CCA, more precisely adaptive security notion CC
Index of coincidence
In cryptography, coincidence counting is the technique (invented by William F. Friedman) of putting two texts side-by-side and counting the number of times that identical letters appear in the same po
RSA Award for Excellence in Mathematics
The RSA Conference (RSAC) Award for Excellence in Mathematics is an annual award. It is announced at the annual RSA Conference in recognition of innovations and contributions in the field of cryptogra
Post-quantum cryptography
In cryptography, post-quantum cryptography (sometimes referred to as quantum-proof, quantum-safe or quantum-resistant) refers to cryptographic algorithms (usually public-key algorithms) that are thoug
Provable security
Provable security refers to any type or level of computer security that can be proved. It is used in different ways by different fields. Usually, this refers to mathematical proofs, which are common i
NIPRNet
The Non-classified Internet Protocol (IP) Router Network (NIPRNet) is an IP network used to exchange unclassified information, including information subject to controls on distribution, among the priv
PGP word list
The PGP Word List ("Pretty Good Privacy word list", also called a biometric word list for reasons explained below) is a list of words for conveying data bytes in a clear unambiguous way via a voice ch
Cryptographic Service Provider
In Microsoft Windows, a Cryptographic Service Provider (CSP) is a software library that implements the Microsoft CryptoAPI (CAPI). CSPs implement encoding and decoding functions, which computer applic
Cipher
In cryptography, a cipher (or cypher) is an algorithm for performing encryption or decryption—a series of well-defined steps that can be followed as a procedure. An alternative, less common term is en
Election security
Election cybersecurity or election security refers to the protection of elections and voting infrastructure from cyberattack or cyber threat – including the tampering with or infiltration of voting ma
Passphrase
A passphrase is a sequence of words or other text used to control access to a computer system, program or data. It is similar to a password in usage, but a passphrase is generally longer for added sec
Tor (network)
Tor, short for The Onion Router, is free and open-source software for enabling anonymous communication. It directs Internet traffic through a free, worldwide, volunteer overlay network, consisting of
Malleability (cryptography)
Malleability is a property of some cryptographic algorithms. An encryption algorithm is "malleable" if it is possible to transform a ciphertext into another ciphertext which decrypts to a related plai
Generic group model
The generic group model is an idealised cryptographic model, where the adversary is only given access to a randomly chosen encoding of a group, instead of efficient encodings, such as those used by th
Password-based cryptography
Password-based cryptography generally refers to two distinct classes of methods:
* Single-party methods
* Multi-party methods
Hyper-encryption
Hyper-encryption is a form of encryption invented by Michael O. Rabin which uses a high-bandwidth source of public random bits, together with a secret key that is shared by only the sender and recipie
Forking lemma
The forking lemma is any of a number of related lemmas in cryptography research. The lemma states that if an adversary (typically a probabilistic Turing machine), on inputs drawn from some distributio
Blacker (security)
Blacker (styled BLACKER) is a U.S. Department of Defense computer network security project designed to achieve A1 class ratings (very high assurance) of the Trusted Computer System Evaluation Criteria
Red/black concept
The red/black concept, sometimes called the red–black architectureor red/black engineering,refers to the careful segregation in cryptographic systems of signals that contain sensitive or classified pl
Searchable symmetric encryption
Searchable symmetric encryption (SSE) is a form of encryption that allows one to efficiently search over a collection of encrypted documents or files without the ability to decrypt them. SSE can be us
Anonymous matching
Anonymous matching is a matchmaking method facilitated by computer databases, in which each user confidentially selects people they are interested in dating and the computer identifies and reports mat
ESign (India)
Aadhaar eSign is an online electronic signature service in India to facilitate an Aadhaar holder to digitally sign a document. The signature service is facilitated by authenticating the Aadhaar holder
Blinding (cryptography)
In cryptography, blinding is a technique by which an agent can provide a service to (i.e., compute a function for) a client in an encoded form without knowing either the real input or the real output.
Comparison of cryptographic hash functions
The following tables compare general and technical information for a number of cryptographic hash functions. See the individual functions' articles for further information. This article is not all-inc
HKDF
HKDF is a simple key derivation function (KDF) based on HMAC message authentication code. It was initially proposed by its authors as a building block in various protocols and applications, as well as
NTRUSign
NTRUSign, also known as the NTRU Signature Algorithm, is an NTRU public-key cryptography digital signature algorithm based on the GGH signature scheme. The original version of NTRUSign was Polynomial
Pepper (cryptography)
In cryptography, a pepper is a secret added to an input such as a password during hashing with a cryptographic hash function. This value differs from a salt in that it is not stored alongside a passwo
Verifiable secret sharing
In cryptography, a secret sharing scheme is verifiable if auxiliary information is included that allows players to verify their shares as consistent. More formally, verifiable secret sharing ensures t
Substitution cipher
In cryptography, a substitution cipher is a method of encrypting in which units of plaintext are replaced with the ciphertext, in a defined manner, with the help of a key; the "units" may be single le
Public-key cryptography
In a public-key encryption system, anyone with a public key can encrypt a message, yielding a ciphertext, but only those who know the corresponding private key can decrypt the ciphertext to obtain the
Secret sharing
Secret sharing (also called secret splitting) refers to methods for distributing a secret among a group, in such a way that no individual holds any intelligible information about the secret, but when
Secure channel
In cryptography, a secure channel is a means of data transmission that is resistant to overhearing and tampering. A confidential channel is a means of data transmission that is resistant to overhearin
Data in use
Data in use is an information technology term referring to active data which is stored in a non-persistent digital state typically in computer random-access memory (RAM), CPU caches, or CPU registers.
Cover (telecommunications)
In telecommunications and tradecraft, cover is the technique of concealing or altering the characteristics of communications patterns for the purpose of denying an unauthorized receiver information th
Protocol composition logic
Protocol Composition Logic is a formal method that is used for proving security properties of protocols that use symmetric key and Public key cryptography. PCL is designed around a process calculi wit
DigiDoc
DigiDoc (Digital Document) is a family of digital signature- and cryptographic computing file formats utilizing a public key infrastructure. It currently has three generations of sub formats, DDOC- ,
Mimic function
A mimic function changes a file so it assumes the statistical properties of another file . That is, if is the probability of some substring occurring in , then a mimic function , recodes so that appro
Bitcoin Gold
Bitcoin Gold (BTG) is a cryptocurrency. It is a hard fork of Bitcoin, the open source cryptocurrency. It is an open source, decentralized digital currency without a central bank or intermediary that c
Client-side encryption
Client-side encryption is the cryptographic technique of encrypting data on the sender's side, before it is transmitted to a server such as a cloud storage service. Client-side encryption features an
PhotoDNA
PhotoDNA is a proprietary image-identification and content filtering technology widely used by online service providers.
Enhanced privacy ID
Enhanced Privacy ID (EPID) is Intel Corporation's recommended algorithm for attestation of a trusted system while preserving privacy. It has been incorporated in several Intel chipsets since 2008 and
Secure voice
Secure voice (alternatively secure speech or ciphony) is a term in cryptography for the encryption of voice communication over a range of communication types such as radio, telephone or IP.
Proof of space
Proof of space (PoS) is a type of consensus algorithm achieved by demonstrating one's legitimate interest in a service (such as sending an email) by allocating a non-trivial amount of memory or disk s
SegWit
Segregated Witness, or SegWit, is the name used for an implemented soft fork change in the transaction format of Bitcoin. The formal title "Segregated Witness (Consensus layer)" had Bitcoin Improvemen
Format-preserving encryption
In cryptography, format-preserving encryption (FPE), refers to encrypting in such a way that the output (the ciphertext) is in the same format as the input (the plaintext). The meaning of "format" var
Codress message
In military cryptography, a codress message is an encrypted message whose address is also encrypted. This is usually done to prevent traffic analysis.
Computer security
Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result i
Hybrid cryptosystem
In cryptography, a hybrid cryptosystem is one which combines the convenience of a public-key cryptosystem with the efficiency of a symmetric-key cryptosystem. Public-key cryptosystems are convenient i
Blom's scheme
Blom's scheme is a symmetric threshold key exchange protocol in cryptography. The scheme was proposed by the Swedish cryptographer Rolf Blom in a series of articles in the early 1980s. A trusted party
Onion routing
Onion routing is a technique for anonymous communication over a computer network. In an onion network, messages are encapsulated in layers of encryption, analogous to layers of an onion. The encrypted
Proof of stake
Proof-of-stake (PoS) protocols are a class of consensus mechanisms for blockchains that work by selecting validators in proportion to their quantity of holdings in the associated cryptocurrency. This
Bring your own encryption
Bring your own encryption (BYOE) also known as bring your own key (BYOK) is a cloud computing security marketing model that aims to help cloud service customers to use their own encryption software an
Correlation immunity
In mathematics, the correlation immunity of a Boolean function is a measure of the degree to which its outputs are uncorrelated with some subset of its inputs. Specifically, a Boolean function is said
Information leakage
Information leakage happens whenever a system that is designed to be closed to an eavesdropper reveals some information to unauthorized parties nonetheless. In other words: Information leakage occurs
Private set intersection
Private set intersection is a secure multiparty computation cryptographic technique that allows two parties holding sets to compare encrypted versions of these sets in order to compute the intersectio
TRESOR
TRESOR (recursive acronym for "TRESOR Runs Encryption Securely Outside RAM", and also the German word for a safe) is a Linux kernel patch which provides encryption using only the CPU to defend against
Non-commutative cryptography
Non-commutative cryptography is the area of cryptology where the cryptographic primitives, methods and systems are based on algebraic structures like semigroups, groups and rings which are non-commuta
One-time pad
In cryptography, the one-time pad (OTP) is an encryption technique that cannot be cracked, but requires the use of a single-use pre-shared key that is not smaller than the message being sent. In this
Ring learning with errors signature
Digital signatures are a means to protect digital information from intentional modification and to authenticate the source of digital information. Public key cryptography provides a rich set of differ
Bcrypt
bcrypt is a password-hashing function designed by Niels Provos and David Mazières, based on the Blowfish cipher and presented at USENIX in 1999. Besides incorporating a salt to protect against rainbow
Blocknots
Blocknots were random sequences of numbers contained in a book and organized by numbered rows and columns and were used as additives in the recyphering of Soviet Union codes, during World War II. The
Convergent encryption
Convergent encryption, also known as content hash keying, is a cryptosystem that produces identical ciphertext from identical plaintext files. This has applications in cloud computing to remove duplic
Array controller based encryption
Within a storage network, encryption of data may occur at different hardware levels. Array controller based encryption describes the encryption of data occurring at the disk array controller before be
Key (cryptography)
A key in cryptography is a piece of information, usually a string of numbers or letters that are stored in a file, which, when processed through a cryptographic algorithm, can encode or decode cryptog
Letter frequency
Letter frequency is the number of times letters of the alphabet appear on average in written language. Letter frequency analysis dates back to the Arab mathematician Al-Kindi (c. 801–873 AD), who form
PKIoverheid
PKIoverheid is the public key infrastructure (PKI) from the Dutch government. Like any other PKI, the system issues and manages digital certificates such that they can be realized. PKIoverheid is run
Random oracle
In cryptography, a random oracle is an oracle (a theoretical black box) that responds to every unique query with a (truly) random response chosen uniformly from its output domain. If a query is repeat
Information security
Information security, sometimes shortened to InfoSec, is the practice of protecting information by mitigating information risks. It is part of information risk management. It typically involves preven
Strong secrecy
Strong secrecy is a term used in formal proof-based cryptography for making propositions about the security of cryptographic protocols. It is a stronger notion of security than syntactic (or weak) sec
Garlic routing
Garlic routing is a variant of onion routing that encrypts multiple messages together to make it more difficult for attackers to perform traffic analysis and to increase the speed of data transfer. Mi
Batch cryptography
Batch cryptography is the area of cryptology where cryptographic protocols are studied and developed for doing cryptographic processes like encryption/decryption, key exchange, authentication, etc. in
Forward anonymity
Forward anonymity is a property of a cryptographic system which prevents an attacker who has recorded past encrypted communications from discovering the its contents and participants in the future. Th
Initialization vector
In cryptography, an initialization vector (IV) or starting variable (SV) is an input to a cryptographic primitive being used to provide the initial state. The IV is typically required to be random or
Unicity distance
In cryptography, unicity distance is the length of an original ciphertext needed to break the cipher by reducing the number of possible spurious keys to zero in a brute force attack. That is, after tr
Security through obscurity
Security through obscurity (or security by obscurity) is the reliance in security engineering on design or implementation secrecy as the main method of providing security to a system or component.
Ciphertext
In cryptography, ciphertext or cyphertext is the result of encryption performed on plaintext using an algorithm, called a cipher. Ciphertext is also known as encrypted or encoded information because i
POODLE
POODLE (which stands for "Padding Oracle On Downgraded Legacy Encryption") is a security vulnerability which takes advantage of the fallback to SSL 3.0. If attackers successfully exploit this vulnerab
Superincreasing sequence
In mathematics, a sequence of positive real numbers is called superincreasing if every element of the sequence is greater than the sum of all previous elements in the sequence. Formally, this conditio
Hashgraph
Hashgraph is a distributed ledger technology that has been described as an alternative to blockchains. The hashgraph technology is currently patented, is used by the public ledger Hedera, and there is
Cryptosystem
In cryptography, a cryptosystem is a suite of cryptographic algorithms needed to implement a particular security service, such as confidentiality (encryption). Typically, a cryptosystem consists of th
Code word
In communication, a code word is an element of a standardized code or protocol. Each code word is assembled in accordance with the specific rules of the code and assigned a unique meaning. Code words
Key-based routing
Key-based routing (KBR) is a lookup method used in conjunction with distributed hash tables (DHTs) and certain other overlay networks. While DHTs provide a method to find a host responsible for a cert
Schlüsselgerät 41
The Schlüsselgerät 41 ("Cipher Machine 41"), also known as the SG-41 or Hitler mill, was a rotor cipher machine, first produced in 1941 in Nazi Germany, that was designed as a potential successor for
Scrambler
In telecommunications, a scrambler is a device that transposes or inverts signals or otherwise encodes a message at the sender's side to make the message unintelligible at a receiver not equipped with
Concrete security
In cryptography, concrete security or exact security is a practice-oriented approach that aims to give more precise estimates of the computational complexities of adversarial tasks than polynomial equ
Deniable encryption
In cryptography and steganography, plausibly deniable encryption describes encryption techniques where the existence of an encrypted file or message is deniable in the sense that an adversary cannot p
Software token
A software token (a.k.a. soft token) is a piece of a two-factor authentication security device that may be used to authorize the use of computer services. Software tokens are stored on a general-purpo
Cypherpunks (book)
Cypherpunks: Freedom and the Future of the Internet is a 2012 book by Julian Assange, in discussion with Internet activists and cypherpunks Jacob Appelbaum, Andy Müller-Maguhn and Jérémie Zimmermann.
Memory-hard function
In cryptography, a memory-hard function (MHF) is a function that costs a significant amount of memory to evaluate. It is different from a memory-bound function, which incurs cost by slowing down compu
Proof of personhood
Proof of personhood (PoP) is a means of resisting malicious attacks on peer to peer networks, particularly, attacks that utilize multiple fake identities, otherwise known as a Sybil attack. Decentrali
Adaptive Redaction
Adaptive Redaction is an alternate version of redaction whereby sensitive parts of a document are automatically removed based on policy. It is primarily used in next generation Data Loss Prevention (D
Server-based signatures
In cryptography, server-based signatures are digital signatures in which a publicly available server participates in the signature creation process. This is in contrast to conventional digital signatu
PRESENT
PRESENT is a lightweight block cipher, developed by the Orange Labs (France), Ruhr University Bochum (Germany) and the Technical University of Denmark in 2007. PRESENT was designed by Andrey Bogdanov,
Decipherment
In philology, decipherment is the discovery of the meaning of texts written in ancient or obscure languages or scripts. Decipherment in cryptography refers to decryption. The term is used sardonically
Pizzino
Pizzino (Italian pronunciation: [pitˈtsiːno]; plural as pizzini) is an Italian language word derived from the Sicilian language equivalent pizzinu meaning "small piece of paper". The word has been wid
Dining cryptographers problem
In cryptography, the dining cryptographers problem studies how to perform a secure multi-party computation of the boolean-XOR function. David Chaum first proposed this problem in the early 1980s and u
Feistel cipher
In cryptography, a Feistel cipher (also known as Luby–Rackoff block cipher) is a symmetric structure used in the construction of block ciphers, named after the German-born physicist and cryptographer
Diplomatic bag
A diplomatic bag, also known as a diplomatic pouch, is a container with certain legal protections used for carrying official correspondence or other items between a diplomatic mission and its home gov
Password-authenticated key agreement
In cryptography, a password-authenticated key agreement method is an interactive method for two or more parties to establish cryptographic keys based on one or more party's knowledge of a password. An
Quantum cryptography
Quantum cryptography is the science of exploiting quantum mechanical properties to perform cryptographic tasks. The best known example of quantum cryptography is quantum key distribution which offers
Ring learning with errors
In post-quantum cryptography, ring learning with errors (RLWE) is a computational problem which serves as the foundation of new cryptographic algorithms, such as NewHope, designed to protect against c
Texas Instruments signing key controversy
The Texas Instruments signing key controversy resulted from Texas Instruments' (TI) response to a project to factorize the 512-bit RSA cryptographic keys needed to write custom firmware to TI devices.
Cryptochannel
In telecommunication, a cryptochannel is a complete system of crypto-communications between two or more holders or parties. It includes: (a) the cryptographic aids prescribed; (b) the holders thereof;
Statistically close
The variation distance of two distributions and over a finite domain , (often referred to as statistical differenceor statistical distance in cryptography) is defined as . We say that two probability