RSA Laboratories

Section Index

Foreword

1. Introduction

  • 1.1 What is RSA Laboratories' Frequently Asked Questions About Today's Cryptography?
  • 1.2 What is cryptography?
  • 1.3 What are some of the more popular techniques in cryptography?
  • 1.4 How is cryptography applied?
  • 1.5 What are cryptography standards?
  • 1.6 What is the role of the United States government in cryptography?
  • 1.7 Why is cryptography important?

2. Cryptography

  • 2.1 Cryptographic Tools
    • 2.1.1 What is public-key cryptography?
    • 2.1.2 What is secret-key cryptography?
    • 2.1.3 What are the advantages and disadvantages of public-key cryptography compared with secret-key cryptography?
    • 2.1.4 What is a block cipher?
      • 2.1.4.1 What is an iterated block cipher?
      • 2.1.4.2 What is Electronic Code Book Mode?
      • 2.1.4.3 What is Cipher Block Chaining Mode?
      • 2.1.4.4 What is Cipher Feedback Mode?
      • 2.1.4.5 What is Output Feedback Mode?
    • 2.1.5 What is a stream cipher?
      • 2.1.5.1 What is a Linear Feedback Shift Register?
    • 2.1.6 What is a hash function?
    • 2.1.7 What are Message Authentication Codes?
    • 2.1.8 What are interactive proofs and zero-knowledge proofs?
    • 2.1.9 What are secret sharing schemes?
  • 2.2 Simple Applications of Cryptography
    • 2.2.1 What is privacy?
    • 2.2.2 What is a digital signature and what is authentication?
    • 2.2.3 What is a key agreement protocol?
    • 2.2.4 What is a digital envelope?
    • 2.2.5 What is identification?
  • 2.3 Hard Problems
    • 2.3.1 What is a hard problem?
    • 2.3.2 What is a one-way function?
    • 2.3.3 What is the factoring problem?
    • 2.3.4 What are the best factoring methods in use today?
    • 2.3.5 What improvements are likely in factoring capability?
    • 2.3.6 What is the RSA Factoring Challenge?
    • 2.3.7 What is the discrete logarithm problem?
    • 2.3.8 What are the best discrete logarithm methods in use today?
    • 2.3.9 What are the prospects for a theoretical breakthrough in the discrete logarithm problem?
    • 2.3.10 What are elliptic curves?
    • 2.3.11 What are lattice-based cryptosystems?
    • 2.3.12 What are some other hard problems?
  • 2.4 Cryptanalysis
    • 2.4.1 What is cryptanalysis?
    • 2.4.2 What are some of the basic types of cryptanalytic attack?
    • 2.4.3 What is exhaustive key search?
    • 2.4.4 What is the RSA Secret Key Challenge?
    • 2.4.5 What are the most important attacks on symmetric block ciphers?
    • 2.4.6 What are some techniques against hash functions?
    • 2.4.7 What are the most important attacks on stream ciphers?
    • 2.4.8 What are the most important attacks on MACs?
    • 2.4.9 At what point does an attack become practical?
  • 2.5 Supporting Tools in Cryptography
    • 2.5.1 What is primality testing?
    • 2.5.2 What is random number generation?

3. Techniques in Cryptography

  • 3.1 RSA
    • 3.1.1 What is the RSA cryptosystem?
    • 3.1.2 How fast is the RSA algorithm?
    • 3.1.3 What would it take to break the RSA cryptosystem?
    • 3.1.4 What are strong primes and are they necessary for the RSA system?
    • 3.1.5 How large a key should be used in the RSA cryptosystem?
    • 3.1.6 Could users of the RSA system run out of distinct primes?
    • 3.1.7 How is the RSA algorithm used for privacy in practice?
    • 3.1.8 How is the RSA algorithm used for authentication and digital signatures in practice?
    • 3.1.9 Is the RSA cryptosystem currently in use?
    • 3.1.10 Is the RSA system an official standard today?
    • 3.1.11 Is the RSA system a de facto standard?
  • 3.2 DES
    • 3.2.1 What is DES?
    • 3.2.2 Has DES been broken?
    • 3.2.3 How does one use DES securely?
    • 3.2.4 Should one test for weak keys in DES?
    • 3.2.5 Is DES a group?
    • 3.2.6 What is triple-DES?
    • 3.2.7 What is DESX?
    • 3.2.8 What are some other DES variants?
  • 3.3 AES
    • 3.3.1 What is the AES?
    • 3.3.2 What were some candidates for the AES?
    • 3.3.3 What was the schedule for the AES?
  • 3.4 DSA
    • 3.4.1 What are DSA and DSS?
    • 3.4.2 Is DSA secure?
  • 3.5 Elliptic Curve Cryptosystems
    • 3.5.1 What are elliptic curve cryptosystems?
    • 3.5.2 Are elliptic curve cryptosystems secure?
    • 3.5.3 Are elliptic curve cryptosystems widely used?
    • 3.5.4 How do elliptic curve cryptosystems compare with other cryptosystems?
    • 3.5.5 What is the Certicom ECC Challenge?
  • 3.6 Other Cryptographic Techniques
    • 3.6.1 What is Diffie-Hellman?
    • 3.6.2 What is RC2?
    • 3.6.3 What is RC4?
    • 3.6.4 What are RC5 and RC6?
    • 3.6.5 What are SHA and SHA-1?
    • 3.6.6 What are MD2, MD4, and MD5?
    • 3.6.7 What are some other block ciphers?
    • 3.6.8 What are some other public-key cryptosystems?
    • 3.6.9 What are some other signature schemes?
    • 3.6.10 What are some other stream ciphers?
    • 3.6.11 What other hash functions are there?
    • 3.6.12 What are some secret sharing schemes?

4. Applications of Cryptography

  • 4.1 Key Management
    • 4.1.1 What is key management
    • 4.1.2 General
      • 4.1.2.1 What key size should be used?
      • 4.1.2.2 How does one find random numbers for keys?
      • 4.1.2.3 What is the life cycle of a key?
    • 4.1.3 Public-Key Issues
      • 4.1.3.1 What is a PKI?
      • 4.1.3.2 Who needs a key pair?
      • 4.1.3.3 How does one get a key pair?
      • 4.1.3.4 Should a key pair be shared among users?
      • 4.1.3.5 What happens when a key expires?
      • 4.1.3.6 What happens if my key is lost?
      • 4.1.3.7 What happens if my private key is compromised?
      • 4.1.3.8 How should I store my private key?
      • 4.1.3.9 How do I find someone else's public key?
      • 4.1.3.10 What are certificates?
      • 4.1.3.11 How are certificates used?
      • 4.1.3.12 Who issues certificates and how?
      • 4.1.3.13 How do certifying authorities store their private keys?
      • 4.1.3.14 How are certifying authorities susceptible to attack?
      • 4.1.3.15 What if a certifying authority's key is lost or compromised?
      • 4.1.3.16 What are Certificate Revocation Lists (CRLs)?
  • 4.2 Electronic Commerce

5. Cryptography in the Real World

6. Laws Concerning Cryptography

  • 6.1 LEGAL DISCLAIMER
  • 6.2 Government Involvement
    • 6.2.1 What is NIST?
    • 6.2.2 What is the NSA?
    • 6.2.3 What is Capstone?
    • 6.2.4 What is Clipper?
    • 6.2.5 What is the Current Status of Clipper?
    • 6.2.6 What is Fortezza?
  • 6.3 Patents on Cryptography
    • 6.3.1 Is RSA patented?
    • 6.3.2 Is DSA patented?
    • 6.3.3 Is DES patented?
    • 6.3.4 Are elliptic curve cryptosystems patented?
    • 6.3.5 What are the important patents in cryptography?
  • 6.4 United States Cryptography Export / Import Laws
    • 6.4.1 Can the RSA algorithm be exported from the United States?
    • 6.4.2 Can DES be exported from the United States?
    • 6.4.3 Why is cryptography export-controlled?
    • 6.4.4 Are digital signature applications exportable from the United States?
  • 6.5 Cryptography Export / Import Laws in Other Countries
    • 6.5.1 What are the cryptographic policies of some countries?
    • 6.5.2 Why do some countries have import restrictions on cryptography?
    • 6.5.3 What is the Wassenaar Arrangement?

7. Miscellaneous Topics

  • 7.1 What is probabilistic encryption?
  • 7.2 What are special signature schemes?
  • 7.3 What is a blind signature scheme?
  • 7.4 What is a designated confirmer signature?
  • 7.5 What is a fail-stop signature scheme?
  • 7.6 What is a group signature?
  • 7.7 What is a one-time signature scheme?
  • 7.8 What is an undeniable signature scheme?
  • 7.9 What are on-line/off-line signatures?
  • 7.10 What is OAEP?
  • 7.11 What is digital timestamping?
  • 7.12 What is key recovery?
  • 7.13 What are LEAFs?
  • 7.14 What is PSS/PSS-R?
  • 7.15 What are covert channels?
  • 7.16 What are proactive security techniques?
  • 7.17 What is quantum computing?
  • 7.18 What is quantum cryptography?
  • 7.19 What is DNA computing?
  • 7.20 What are biometric techniques?
  • 7.21 What is tamper-resistant hardware?
  • 7.22 How are hardware devices made tamper-resistant?

8. Further Reading

  • 8.1 Where can I learn more about cryptography?
  • 8.2 Where can I learn more about recent advances in cryptography?
  • 8.3 Where can I learn more about electronic commerce?
  • 8.4 Where can I learn more about cryptography standards?
  • 8.5 Where can I learn more about laws concerning cryptography?

A. Mathematical concepts

  • A.1 Functions
  • A.2 Modular arithmetic
  • A.3 Groups
  • A.4 Fields and rings
  • A.5 Vector spaces and lattices
  • A.6 Boolean expressions
  • A.7 Time estimations and some complexity theory

B. Glossary

Bibliography

Notes: