129 lines
5.1 KiB
Plaintext
129 lines
5.1 KiB
Plaintext
|
|
Archive-name: cryptography-faq/part01
|
|
|
|
|
|
This is the first of ten parts of the sci.crypt FAQ. The parts are
|
|
mostly independent, but you should read this part before the rest. We
|
|
don't have the time to send out missing parts by mail, so don't ask.
|
|
Notes such as ``[KAH67]'' refer to the reference list in the last part.
|
|
|
|
Disclaimer: This document is the product of the Crypt Cabal, a secret
|
|
society which serves the National Secu---uh, no. Seriously, we're the
|
|
good guys, and we've done what we can to ensure the completeness and
|
|
accuracy of this document, but in a field of military and commercial
|
|
importance like cryptography you have to expect that some people and
|
|
organizations consider their interests more important than open
|
|
scientific discussion. Trust only what you can verify firsthand.
|
|
And don't sue us.
|
|
|
|
Many people have contributed to this FAQ. In alphabetical order:
|
|
Eric Bach, Steve Bellovin, Dan Bernstein, Nelson Bolyard, Carl Ellison,
|
|
Jim Gillogly, Mike Gleason, Doug Gwyn, Luke O'Connor, Tony Patti,
|
|
William Setzer. We apologize for any omissions.
|
|
|
|
If you have suggestions, comments, or criticism, please let the current
|
|
editors know by sending e-mail to crypt-comments@math.ncsu.edu. Bear in
|
|
mind that this is a work in progress; there are some questions which we
|
|
should add but haven't gotten around to yet.
|
|
|
|
|
|
|
|
Table of contents:
|
|
|
|
1. Overview
|
|
|
|
2. Net Etiquette
|
|
2.1. What groups are around? What's a FAQ? Who am I? Why am I here?
|
|
2.2. Do political discussions belong in sci.crypt?
|
|
2.3. How do I present a new encryption scheme in sci.crypt?
|
|
|
|
3. Basic Cryptology
|
|
3.1. What is cryptology? Cryptography? Plaintext? Ciphertext? Encryption? Key?
|
|
3.2. What references can I start with to learn cryptology?
|
|
3.3. How does one go about cryptanalysis?
|
|
3.4. What is a brute-force search and what is its cryptographic relevance?
|
|
3.5. What are some properties satisfied by every strong cryptosystem?
|
|
3.6. If a cryptosystem is theoretically unbreakable, then is it
|
|
guaranteed analysis-proof in practice?
|
|
3.7. Why are many people still using cryptosystems that are
|
|
relatively easy to break?
|
|
|
|
4. Mathematical Cryptology
|
|
4.1. In mathematical terms, what is a private-key cryptosystem?
|
|
4.2. What is an attack?
|
|
4.3. What's the advantage of formulating all this mathematically?
|
|
4.4. Why is the one-time pad secure?
|
|
4.5. What's a ciphertext-only attack?
|
|
4.6. What's a known-plaintext attack?
|
|
4.7. What's a chosen-plaintext attack?
|
|
4.8. In mathematical terms, what can you say about brute-force attacks?
|
|
4.9. What's a key-guessing attack? What's entropy?
|
|
|
|
5. Product Ciphers
|
|
5.1. What is a product cipher?
|
|
5.2. What makes a product cipher secure?
|
|
5.3. What are some group-theoretic properties of product ciphers?
|
|
5.4. What can be proven about the security of a product cipher?
|
|
5.5. How are block ciphers used to encrypt data longer than the block size?
|
|
5.6. Can symmetric block ciphers be used for message authentication?
|
|
5.7. What exactly is DES?
|
|
5.8. What is triple DES?
|
|
5.9. What is differential cryptanalysis?
|
|
5.10. How was NSA involved in the design of DES?
|
|
5.11. Is DES available in software?
|
|
5.12. Is DES available in hardware?
|
|
5.13. Can DES be used to protect classified information?
|
|
5.14. What are ECB, CBC, CFB, and OFB encryption?
|
|
|
|
6. Public-Key Cryptography
|
|
6.1. What is public-key cryptography?
|
|
6.2. What's RSA?
|
|
6.3. Is RSA secure?
|
|
6.4. How fast can people factor numbers?
|
|
6.5. What about other public-key cryptosystems?
|
|
|
|
7. Digital Signatures
|
|
7.1. What is a one-way hash function?
|
|
7.2. What is the difference between public, private, secret, shared, etc.?
|
|
7.3. What are MD4 and MD5?
|
|
7.4. What is Snefru?
|
|
|
|
8. Technical Miscellany
|
|
8.1. How do I recover from lost passwords in WordPerfect?
|
|
8.2. How do I break a Vigenere (repeated-key) cipher?
|
|
8.3. How do I send encrypted mail under UNIX? [PGP, RIPEM, PEM, ...]
|
|
8.4. Is the UNIX crypt command secure?
|
|
8.5. How do I use compression with encryption?
|
|
8.6. Is there an unbreakable cipher?
|
|
8.7. What does ``random'' mean in cryptography?
|
|
8.8. What is the unicity point (a.k.a. unicity distance)?
|
|
8.9. What is key management and why is it important?
|
|
8.10. Can I use pseudo-random or chaotic numbers as a key stream?
|
|
8.11. What is the correct frequency list for English letters?
|
|
8.12. What is the Enigma?
|
|
8.13. How do I shuffle cards?
|
|
8.14. Can I foil S/W pirates by encrypting my CD-ROM?
|
|
8.15. Can you do automatic cryptanalysis of simple ciphers?
|
|
8.16. What is the coding system used by VCR+?
|
|
|
|
9. Other Miscellany
|
|
9.1. What is the National Security Agency (NSA)?
|
|
9.2. What are the US export regulations?
|
|
9.3. What is TEMPEST?
|
|
9.4. What are the Beale Ciphers, and are they a hoax?
|
|
9.5. What is the American Cryptogram Association, and how do I get in touch?
|
|
9.6. Is RSA patented?
|
|
9.7. What about the Voynich manuscript?
|
|
|
|
10. References
|
|
10.1. Books on history and classical methods
|
|
10.2. Books on modern methods
|
|
10.3. Survey articles
|
|
10.4. Reference articles
|
|
10.5. Journals, conference proceedings
|
|
10.6. Other
|
|
10.7. How may one obtain copies of FIPS and ANSI standards cited herein?
|
|
10.8. Electronic sources
|
|
10.9. RFCs (available from [FTPRF])
|
|
10.10. Related newsgroups
|