Index

A

AAD (additional authentication data), 299, 316–319, 340–341, 347
Abstract Syntax Notation One. See ASN. 1 (Abstract Syntax Notation One)
ADCs (analogue-to-digital converters), 103–104
Addition in ECC (elliptic curve cryptography), 392–393
Additional authentication data (AAD), 299, 316–319, 340–341, 347
AddRoundKey function, 146
Advances in Cryptology (Coppersmith, ed.), 375
Advantage, 254, 257, 283, 294
AES (Advanced Encryption Standard) block cipher
AddRoundKey function, 146
attacks on, 140, 182
Bernstein attack, 183–184
bi-directional channels, 195
cipher testing, 161–162
ciphers, keying, 193–194
design, 142–143
embedding cipher keys, 193, 197
finite field math, 144–146
inverse cipher, 155
key schedule, 155–156, 165
last round, 155
lossy channels, 195–196
MixColumns function, 151–154
myths, 196
Osvik attack, 184–185
performance on x86-based platforms, 174–176
processor caches, 182–183
providers, 197–199
Rijndael, 140
ShiftRows function, 150–151
side channels, 15, 182
SubBytes function, 146–150
See also AES implementation, 8-bit; AES implementation, 32-bit
AES implementation, 8-bit
C code, 157–162
description, 156–157
key schedule, 165
optimized version, 162–165
See also AES (Advanced Encryption Standard) block cipher
AES implementation, 32-bit
decryption tables, 167–168
inverse key schedule, 180–181
key schedule, 169–174
macros, 168–169
optimization, 165
performance, 174–175
performance, ARM, 176–177
performance, small variant, 178–180
performance, X86, 174–176
precomputed tables, 165–167
See also AES (Advanced Encryption Standard) block cipher
Albegra in ECC (elliptic curve cryptography). See Point algebra
AMD Opteron cache design, 183
Analogue-to-digital converters (ADCs), 103–104
Apple computers’ CPU timers, 101
Applied Cryptography), (Schneier), 14, 16
Arithmetic encoding, 93
Array end, reading past, 59
Arrays of bits in ASN. 1 (BIT STRING type), 30, 34–35, 45, 52–55
The Art Of Computer Programming Volume 2 (Knuth), 375
ASN.1 (Abstract Syntax Notation One)
CHOICE modifier, 27
classification bits, 29
constructed bit, 29–30
containers, 24–25
data types, list of, 28
data types, primitive, 30
DEFAULT modifier, 26–27
description, 22–23, 90
explicit values, 24
header bytes, 28–30
key length encodings, 31–32
libraries, 90
modifiers, 26–27
overview of, 22–23
OPTIONAL modifier, 26
standards, 90
syntax, 23–27
See also ASN.1 encoders and decoders
ASN.1 encoders and decoders
BIT STRING encoding, 52–55
BOOLEAN encoding, 46–47
description, 42
flexible decoder, 78–83, 87–89
IA5STRING encoding, 63–67
INTEGER encoding, 48–52
length routines, 42–45
OBJECT IDENTIFIER (OLD) encoding, 58–62
OCTET STRING encoding, 55–57
primitive encoders, 45
PrintableString encoding, 63–67
SEQUENCE (OF) encoding, 71–77
UTCTIME encoding, 67–70
Asset management, 11–13
Associative caches, 182
Asymmetric key algorithms, 380
Attacks
on AES, 182
Bernstein attack, 183–184
online and offline, 258
Osvik attack, 184–185
on PRNGs, 117–118
Authentication
asset management, 12
goal of cryptography, 8–10
MACs (message authentication codes), 282–292, 293
two-factor, 243–244
Autocorrelation test, 95–98

B

Backtracking attacks, 118
Basic Encoding Rules (BER), 22–23
Bernstein attack, 183–184
Bi-directional channels, 195
BigNum algorithms
books, 351
definition, 378
key algorithms, 351
Montgomery reduction, 369–374
multiplication, 352–362
need for, 350–351, 378
performance math libraries, 376
squaring, 362–369
structure, 351–352
BigNum Math: Implementing Cryptographic Multiple Precision Arithmetic (St. Denis, Rose), 375, 390, 405
Birthday attacks, 253
Birthday paradox, 249
Bit-count test, 95
Bit extractors, 116
BIT STRING type in ASN.1, 30, 34–35, 45, 52–55, 71
Blinded exponentiation techniques, 390–391
Block ciphers
description, 5, 140–142
myths, 196
Block levels and X86 processors, 15
Blowfish block cipher, 140–142
Books, 16
Advances in Cryptology book (Coppersmith, ed.), 375
Applied Cryptography, 16
The Art Of Computer Programming Volume 2 book (Knuth), 375
BigNum algorithms, 351
BigNum Math’Implementing Cryptographic Multiple Precision Arithmetic book (St. Denis, Rose), 375, 390, 405
Guide to Elliptic Curve Cryptography book (Hankerson, Menezes, Vanstone), 391, 399, 405, 407
Handbook of Applied Cryptography book, 16, 375
Practical Cryptography, 16
BOOLEAN type in ASN.1, 30, 32–33, 46–47, 71

C

C functions memcpy, memcmp, malloc, and flee, 56
Cache
AMD Opteron design, 183
eviction from, 182
organization, 183
Caches
associative, 182
processor, 182–183
Canonical Encoding Rules (CER), 22–23
CBC (cipher block chaining), 186–190, 201
See also CCM (Counter with CBC MAC)
CCM (Counter with CBC MAC)
13-byte nonces, 13, 327
B0 block, 327
combined use with GCM, 339–445
design, 326
encryption, 328
implementation, 328–338
MAC tag, 327–328
nonces, 340
patents, 347
selection as standard, 299
CE1K (Canonical Encoding Rules), 22–23
Certification, FIPS, 19, 217
Chaining modes
choosing, 192
cipher block chaining (CBC), 186–190, 201
counter mode (CTR), 190–192, 201
decryption, 188
description, 186–187
implementation, 189–190
initial values (IV), 187–188
message lengths, 188
myths, 196
need for, 201
performance downsides, 189
Channels
bi-directional, 195
lossy, 195–196
side, 15, 182
CHOICE modifier in ASN., 1, 27
“Choose” notation, 206
Cipher block chaining (CBC), 186–190, 201
See also CCM (Counter with CBC MAC)
Cipher keys, embedding in applications, 193, 197
Cipher testing, 161–162
Ciphers, block
description, 5, 200
hash functions, 240
keying, 193–194
symmetric, 4
Classification bits in ASN.1, 29
Clocks, system, 114
CMAC algorithms
description, 9–10, 254, 255–256
design, 258–259
HMACs (hash message authentication codes), 279, 293–294
implementation, 260–267
initialization, 259–260
performance, 267
security, 257–258
XCBC, 255
Collision resistance
description, 6–7, 239, 248
pre-image, 6–8, 204–205, 248
Collisions, 204
Combining CCM with GCM, 339–445
Compression
description, 204
SHA-1 family of hash functions, 210
SHA-256 hash functions, 219
SHA-512 hash functions, 226
unrolling, 244–245
zero-copying, 214, 234–236, 245
Compression, point, 396
Console platforms, 134–135
const keyword, 64
Constructed bit in ASN.1, 29–30
Containers in ASN., 1, 24–25
Counter mode (CTR), 190–192, 201
Counters, 280–281
Counters in authentication portion, 13
CPU timers, 101
Crypto++ package, 406, 407
Cryptography, elliptic curve (ECC).
See ECC (elliptic curve cryptography)
Cryptography, goals of, 4–11
CTR. (counter mode), 190–192, 201
Cycle finding, 207

D

Daemen, Joan, 140
Dark Age of Camelot video game, 2
Data
lifespan of, 12–13
types, list of, 28
types, primitive, 30
types and AES, 180
Data Encryption Standard (DES) block cipher, 5, 140–141
Date encoding in ASN., 1, 30, 41–42, 67–70
Decoders. See ASN.1 encoders and decoders
Decryption in CBC, 188
Decryption tables, 167–168
DEFAULT modifier in ASN., 1, 26–27
DER (Distinguished Encoding Rules), 22–23
DES (Data Encryption Standard) block cipher, 5, 140–141
Desktop platforms, 133–134
Deterministic random bit generators (DRBGs). See DRBGs
Developer tools, 15
DIEHARD program, 94
Diffie-Hellman key exchange, 380
Digests, hash, 205, 249
Digests, message. See Message digests (MDs)
Distinguished Encoding Rules (DER), 22–23
Doubling hash functions, 241
Doubling in ECC (elliptic curve cryptography), 393
DRBGs (deterministic random bit generators)
description, 92
NIST hash-based, 127–131

E

ECC (elliptic curve cryptography)
comparison with RSA, 402–404
description, 391–392
encryption, 397
fixed-point technique, 401–402
good and bad, 407
Jacobian projective points, 400–401
key generation and storage, 395–397
parameters (field curves), 394
performance, 400–402
point albegra, 392–394
point compression, 396
prime field ECC curves, 391
signatures, 398–399
standards, 404–405
E1Gamal, 380
Elliptic curve cryptography (ECC). See ECC (elliptic curve cryptography)
Embedding cipher keys in applications, 193, 197
EncFS Web site, 12
Encoders. See ASN.1 encoders and decoders
Encrypt and authenticate modes
additional authentication data (AAD), 299, 316–319, 340–341, 347
description, 298, 346
security goals, 298
standards, 299
See also CCM (Counter with CBC MAC); GCM (Galois Counter Mode)
Encryption
ECC (elliptic curve cryptography), 397
HMACs, 281–292
hybrid, 380–381
RSAES-OAEP scheme, 385–386
ENT program, 94
Entropy
absence of, 115
collecting, 100–107
description, 5, 93, 136
measuring, 94–95
Estimation of RNGs, 112–114
Events, 99–104, 136
Evicting from cache, 182
Expansion, inline, 244
Explicit values in ASN., 1, 24
Exploits
Dark Age of Camelot video game, 2
Mythic, 2
Exponentiation, blinded, 390–391

F

Ferguson, Niels, 118, 122
Field curves, 394
Fields (mathematical), 144
File manifests, 239
FIPS certification, 19, 217
Fixed-point technique, 401–402
Flexible decoder, 78–83, 87–89
Fortuna PRNGs
description, 122
design, 122–124
pros and cons, 126
reseeding, 124–126
statefulness, 126
Free function in C, 56
Fuse bits, 132

G

Galois Counter Mode. See GCM (Galois Counter Mode)
Game consoles, 134–135
Game Dark Age of Camelot, 2
Gap-space test, 95
GCM (Galois Counter Mode)
additional authentication data (AAD) processing, 316–319
combined use with CCM, 339–345
definitions, 302–304
generic multiplication, 306–311
GF(2) mathematics, 300–301
GHASH function, 303–304
history, 300
implementation, 304
initialization, 312–314
interface, 304–306
IV processing, 314–316
nonces, 340
optimizations, 324–326
optimized multiplication, 311–312
patents, 347
plaintext processing, 319–323
Single Instruction Multiple Data (SIMD) instructions, 325–326
state, 305–306
state, terminating, 323–324
universal hashing, 302
Generic devices, trapping, 114
GHASH function, 303–304
GMP (GNU Multiple Precision) library, 376
GNU Multiple Precision (GMP) library, 376
Goals of cryptography, 4–11
Group theory, 144
Guide to Elliptic Curve Cryptography (Hankerson, Menezes, Vanstone), 391, 399, 405, 407

H

Handbook of Applied Cryptography, , 16, 375
Hankerson, Darrel, 391
Hardware interrupts, 99–101
Hasegawa, T., 401
Hash-based DRBG (deterministic random bit generator), 127
Hash buckets, 204
Hash digests, 205, 249
Hash functions
ciphers, 240
compression unrolling, 244–245
description, 204–205, 248
doubling, 241
file manifests, 239
implementations, 249
inline expansion, 244
intrusion detection software (IDS), 239
message authentication codes (MACs), 240–241
mingling, 241–242
one-way, 6, 204, 238, 248
passwords, 238
patents, 249
performance considerations, 244–245
purpose, 238
random number generators (1KNGs), 108, 238
re-applied, 243
standards, 249
unsalted passwords, 240
uses, 249
See also Collision resistance; SHA-1 family of hash functions; SHA-2 family of hash functions
Hash message authentication code. See HMACs
Hashing, universal, 302
Header bytes in ASN., 1, 28–30
Heaps in C, 56
HMACs (hash message authentication codes)
CMAC algorithms, 279
consequences, 276–278
counters, 280–281
description, 9–10, 236–238
design, 268–270
encryption, 281–292
history, 254
implementation, 270–275
one-way requirement, 6
purpose, 276
replay protection, 279–280, 295
Hollywood movies, 4
Hybrid encryption, 380–381

I

IA5 STRING type in ASN.1, 30, 41, 63–67, 71
IDEA block cipher, 140–141
IDS (intrusion detection software), 239–240
Implementation
CCM, 328–338
chaining modes, 189–190
CMAC algorithms, 260–267
counter mode (CTR), 190–192
GCM (Galois Counter Mode), 304
hash functions, 249
HMACs (hash message authentication codes), 270–275
public key (PK) standards, 83–89
SHA-1 family of hash functions, 211–217
SHA-256 hash functions, 220–225
SHA-512 hash functions, 226–232
See also AES implementation, 8-bit; AES implementation, 32-bit; Public key (PK) standards, implementing
Implied values, 26–27
Initial values (IV), 12–13, 187–188, 201
Inline expansion of hash functions, 244
INTEGER type in ASN.1, 30, 33–34, 48–52, 71
Integers, very large. See BigNum algorithms
Integrity as goal of cryptography, 6–8
Interrupt handler, 99
Interrupts, hardware, 99–101
Intrusion detection software (IDS), 239–240
Inverse cipher in AES, 155
Inverse key schedule, 180–181
Inversion, multiplicative, 374
IVs (initial values), 12–13, 187–188, 201, 314–316

J

Jacobian projective points, 400–401
Joye, Marc, 390

K

K[] array, 223
Kaliski, Burton S., 374
KDFs (key derivation functions), 201, 236
Kelsey, John, 118
Key algorithms, 351
Key ciphers, symmetric, 4
Key derivation functions (KDFs), 201, 236
Key generation in ECC (elliptic curve cryptography), 395–396
Key lengths, 31–32, 294, 389
Key schedule, 180–181
Key schedule in AES, 155–156, 165, 169–174
Keyboards, trapping, 113
Keying ciphers, 193–194
Keys, embedding in applications, 193, 197
Knuth, Donald, 375
Kolmogorov complexity, 94

L

Large numbers. See BigNum algorithms
Lengths
encodings in ASN., 1, 31–32
hash digests, 205–207
keys, 31–32, 294, 389
messages, 188
LFSRs (Linear Feedback Shift Registers)
description, 104–105
large, 107
table-based, 105–107
Libraries, public-domain open- source, 15, 19, 90
LibTomCrypt library, 15, 19, 90, 378
LibTomMath library, 376
Lifespan of data, 12–13
Lifetimes of PRNGs, 116–117, 137
Linear Feedback Shift Registers. See LFSRs
Locking memory, 338
Loop unrolling, 244, 353, 362, 375
Loss of packets, 295
Lossy channels, 195–196

M

MACs (message authentication codes)
advantage, 254, 257, 283, 294
authentication, 282–293
birthday attacks, 253
description, 9, 240–241, 252, 293
hash functions, 278
key lifespan, 254
patents, 296
purpose, 252–253
RNG processing, 278
security goals, 253
standards, 254
tags, 293, 327–328, 341
See also CCM (Counter with CBC MAC)
Maleability attacks, 118
Malloc function in C, 56
MARS block cipher, 140
Matsui, M., 401
McGraw, David, 300
MD5 hash algorithm, 8
MD5CRK, 207
MDs. See Message digests (MDs)
memcmp function in C, 56
memcpy function in C, 56
Memory, virtual and swap, 338
Menezes, Alfred, 391
Message authentication codes. See MACs
Message digests (MDs)
description, 6, 248
strengthening, 207–208, 250
Message lengths, 188
Mice, trapping, 113–114
Mingling hash functions, 241–242
Mismatch of strength, 206
MixColumns function, 151–154
Modeling threats, 3–4, 18
Modifiers in ASN., 1, 26–27
Monte Carlo simulations, 94
“The Montgomery Powering Ladder” (Yen and Joye), 390
Montgomery reduction, 369–374
Movies, 4
Multi-prime RSA, 388
Multiplication
BigNums, 352–362
ECC (elliptic curve cryptography), 393–394
Multiplicative inversion, 374
Mythic exploit, 2
Myths about block ciphers, 196

N

Nakajima, J., 401
Network appliances, 135
NIST (National Institute for Standards and Technologies)
AES selection, 140
cryptographic functions, 9
encrypt and authenticate standard, 299
hash-based DRBGs, 127–131
K[] array, 223
MAC standards, 293
PRNG standards, 137
Secure Hash Standard, 205
test vectors lacking thoroughness, 217
See also AES (Advanced Encryption Standard) block cipher; CCM (Counter with CBC MAC)
Nonces
13 bytes in CCM, 13, 327
CCM design and implementation, 326–332
choosing, 340
definition, 298, 347
importance for security, 326
Nonrepudiation
as goal of cryptography, 10
public-key cryptography, 380–381
Notation, “choose, ”, 206
NULL type in ASN., 1, 30, 35–36, 57–58, 71
Number Field Sieve algorithm, 389–390
Numbers, very large. See BigNum algorithms

O

OBJECT IDENTIFIER (OLD) type in ASN., 1, 30, 36–37, 58–62, 71
OCTET STRING type in ASN.1, 30, 35, 55–57, 71
Offline passwords, 242
OlD (OBJECT IDENTIFIER) type in ASN.1, 30, 36–37, 58–62, 71
OMAC, 256
One-way hash functions, 6, 204, 238, 248
Online passwords, 243
Open-source libraries, 15, 19, 90
openssl command, 38
Optimization
AES implementation, 32 -bit, 165
GCM (Galois Counter Mode), 324–326
GCM (Galois Counter Mode) multiplication, 311–312
public-key cryptography, 390–391
SHA-1 family of hash functions, 212
OPTIONAL modifier in ASN., 1, 26
Osvik attack (Dag Arne Osvik), 184–185

P

Packet loss and re-ordering, 295
Paradox, birthday, 249
Passwords
hash functions, 238
offline, 242
online, 243
re-applied hash functions, 243
salts, 242–243
two-factor authentication, 243–244
unsalted, 240
Patents
CCM and GCM, 347
hash functions, 249
MACs (message authentication codes), 296
Percival, Colin, 184
Performance of AES
ARM, 176–177
general, 174–175
small variant, 178–180
X86, 174–176
PIC (Programmable Interrupt Controller), 99
PK standards. See Public key (PK) standards, implementing
PKCS #1 standard
cryptographic primitives, 384–385
data conversion, 384
description, 384
key formats, 388
multi-prime RSA, 388
RSAES-OAEP encryption scheme, 385–386
signature scheme, 386–388
PKCS #5
description, 250
example, 245–248
key derivation, 236–238
Platforms
console, 134–135
desktop and server, 133–134
X86. See X86-based platforms
Point algebra
addition, 392–393
doubling, 393
multiplication, 393–394
notation, 393
PowerPC processors’ CPU timers, 101
Practical Cryptography (Ferguson and Schreier), 16, 122
“A Practical Implementation of Elliptic Curve Cryptosystems over GF(p) on a 16 -bit Microprocessor” (Hasegawa, Nakajima, and Matsui), 401
Pre-image collision resistance, 6–8, 204–205, 248
Precornputed tables, 165–167
PRFs (pseudo random functions). See Hash functions
Prime field ECC curves, 391
Primitive encoders in ASN.1, 45
Primitive types in ASN.1, 30
Printable String type in ASN.1, 30, 41, 63–67, 71
Privacy
asset management, 12
goal of cryptography, 4–5
PRNGs (pseudo random number generators)
attacks on, 117–118
bit extractors, 116
comparison with RNGs, 131–132
description, 92
design, 115–116
Fortuna design, 122–126
fuse bits, 132
lifetime, 116–117, 137
seeding, 116–117, 133
uses, 132–133
Yarrow design, 118–121
Processor caches, 182–183
Processors, X86. See X86-based platforms
Programmable Interrupt Controller (PlC), 99
Projective points, Jacobian, 400–401
Providers, AES, 197–199
PRP (pseudo random permutation), 142, 201
Pseudo random functions (PRFs). See Hash functions
Pseudo random number generators. See PRNGs
Pseudo random permutation (PRP), 142, 201
Public-domain open-source libraries, 15, 19, 90
Public-key cryptography
authenticity, 380–381
description, 10, 380, 406
nonrepudiation, 380–381
Number Field Sieve algorithm, 389–390
privacy, 380
RSA optimization, 390–391
RSA security, 389–390
standards, 406
See also ECC (elliptic curve cryptography); PKCS #1 standard; RSA public key cryptography
Public-key (PK) standards, implementing
building lists, 83–85
decoding lists, 86–87
flexible decoding, 87–89
nested lists, 85–86
Public-key signatures, 381

R

Random bit generators, 92
Random number generators (RNGs)
comparison with PRNGs, 131–132
design, 98–99
estimation, 112–114
events, 99–104, 136
gathering data, 104–107
generic devices, trapping, 114
hardware interrupts, 99–101
hash functions, 108, 238
keyboards, trapping, 113
mice, trapping, 113–114
output, 108–112
platforms, console, 134–135
platforms, desktop and server, 133–134
processing stage, 107–108
RPG100B IC RNG, 134
setup, 115
SG100 nine-pin serial-port RNG, 134
timer interrupts, 114
timer skew, 101–103
See also DRBGs (Deterministic Random Bit Generators); PRNGs (pseudo random number generators)
Random permutation, 142
Randomness
description, 92–94
tests for, 95–98
true, 92–94
RC5 block cipher, 141–142
RC6 block cipher, 140
Re-applied hash functions for passwords, 243
Re-ordering of packets, 295
Reducible problems, 339, 346
Reduction, Montgomery, 369–374
Replay protection, 279–280, 295
Reseeding. See Seeding
Resistance, pre-image, 6–8, 204–205, 248
Right shift operation, 300
Rijmen, Vincent, 140
Rijndael block cipher, 140
Rings (mathematical), 144
Rivest, Dr., 208
RNGs. See Random number generators (RNGs)
Rose, Greg, 405
RPG100B IC RNG, 134
RSA public key cryptography
comparison with ECC, 402–404
good and bad, 407
history, 382
key generation, 383–384
mathematics, 383–384
optimization, 390–391
PKCS #1 standard, 384–389
RSA transform, 384
security, 389–390
RSA (Rivest Shamir Adleman) algorithm, 380
RSAES-OAEP encryption scheme, 385–386

S

Salts, 242–243
Schneier, Bruce, 13–14, 118, 122
Secret and Lies (Bruce Schneier), 13–14
Secure Hash Algorithm. See SHA-1 family of hash functions; SHA-2 family of hash functions
Secure Hash Standard (SHS) hash functions, 8
Security problems: reading past array end, 59
Seeding
Fortuna PRNGs, 124–126
management of, 135
PRNGs, 116–117, 133
Yarrow PRNGs, 120–121
SEQUENCE (OF) type in ASN.1, 30, 37–39, 71–77
Serial-port RNG, 134
Serpent block cipher, 140
Server platforms, 133–134
SET (OF) type in ASN.1, 30, 37–41
SG100 nine-pin serial-port R.NG, 134
SHA-1 family of hash functions
compression, 210
description, 8, 205–208
design, 209–217
expansion, 209–210
implementation, 211–217
optimization, 212
round function, 210
state, 209
zero-copy compression, 214
SHA-2 family of hash functions
description, 8
SHA-256 design, 217–225
SHA-224 hash functions, 232–233
SHA-256 hash functions
compression, 219
expansion, 219
implementation, 220–225
state, 219
SHA-384 hash functions, 233–234
SHA-512 hash functions
compression, 226
design, 225–226
expansion, 226
implementation, 226–232
state, 226
Shamir, Adi, 184
“Shamir’s Trick, ”, 399
Shannon, Claude, 93
ShiftRows function, 150–151
SHS (Secure Hash Standard) hash functions, 8
Side channels, 15, 182
Signature scheme, 386–388
Signatures in ECC (elliptic curve cryptography), 398–399
Simulations, Monte Carlo, 94
Skew, timer, 101–103
“Slackers, ”, 264
Squaring BigNums, 362–369
St. Denis, Tom, 375
Standards, 406
ASN. 1 (Abstract Syntax Notation One), 90
DES (Data Encryption Standard) block cipher, 5, 140–141
public-key cryptography, 406
SHS (Secure Hash Standard) hash functions, 8
See also AES (Advanced Encryption Standard) block cipher; CCM (Counter with CBC MAC); ECC (elliptic curve cryptography); Encrypt and authenticate modes; Hash functions; MACs (message authentication codes); NIST (National Institute for Standards and Technologies); PKCS #1 standard; Public key (PK) standards, implementing
static keyword, 64
Strength, mismatch of, 206
Strengthening of message digests (MDs), 207–208, 250
SubBytes function, 146–150
Substitution-permutation network, 140, 142
Swap memory, 338
Symmetric key ciphers, 4, 380
Syntax of ASN.l(Abstract Syntax Notation One), 23–27
System clocks, 114

T

Tables
decryption, 167–168
precomputed, 165–167
Testing
ciphers, 161–162
randomness, 95–98
Texts, 16
Threat models, 3–4, 18
Time encoding in ASN., 1, 30, 41–42, 67–70
Timer interrupts, 114
Timer skew, 101–103
TomsFastMath library, 15, 19, 90, 377
Tools, cryptography, 15
Tromer, Eran, 184
Two-factor authentication, 243–244
Twofish block cipher, 140

U

Uncertainty. See Entropy
Universal hashing, 302
Unrolling compression, 244–245
Unrolling loops, 244, 353, 362, 375
Unsalted passwords, 240
Use cases, 3–4
UTCTIME type in ASN.1, 30, 41–42, 67–70, 71

V

Vanstone, Scott, 391
Very large numbers. See BigNum algorithms
Video game consoles, 134–135
Video game Dark Age of Camelot, 2
Viega, John, 300
Virtual memory, 338

W

Web sites
Advanced Encryption Standard (AES) block cipher, 5
DIEHARD program, 94
EncFS, 12
FIPS certification, 19
LibTomCrypt library, 378
PKCS #5 key derivation, 236–238
RPG100B IC R.NG, 134
SG100 nine-pin serial-port R.NG, 134
TomsFastMath library, 377
Whirlpool hash function, 8
Windowed multiplication on whole words, 301
Word-count test, 95

X

X86-based platforms
AES performance, 174–176
block levels, 15
SHA-1 implementation, 222
Single Instruction Multiple Data (SIMD) instructions, 325–326
“slackers, ”, 264
timing data, 15
XCBC, 255
XMALLOC definition in C, 56
XML, 90

Y

“Yarrow-160: Notes on the Design and Analysis of the Yarrow Cryptographic Pseudorandom Number Generator” (Kelsey, Schneier, Ferguson), 118
Yarrow PRNGs
description, 118
design, 119–120
pros and cons, 121
reseeding, 120–121
statefulness, 121
Yen, Sung-Ming, 390

Z

Zero-copying compression, 214, 234–236, 245
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.140.197.10