Topics in cryptography

This article is intended to be an 'analytic glossary', or alternatively, an organized collection of annotated pointers.

Classical ciphers

*Autokey cipher
*Permutation cipher

*Polyalphabetic substitution
**Vigenère cipher

*Polygraphic substitution
**Playfair cipher (by Charles Wheatstone)
**Hill cipher

*Substitution ciphers
**Caesar cipher
***ROT13
**Affine cipher
**Atbash cipher

*Transposition ciphers
**Scytale
**Grille cipher
**VIC cipher (complex hand cypher used by at least one Soviet spy in the early 1950s -- it proved quite secure for the time)

Famous ciphertexts

*See List of famous ciphertexts

Attacks on classical ciphers

*Frequency analysis
*Contact analysis
*Kasiski examination
*Index of coincidence

Modern algorithms, methods evaluation and selection projects

tandards organizations

*the Federal Information Processing Standards Publication program (run by NIST to produce standards in many areas to guide operations of the US Federal government; many FIPS Pubs are cryptography related, ongoing)
*the ANSI standardization process (produces many standards in many areas; some are cryptography related, ongoing)
* ISO standardization process (produces many standards in many areas; some are cryptography related, ongoing)
*IEEE standardization process (produces many standards in many areas; some are cryptography related, ongoing)
*IETF standardization process (produces many standards (called RFCs) in many areas; some are cryptography related, ongoing) See Cryptography standards

Cryptographic organizations

*NSA internal evaluation/selections (surely extensive, nothing is publicly known of the process or its results for internal use; NSA is charged with assisting NIST in its cryptographic responsibilities)
*GCHQ internal evaluation/selections (surely extensive, nothing is publicly known of the process or its results for GCHQ use; a division of GCHQ is charged with developing and recommending cryptographic standards for the UK government)
*DSD Australian SIGINT agency - part of ECHELON
*Communications Security Establishment (CSE) — Canadian intelligence agency.

Open efforts

*the DES selection (NBS selection process, ended 1976)
*the RIPE division of the RACE project (sponsored by the European Union, ended mid-'80s)
*the AES competition (a 'break-off' sponsored by NIST; ended 2001)
*the NESSIE Project (evaluation/selection program sponsored by the European Union; ended 2002)
*the eSTREAM program (ECRYPT-funded; motivated by the failure of all of the stream ciphers submitted to NESSIE; ended 2008)
*the CRYPTREC program (Japanese government sponsored evaluation/recommendation project; draft recommendations published 2003)
*the Internet Engineering Task Force (technical body responsible for Internet standards -- the Request for Comment series: ongoing)
*the Cryptool project (e-learning programme in English and German; freeware; exhaustive educational tool about cryptography and cryptanalysis)

Cryptographic hash functions (message digest algorithms)

* Cryptographic hash function
* Message authentication code
* Keyed-hash message authentication code
** EMAC (NESSIE selection MAC)
** HMAC (NESSIE selection MAC; ISO/IEC 9797-1, FIPS and IETF RFC)
** TTMAC aka Two-Track-MAC (NESSIE selection MAC; K.U.Leuven (Belgium) & debis AG (Germany))
** UMAC (NESSIE selection MAC; Intel, UNevada Reno, IBM, Technion, & UCal Davis)
* MD5 (one of a series of message digest algorithms by Prof Ron Rivest of MIT; 128 bit digest)
* SHA-1 (developed at NSA 160-bit digest, an FIPS standard; the first released version was defective and replaced by this; NIST/NSA have released several variants with longer 'digest' lengths; CRYPTREC recommendation (limited))
** SHA-256 (NESSIE selection hash function, FIPS 180-2, 256 bit digest; CRYPTREC recommendation)
** SHA-384 (NESSIE selection hash function, FIPS 180-2, 384 bit digest; CRYPTREC recommendation)
** SHA-512 (NESSIE selection hash function, FIPS 180-2, 512 bit digest; CRYPTREC recommendation)
* RIPEMD-160 (developed in Europe for the RIPE project, 160-bit digest;CRYPTREC recommendation (limited))
* Tiger (by Ross Anderson et al)
* Snefru
* Whirlpool (NESSIE selection hash function, Scopus Tecnologia S.A. (Brazil) & K.U.Leuven (Belgium))

Public key / private key encryption algorithms (aka asymmetric key algorithms)

* ACE-KEM (NESSIE selection asymmetric encryption scheme; IBM Zurich Research)
** ACE Encrypt
* Chor-Rivest
* Diffie-Hellman (key agreement; CRYPTREC recommendation)
* El Gamal (discrete logarithm)
* Elliptic curve cryptography (discrete logarithm variant)
** PSEC-KEM (NESSIE selection asymmetric encryption scheme; NTT (Japan); CRYPTREC recommendation only in DEM construction w/SEC1 parameters) )
** ECIES (Elliptic Curve Integrated Encryption System; Certicom Corp)
** ECIES-KEM
** ECDH (Elliptic Curve Diffie-Hellman key agreement; CRYPTREC recommendation)
* EPOC
* Merkle-Hellman (knapsack scheme)
* McEliece
* NTRUEncrypt
* RSA (factoring)
** RSA-KEM (NESSIE selection asymmetric encryption scheme; ISO/IEC 18033-2 draft)
** RSA-OAEP (CRYPTREC recommendation)
* Rabin cryptosystem (factoring)
** Rabin-SAEP
** HIME(R)
* XTR
* Threshold cryptosystem

Public key / private key signature algorithms

* Digital Signature Algorithm (from NSA, part of the Digital Signature Standard (DSS); CRYPTREC recommendation)
* Elliptic Curve DSA (NESSIE selection digital signature scheme; Certicom Corp); CRYPTREC recommendation as ANSI X9.62, SEC1)
* Schnorr signatures
* RSA signatures
** RSA-PSS (NESSIE selection digital signature scheme; RSA Laboratories); CRYPTREC recommendation)
* RSASSA-PKCS1 v1.5 (CRYPTREC recommendation)
* Nyberg-Rueppel signatures
* MQV protocol
* Gennaro-Halevi-Rabin signature
* Cramer-Shoup signature
*One-time signatures
**Lamport signature
**Bos-Chaum signature
*Undeniable signatures
**Chaum-van Antwerpen signature
*Fail-stop signatures
*Ong-Schnorr-Shamir signature
*Birational permutation
*ESIGN
** ESIGN-D
** ESIGN-R
*Direct anonymous attestation
*NTRUSign
*SFLASH (NESSIE selection digital signature scheme (esp for smartcard applications and similar); Schlumberger (France))
* Quartz

Key authentication

*Key authentication
*Public key infrastructure
**X.509
*Public key certificate
**Certificate authority
**Certificate revocation list
*ID-based cryptography
*Certificate-based encryption
*Secure key issuing cryptography
*Certificateless cryptography
*Merkle tree

Anonymous identification scheme

* GPS (NESSIE selection anonymous identification scheme; Ecole Normale Supérieure, France Télécom, & La Poste)

Secret key algorithms (aka symmetric key algorithms)

*Stream ciphers
** A5/1, A5/2 (cyphers specified for the GSM cellular telephone standard)
** BMGL
** Chameleon
** FISH (by Siemens AG)
** WWII 'Fish' cyphers
*** Geheimfernschreiber (WWII mechanical onetime pad by Siemens AG, called STURGEON by Bletchley Park)
*** Schlusselzusatz (WWII mechanical onetime pad by Lorenz, called tunny by Bletchley Park)
** HELIX
** ISAAC (intended as a PRNG)
** Leviathan
** LILI-128
** MUGI (CRYPTREC recommendation)
** MULTI-S01 (CRYPTREC recommendation)
** One-time pad (Vernam and Mauborgne, patented mid-'20s; an extreme stream cypher)
** Panama
** Pike (improvement on FISH by Ross Anderson)
** RC4 (ARCFOUR) (one of a series by Prof Ron Rivest of MIT; CRYPTREC recommendation (limited to 128-bit key))
** CipherSaber (RC4 variant with 10 byte random IV, easy to implement)
** Salsa20, an eSTREAM recommended cipher
** SEAL
** SNOW
** SOBER
*** SOBER-t16
*** SOBER-t32
** WAKE

*Block ciphers
**Block cipher modes of operation
**Product cipher
**Feistel cipher (block cypher design pattern by Horst Feistel)
**Advanced Encryption Standard (128 bit block; NIST selection for the AES, FIPS 197, 2001 -- by Joan Daemen and Vincent Rijmen; NESSIE selection; CRYPTREC recommendation)
**Anubis (128-bit block)
**BEAR (block cypher built from stream cypher and hash function, by Ross Anderson)
**Blowfish (64 bit block; by Bruce Schneier, et al)
**Camellia (128 bit block; NESSIE selection (NTT & Mitsubishi Electric); CRYPTREC recommendation)
**CAST-128 (CAST5) (64 bit block; one of a series of algorithms by Carlisle Adams and Stafford Tavares, who are insistent (indeed, adamant) that the name is not due to their initials)
**CAST-256 (CAST6) (128-bit block; the successor to CAST-128 and a candidate for the AES competition)
**CIPHERUNICORN-A (128 bit block; CRYPTREC recommendation)
**CIPHERUNICORN-E (64 bit block; CRYPTREC recommendation (limited))
**CMEA — cipher used in US cellphones, found to have weaknesses.
**CS-Cipher (64 bit block)
**Data Encryption Standard (DES) (64 bit block; FIPS 46-3, 1976)
**DEAL — an AES candidate derived from DES
**DES-X A variant of DES to increase the key size.
**FEAL
**GDES — a DES variant designed to speed up encryption.
**Grand Cru (128 bit block)
**Hierocrypt-3 (128 bit block; CRYPTREC recommendation))
**Hierocrypt-L1 (64 bit block; CRYPTREC recommendation (limited))
**IDEA NXT (project name FOX, 64-bit and 128-bit block family; Mediacrypt (Switzerland); by Pascal Junod & Serge Vaudenay of Swiss Institute of Technology Lausanne)
**International Data Encryption Algorithm (IDEA) (64 bit block -- James Massey & X Lai of ETH Zurich)
**Iraqi Block Cipher (IBC)
**KASUMI (64-bit block; based on MISTY1, adopted for next generation W-CDMA cellular phone security)
**KHAZAD (64-bit block designed by Barretto and Rijmen)
**Khufu and Khafre (64-bit block ciphers)
**LION (block cypher built from stream cypher and hash function, by Ross Anderson)
**LOKI89/91 (64-bit block ciphers)
**LOKI97 (128-bit block cipher, AES candidate)
**Lucifer (by Tuchman et al of IBM, early 1970s; modified by NSA/NBS and released as DES)
**MAGENTA (AES candidate)
**Mars (AES finalist, by Don Coppersmith et al)
**MISTY1 (NESSIE selection 64-bit block; Mitsubishi Electric (Japan); CRYPTREC recommendation (limited))
**MISTY2 (128 bit block: Mitsubishi Electric (Japan))
**Nimbus (64 bit block)
**NOEKEON (128 bit block)
**NUSH (variable block length (64 - 256 bits))
**Q (128 bit block)
**RC2 64-bit block, variable key length.
**RC6 (variable block length; AES finalist, by Ron Rivest et al)
**RC5 (by Ron Rivest)
**SAFER (variable block length)
**SC2000 (128 bit block; CRYPTREC recommendation)
**Serpent (128 bit block; AES finalist by Ross Anderson, Eli Biham, Lars Knudsen)
**SHACAL-1 (160-bit block)
**SHACAL-2 (256-bit block cypher; NESSIE selection Gemplus (France))
**Shark (grandfather of Rijndael/AES, by Daemen and Rijmen)
**Square (father of Rijndael/AES, by Daemen and Rijmen)
**3-Way (96 bit block by Joan Daemen)
**TEA (by David Wheeler & Roger Needham)
**Triple DES (by Walter Tuchman, leader of the Lucifer design team -- not all triple uses of DES increase security, Tuchman's does; CRYPTREC recommendation (limited), only when used as in FIPS Pub 46-3)
**Twofish (128 bit block; AES finalist by Bruce Schneier, et al)
**XTEA (by David Wheeler & Roger Needham)

*Polyalphabetic substitution machine cyphers
**Enigma (WWII German rotor cypher machine -- many variants, many user networks for most of the variants)
** Purple (highest security WWII Japanese Foreign Office cypher machine; by Japanese Navy Captain)
**SIGABA (WWII US cypher machine by William Friedman, Frank Rowlett, et al)
**TypeX (WWII UK cypher machine)

*Hybrid code/cypher combinations
**JN-25 (WWII Japanese Navy superencyphered code; many variants)
**Naval Cypher 3 (superencrypted code used by the Royal Navy in the 30s and into WWII)

*Visual cryptography

=Classified cryptography (U.S.)=

*EKMS NSA's Electronic Key Management System
*FNBDT NSA's secure narrow band voice standard
*Fortezza encryption based on portable crypto token in PC Card format
*KW-26 ROMULUS teletype encryptor (1960s - 1980s)
*KY-57 VINSON tactical radio voice encryption
*SINCGARS tactical radio with cryptographically controlled frequency hopping
*STE secure telephone
*STU-III older secure telephone
*TEMPEST prevents compromising emanations
*Type 1 products

Breaking ciphers

*Passive attack
*Chosen plaintext attack
*Chosen ciphertext attack
*Adaptive chosen ciphertext attack
*Brute force attack
**Cryptographic key length
**Unicity distance
*Cryptanalysis
**Meet-in-the-middle attack
**Differential cryptanalysis
**Linear cryptanalysis
**Slide attack cryptanalysis
**Algebraic cryptanalysis
**XSL attack
**Mod n cryptanalysis

Weak keys and password-based cryptography

* Brute force attack
* Dictionary attack
* Related key attack
* Key derivation function
* Key strengthening
* Weak key
* Password
* Password-authenticated key agreement
* Passphrase
* Salt

Key transport/exchange

*BAN Logic
*Diffie-Hellman
*Man-in-the-middle attack
*Needham-Schroeder
*Offline private key
*Otway-Rees
*Trusted paper key
*Wide Mouth Frog

Pseudo- and true random number generators

* PRNG
* CSPRNG
* Hardware random number generators
* Blum Blum Shub
* Yarrow (by Schneier, et al)
* Fortuna (by Schneier, et al)
* ISAAC
* RPNG based on SHA-1 in ANSI X9.42-2001 Annex C.1 (CRYPTREC example)
* PRNG based on SHA-1 for general purposes in FIPS Pub 186-2 (inc change notice 1) Appendix 3.1 (CRYPTREC example)
* PRNG based on SHA-1 for general purposes in FIPS Pub 186-2 (inc change notice 1) revised Appendix 3.1 (CRYPTREC example)

Anonymous communication

* Dining cryptographers protocol (by David Chaum)
* Anonymous remailer
* Pseudonymity
* Anonymous internet banking
* Onion routing

Legal issues

*Cryptography as free speech
**"Bernstein v. United States"
**"Junger v. Daley"
**DeCSS
**Phil Zimmermann
*Export of cryptography
*Key escrow and Clipper Chip
*Digital Millennium Copyright Act
*Digital Rights Management (DRM)
*Cryptography patents
**RSA (now public domain}
**David Chaum and digital cash
*Cryptography and law enforcement
**Wiretaps
**Espionage
*Cryptography laws in different nations
**Official Secrets Act (United Kingdom)
**Regulation of Investigatory Powers Act 2000 (United Kingdom)

Terminology

* Cryptographic key
* Cipher
* Ciphertext
* Plaintext
* Code
* Tabula recta

Books and publications

* Books on cryptography
* Important publications in cryptography

Cryptographers

* See List of cryptographers

Uses of cryptographic techniques

*Commitment schemes
*Secure multiparty computations
*Electronic voting
*Authentication
*Digital signatures
*Cryptographic engineering
*Crypto systems

Robustness properties

*Provable security
*Random oracle model
*Ciphertext indistinguishability
*Semantic security
*Malleability

Miscellaneous

*Ban (information)
*Echelon
*Espionage
*IACR
*Ultra
*Security engineering
*SIGINT
*Steganography
*Cryptographers
*SSL
*Quantum cryptography
*Kish cypher
*Crypto-anarchism
*Cypherpunk
*Key escrow
*Zero-knowledge proofs
*Blind signature
*Blinding (cryptography)
*Digital timestamping
*Secret sharing
*Trusted operating systems
*Trusted paper key

Free / open-source cryptosystems (ie, algorithms + protocols + system design)

*PGP (a name for any of several related crypto systems, some of which, beginning with the acquisition of the name by Network Associates, have not been Free Software in the GNU sense)
*FileCrypt (an open source/commercial command line version of PGP from Veridis of Denmark, see PGP)
*GPG (an open source implementation of the OpenPGP IETF standard crypto system)
*SSH (Secure SHell implementing cryptographically protected variants of several common Unix utilities, First developed as open source in Finland by Tatu Ylönen. There is now OpenSSH, an open source implementation supporting both SSH v1 and SSH v2 protocols. There are also commercial implementations.
*IPsec (Internet Protocol Security IETF standard, a mandatory component of the IPv6 IETF standard)
*Free S/WAN (an open source implementation of IPsec)
*Cryptool project (e-learning programme in English and German; freeware; exhaustive educational tool about cryptography and cryptanalysis)