A dictionary attack consists of trying “every word in the dictionary” as a possible password for an encrypted message. A dictionary attack is generally more efficient than a brute force attack because users typically choose poor passwords. Dictionary attacks are generally far less successful against systems that use passphrases instead of passwords. Improving Dictionary Attacks There are two ways to improve dictionary attack success. The first way is to use a larger or more dictionaries. Technical and foreign language dictionaries increase the overall chance of discovering the correct password. The Read More

In most enterprise-level public key infrastructure systems, there is a dependence upon certificate chains to verify the identity of a party. When a Certificate Authority (CA) issues a certificate for any party, the legitimacy of that certificate authority must be verified. This is usually done by a higher certificate authority. This higher authority is part of a unique certification hierarchy which is eventually overseen by a root certificate. It is so called because it is the root of the certificate tree or the monarch of the certificate domain. If we Read More

Steganography is the art and science of hiding messages. Steganography is often combined with cryptography so that even if the message is discovered it cannot be read. The word steganography is derived from the Greek words “steganos” and “graphein”, which mean “covered” and “writing.” Steganography, therefore, is covered writing. Historical stenganography involved techniques such as disappearing ink or microdots. Modern steganography involves hiding data in computer files. It is fairly easy to hide a secret message in a graphic file without obviously altering the visible appearance of that file. Steganography Read More

X.509 is an ITU-T (ITU Telecommunication Standardization Sector) standard for PKI (Public Key Infrastructure) in cryptography, which, amongst many other things, defines specific formats for PKC (Public Key Certificates) and the algorithm that verifies a given certificate path is valid under a give PKI (called the certification path validation algorithm). X.509 History X.509 began in association with the X.500 standard in 1988 (Version 1) and it assumed a hierarchical system of certification authorities for issuing of certificates, quite contrary to the then existing web trust models – such as PGP Read More

A cryptographic certificate or digital certificate is a type of credential that is included with a public key to ensure that the key belongs to a specific user. A cryptographic certificate is similar to a physical certificate such as a birth certificate, passport, or Driver’s License, and is used to verify that a trusted entity has confirmed that the public key belongs to a user. Encrypted servers, email clients, financial institutions, and some individuals often use cryptographic certificates to prove that they are trustworthy.   How Cryptographic Certificates Work Cryptographic Read More

A chosen plaintext attack is an attack where the cryptanalyst is able to define his own plaintext, feed it into the cipher, and analyze the resulting ciphertext. Mounting a chosen plaintext attack requires the cryptanalyst to be able to send data of his choice into the device which is doing the encryption, and it requires the cryptanalyst to be able to view the output from the device. Because of these requirements, a chosen plaintext attack is in some cases impossible to attempt. A good example is the attacks on the Read More

  A key server is a networked computer used to provide cryptographic keys to other computer programs or end-users. Key servers can be used on both internetal networks as well as across the Internet. Today, the primary keys that are served by key servers are keys in Open PGP, x.509, or PKCS key certificate formats and help serve to verify information by a company or individual in the public key infrastructure architecture. How Key Servers Were Created Key servers were initially developed as part of the overall creation of public Read More

A brute force attack consists of trying every possible code, combination, or password until the right one is found. Determining the Difficulty of a Brute Force Attack The difficulty of a brute force attack depends on several factors, such as: How long can the key be? How many possible values can each key component have? How long will it take to attempt each key? Is there a mechanism that will lock the attacker out after a number of failed attempts? As an example, imagine a system that only allows 4 Read More

Rubber Hose Cryptography refers to a file system in which multiple archives are encrypted and hidden on the same disk in a way that makes each archive appear to be the size of the entire disk. Rubber Hose Cryptography is often used to hide illegal or confidential information in an attempt to prevent theft or detection of the hidden data. Because each archive must be decrypted separately and rest atop one another in layers, no archive in a Rubber Hose file system knows anything about the other archives. This prevents Read More

S/MIME, (Secure / Multipurpose Internet Mail Extensions) is a protocol which provides digital signatures and encryption of Internet MIME messages. S/MIME, which utilizes the RSA (Rivest-Shamir-Adleman) public-key encryption technology, is a secure method for sending email. S/MIME defines how a digital certificate and encryption information can be provided as part of the message body. The S/MIME protocol follows the syntax as laid down in the PCKS #7 (Public-Key Cryptography Standard format number 7). S/MIME has been proposed by RSA as a standard to the Internet Engineering Task Force (IETF). PGP/MIME Read More