This article has multiple issues. Please help improve it or discuss these issues on the talk page . (Learn how and when to remove these template messages)
|
Developer(s) | Bernhard Esslinger |
---|---|
Initial release | 1998 |
Stable release | CT 1.4.42 (December 2021) CT 2.1 (release 2022.1) (December 2022) Contents |
Repository | |
Operating system | CT1 and CT2: Microsoft Windows, JCT: Win, Linux and macOS |
Type | Cryptography, Encryption, Privacy, E-Learning |
License | Apache Licence 2.0 |
Website | www |
CrypTool is an open-source project [1] that is a free e-learning software for illustrating cryptographic and cryptanalytic concepts. According to "Hakin9", [2] CrypTool is worldwide the most widespread e-learning software in the field of cryptology. [3] [4]
CrypTool implements more than 400 algorithms. [5] Users can adjust these with own parameters. To introduce users to the field of cryptography, the organization created multiple graphical interface software containing an online documentation, analytic tools and algorithms. They contain most classical ciphers, as well as modern symmetric and asymmetric cryptography including RSA, ECC, digital signatures, hybrid encryption, homomorphic encryption, and Diffie–Hellman key exchange. Methods from the area of quantum cryptography (like BB84 key exchange protocol) and the area of post-quantum cryptography (like McEliece, WOTS, Merkle-Signature-Scheme, XMSS, XMSS_MT, and SPHINCS) are implemented. In addition to the algorithms, solvers (analyzers) are included, especially for classical ciphers. Other methods (for instance Huffman code, AES, Keccak, MSS) are visualized.
In addition it contains: didactical games (like Number Shark, Divider Game, or Zudo-Ku) and interactive tutorials about primes, elementary number theory, and lattice-based cryptography.
The development of CrypTool started in 1998. Originally developed by German companies and universities, it is an open-source project since 2001. More than sixty people worldwide contribute regularly to the project. Contributions as software plugins came from universities or schools in the following towns: Belgrad, Berlin, Bochum, Brisbane, Darmstadt, Dubai, Duisburg-Essen, Eindhoven, Hagenberg, Jena, Kassel, Klagenfurt, Koblenz, London, Madrid, Mannheim, San Jose, Siegen, Utrecht, Warsaw. [6]
Currently 4 versions of CrypTool are maintained and developed: The CrypTool 1 (CT1) software is available in 6 languages (English, German, Polish, Spanish, Serbian, and French). CrypTool 2 (CT2) is available in 3 languages (English, German, Russian). All others, JCrypTool (JCT) and CrypTool-Online (CTO), are available only in English and German. [7]
The goal of the CrypTool project is to make users aware of how cryptography can help against network security threats and to explain the underlying concepts of cryptology. [8]
CrypTool 1 (CT1) is written in C++ and designed for the Microsoft Windows operating system. A port of CT1 to Linux with Qt4 was started, but there is no progress anymore. [9]
In 2007, development began on two additional projects, both based on a pure-plugin architecture, to serve as successors to the original CrypTool program. Both successors regularly publish new stable versions:
CrypTool has received several international awards as an educational program, such as the TeleTrusT Special Award 2004, EISA 2004, IT Security Award NRW 2004, and Selected Landmark in the Land of Ideas 2008 award. [14]
CrypTool is used in schools, universities, [15] companies and agencies for education and awareness training. [16] [17] [18]
Worldwide, the CrypTool packages are downloaded more than 10,000 times per month from the CrypTool website. Just over 50% of the downloads are for the English version.
The CrypTool project also includes the website CrypTool-Online, [19] launched in 2009. This website allows users to try cryptographic methods directly within a browser on a PC or on a smartphone (using JavaScript), without the need to download and install software. This site aims to present the topic in an easy and attractive way for new users and young people. [20] Advanced tasks still require the offline versions of CrypTool.
In 2010, the international cipher contest MTC3 started as part of the CrypTool project. [21] The contest currently offers more than 200 challenges derived from old and modern ciphers and designed by more than 30 different authors from different countries. All challenges are presented in PDF templates in English and German. The challenges are clustered in four levels of difficulty, which range from simple riddles solvable with paper-and-pencil to mathematical challenges from modern cryptanalysis for researchers and experts. Additionally, a moderated forum, user statistics, and a hall-of-fame are available. Currently, more than 10,000 registered users are engaged in solving these challenges.
In early 2020, the CrypTool project decided to merge [22] with a similar project of the same name, CrypTools, founded in 2017 in Australia by Luka Lafaye de Micheaux, Arthur Guiot, and Lucas Gruwez. [23] CrypTool, much older and known, thus completely "absorbs" the project under its name.
The first impact of this merger is the rebranding of the project. A new logo, a new website, and the new CTO version are announced. Currently, it's still in development. Another change was the targeted audience. Previously, CrypTool focused on (university) students, and CrypTools on developers and young people. It was therefore necessary to broaden the audience.
On May 15, 2020, in the midst of the COVID-19 pandemic, CrypTool announces the creation of tools to test Decentralized contact tracing protocols. [24] A new page is added to CTO with technical description of the algorithms involved in DP-3T and Exposure Notification. [25] In addition to this, CrypTool also announced the implementation of a page dedicated to raising awareness of the cryptographic means related to privacy in these protocols, called the Corona Tracing Animation. The newer page stands out for its new design and its accessibility to ordinary users. [24]
Cryptanalysis refers to the process of analyzing information systems in order to understand hidden aspects of the systems. Cryptanalysis is used to breach cryptographic security systems and gain access to the contents of encrypted messages, even if the cryptographic key is unknown.
The Data Encryption Standard is a symmetric-key algorithm for the encryption of digital data. Although its short key length of 56 bits makes it too insecure for modern applications, it has been highly influential in the advancement of cryptography.
Articles related to cryptography include:
A5/2 is a stream cipher used to provide voice privacy in the GSM cellular telephone protocol. It was designed in 1992-1993 as a replacement for the relatively stronger A5/1, to allow the GSM standard to be exported to countries "with restrictions on the import of products with cryptographic security features".
In cryptography, MISTY1 is a block cipher designed in 1995 by Mitsuru Matsui and others for Mitsubishi Electric.
In cryptography, DES-X is a variant on the DES symmetric-key block cipher intended to increase the complexity of a brute-force attack. The technique used to increase the complexity is called key whitening.
In cryptography, Khufu and Khafre are two block ciphers designed by Ralph Merkle in 1989 while working at Xerox's Palo Alto Research Center. Along with Snefru, a cryptographic hash function, the ciphers were named after the Egyptian Pharaohs Khufu, Khafre and Sneferu.
In cryptography, the eXtended Sparse Linearization (XSL) attack is a method of cryptanalysis for block ciphers. The attack was first published in 2002 by researchers Nicolas Courtois and Josef Pieprzyk. It has caused some controversy as it was claimed to have the potential to break the Advanced Encryption Standard (AES) cipher, also known as Rijndael, faster than an exhaustive search. Since AES is already widely used in commerce and government for the transmission of secret information, finding a technique that can shorten the amount of time it takes to retrieve the secret message without having the key could have wide implications.
In cryptography, the Cellular Message Encryption Algorithm (CMEA) is a block cipher which was used for securing mobile phones in the United States. CMEA is one of four cryptographic primitives specified in a Telecommunications Industry Association (TIA) standard, and is designed to encrypt the control channel, rather than the voice data. In 1997, a group of cryptographers published attacks on the cipher showing it had several weaknesses which give it a trivial effective strength of a 24-bit to 32-bit cipher. Some accusations were made that the NSA had pressured the original designers into crippling CMEA, but the NSA has denied any role in the design or selection of the algorithm. The ECMEA and SCEMA ciphers are derived from CMEA.
In cryptography, a related-key attack is any form of cryptanalysis where the attacker can observe the operation of a cipher under several different keys whose values are initially unknown, but where some mathematical relationship connecting the keys is known to the attacker. For example, the attacker might know that the last 80 bits of the keys are always the same, even though they don't know, at first, what the bits are.
Bart Preneel is a Belgian cryptographer and cryptanalyst. He is a professor at Katholieke Universiteit Leuven, in the COSIC group.
Nicolas Tadeusz Courtois is a cryptographer and senior lecturer in computer science at University College London.
Salsa20 and the closely related ChaCha are stream ciphers developed by Daniel J. Bernstein. Salsa20, the original cipher, was designed in 2005, then later submitted to the eSTREAM European Union cryptographic validation process by Bernstein. ChaCha is a modification of Salsa20 published in 2008. It uses a new round function that increases diffusion and increases performance on some architectures.
Below is a timeline of notable events related to cryptography.
NTRUSign, also known as the NTRU Signature Algorithm, is an NTRU public-key cryptography digital signature algorithm based on the GGH signature scheme. The original version of NTRUSign was Polynomial Authentication and Signature Scheme (PASS), and was published at CrypTEC'99. The improved version of PASS was named as NTRUSign, and was presented at the rump session of Asiacrypt 2001 and published in peer-reviewed form at the RSA Conference 2003. The 2003 publication included parameter recommendations for 80-bit security. A subsequent 2005 publication revised the parameter recommendations for 80-bit security, presented parameters that gave claimed security levels of 112, 128, 160, 192 and 256 bits, and described an algorithm to derive parameter sets at any desired security level. NTRU Cryptosystems, Inc. have applied for a patent on the algorithm.
Cryptography, or cryptology, is the practice and study of techniques for secure communication in the presence of adversarial behavior. More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, information security, electrical engineering, digital signal processing, physics, and others. Core concepts related to information security are also central to cryptography. Practical applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications.
The following outline is provided as an overview of and topical guide to cryptography:
This article summarizes publicly known attacks against block ciphers and stream ciphers. Note that there are perhaps attacks that are not publicly known, and not all entries may be up to date.
Crypto++ is a free and open-source C++ class library of cryptographic algorithms and schemes written by Wei Dai. Crypto++ has been widely used in academia, student projects, open-source, and non-commercial projects, as well as businesses. Released in 1995, the library fully supports 32-bit and 64-bit architectures for many major operating systems and platforms, including Android, Apple, BSD, Cygwin, IBM AIX, Linux, MinGW, Solaris, Windows, Windows Phone and Windows RT. The project also supports compilation using C++03, C++11, C++14, and C++17 runtime libraries; and a variety of compilers and IDEs, including Borland Turbo C++, Borland C++ Builder, Clang, CodeWarrior Pro, GCC, Intel C++ Compiler (ICC), Microsoft Visual C/C++, and Sun Studio.
Speck is a family of lightweight block ciphers publicly released by the National Security Agency (NSA) in June 2013. Speck has been optimized for performance in software implementations, while its sister algorithm, Simon, has been optimized for hardware implementations. Speck is an add–rotate–xor (ARX) cipher.