ECRYPT

Last updated

ECRYPT (European Network of Excellence in Cryptology) was a 4-year European research initiative launched on 1 February 2004 with the stated objective of promoting the collaboration of European researchers in information security, and especially in cryptology and digital watermarking.

Contents

ECRYPT listed five core research areas, termed "virtual laboratories": symmetric key algorithms (STVL), public key algorithms (AZTEC), protocol (PROVILAB), secure and efficient implementations (VAMPIRE) and watermarking (WAVILA).

In August 2008 the network started another 4-year phase as ECRYPT II.

ECRYPT II products

Yearly report on algorithms and key lengths

During the project, algorithms and key lengths were evaluated yearly. The most recent of these documents is dated 30 September 2012. [1]

Key sizes

Considering the budget of a large intelligence agency to be about 300 million USD for a single ASIC machine, the recommended minimum key size is 84 bits, which would give protection for a few months. In practice, most commonly used algorithms have key sizes of 128 bits or more, providing sufficient security also in the case that the chosen algorithm is slightly weakened by cryptanalysis.

Different kinds of keys are compared in the document (e.g. RSA keys vs. EC keys). This "translation table" can be used to roughly equate keys of other types of algorithms with symmetric encryption algorithms. In short, 128 bit symmetric keys are said to be equivalent to 3248 bits RSA keys or 256-bit EC keys. Symmetric keys of 256 bits are roughly equivalent to 15424 bit RSA keys or 512 bit EC keys. Finally 2048 bit RSA keys are said to be equivalent to 103 bit symmetric keys.

Among key sizes, 8 security levels are defined, from the lowest "Attacks possible in real-time by individuals" (level 1, 32 bits) to "Good for the foreseeable future, also against quantum computers unless Shor's algorithm applies" (level 8, 256 bits). For general long-term protection (30 years), 128 bit keys are recommended (level 7).

Use of specific algorithms

Many different primitives and algorithms are evaluated. The primitives are:

  • symmetric encryption algorithms such as 3DES and AES;
  • block cipher modes of operation such as ECB, CBC, CTR and XTS;
  • authenticated encryption methods such as GCM;
  • stream ciphers RC4, eSTREAM and SNOW 2.0;
  • hashing algorithms MD5, RIPEMD-128/160, SHA-1, SHA-2 and Whirlpool;
  • MAC algorithms HMAC, CBC-MAC and CMAC;
  • asymmetric encryption algorithms ElGamal and RSA;
  • key exchange schemes and algorithms such as SSH, TLS, ISO/IEC 11770, IKE and RFC 5114;
  • key encapsulation mechanisms RSA-KEM and ECIES-KEM;
  • signature schemes such as RSA-PSS, DSA and ECDSA; and
  • public key authentication and identification algorithm GQ.

Note that the list of algorithms and schemes is non-exhaustive (the document contains more algorithms than are mentioned here).

Main Computational Assumptions in Cryptography

This document, dated 11 January 2013, provides "an exhaustive overview of every computational assumption that has been used in public key cryptography." [2]

Report on physical attacks and countermeasures

The "Vampire lab" produced over 80 peer reviewed and joined authored publications during the four years of the project. This final document looks back on results and discusses newly arising research directions. The goals were to advance attacks and countermeasures; bridging the gap between cryptographic protocol designers and smart card implementers; and to investigate countermeasures against power analysis attacks (contact-based and contact-less). [3]

See also

Related Research Articles

Cipher Algorithm for encrypting and decrypting information

In cryptography, a cipher is an algorithm for performing encryption or decryption—a series of well-defined steps that can be followed as a procedure. An alternative, less common term is encipherment. To encipher or encode is to convert information into cipher or code. In common parlance, "cipher" is synonymous with "code", as they are both a set of steps that encrypt a message; however, the concepts are distinct in cryptography, especially classical cryptography.

In cryptography, key size or key length is the number of bits in a key used by a cryptographic algorithm.

Data Encryption Standard

The Data Encryption Standard is a symmetric-key algorithm for the encryption of digital data. Although its short key length of 56 bits makes it too insecure for applications, it has been highly influential in the advancement of cryptography.

In cryptography, RC4 is a stream cipher. While it is remarkable for its simplicity and speed in software, multiple vulnerabilities have been discovered in RC4, rendering it insecure. It is especially vulnerable when the beginning of the output keystream is not discarded, or when nonrandom or related keys are used. Particularly problematic uses of RC4 have led to very insecure protocols such as WEP.

In cryptography, a key is a piece of information that determines the functional output of a cryptographic algorithm. For encryption algorithms, a key specifies the transformation of plaintext into ciphertext, and vice versa for decryption algorithms. Keys also specify transformations in other cryptographic algorithms, such as digital signature schemes and message authentication codes.

Symmetric-key algorithms are algorithms for cryptography that use the same cryptographic keys for both encryption of plaintext and decryption of ciphertext. The keys may be identical or there may be a simple transformation to go between the two keys. The keys, in practice, represent a shared secret between two or more parties that can be used to maintain a private information link. This requirement that both parties have access to the secret key is one of the main drawbacks of symmetric key encryption, in comparison to public-key encryption.

In cryptography, an initialization vector (IV) or starting variable (SV) is a fixed-size input to a cryptographic primitive that is typically required to be random or pseudorandom. Randomization is crucial for encryption schemes to achieve semantic security, a property whereby repeated usage of the scheme under the same key does not allow an attacker to infer relationships between segments of the encrypted message. For block ciphers, the use of an IV is described by the modes of operation. Randomization is also required for other primitives, such as universal hash functions and message authentication codes based thereon.

Articles related to cryptography include:

Cryptographic hash function Hash function that is suitable for use in cryptography

A cryptographic hash function (CHF) is a mathematical algorithm that maps data of arbitrary size to a bit array of a fixed size. It is a one-way function, that is, a function which is practically infeasible to invert. Ideally, the only way to find a message that produces a given hash is to attempt a brute-force search of possible inputs to see if they produce a match, or use a rainbow table of matched hashes. Cryptographic hash functions are a basic tool of modern cryptography.

NESSIE was a European research project funded from 2000 to 2003 to identify secure cryptographic primitives. The project was comparable to the NIST AES process and the Japanese Government-sponsored CRYPTREC project, but with notable differences from both. In particular, there is both overlap and disagreement between the selections and recommendations from NESSIE and CRYPTREC. The NESSIE participants include some of the foremost active cryptographers in the world, as does the CRYPTREC project.

In cryptography, Camellia is a symmetric key block cipher with a block size of 128 bits and key sizes of 128, 192 and 256 bits. It was jointly developed by Mitsubishi Electric and NTT of Japan. The cipher has been approved for use by the ISO/IEC, the European Union's NESSIE project and the Japanese CRYPTREC project. The cipher has security levels and processing abilities comparable to the Advanced Encryption Standard.

CRYPTREC is the Cryptography Research and Evaluation Committees set up by the Japanese Government to evaluate and recommend cryptographic techniques for government and industrial use. It is comparable in many respects to the European Union's NESSIE project and to the Advanced Encryption Standard process run by National Institute of Standards and Technology in the U.S..

DES-X

In cryptography, DES-X is a variant on the DES symmetric-key block cipher intended to increase the complexity of a brute-force attack using a technique called key whitening.

In cryptography, SAFER is the name of a family of block ciphers designed primarily by James Massey on behalf of Cylink Corporation. The early SAFER K and SAFER SK designs share the same encryption function, but differ in the number of rounds and the key schedule. More recent versions — SAFER+ and SAFER++ — were submitted as candidates to the AES process and the NESSIE project respectively. All of the algorithms in the SAFER family are unpatented and available for unrestricted use.

There are a number of standards related to cryptography. Standard algorithms and protocols provide a focus for study; standards for popular applications attract a large amount of cryptanalysis.

NSA Suite B Cryptography was a set of cryptographic algorithms promulgated by the National Security Agency as part of its Cryptographic Modernization Program. It was to serve as an interoperable cryptographic base for both unclassified information and most classified information.

Cryptography Practice and study of secure communication techniques

Cryptography, or cryptology, is the practice and study of techniques for secure communication in the presence of third parties called adversaries. More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages; various aspects in information security such as data confidentiality, data integrity, authentication, and non-repudiation are central to modern cryptography. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, electrical engineering, communication science, and physics. Applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications.

The following outline is provided as an overview of and topical guide to cryptography:

Post-quantum cryptography refers to cryptographic algorithms that are thought to be secure against an attack by a quantum computer. As of 2020, this is not true for the most popular public-key algorithms, which can be efficiently broken by a sufficiently strong quantum computer. The problem with currently popular algorithms is that their security relies on one of three hard mathematical problems: the integer factorization problem, the discrete logarithm problem or the elliptic-curve discrete logarithm problem. All of these problems can be easily solved on a sufficiently powerful quantum computer running Shor's algorithm. Even though current, publicly known, experimental quantum computers lack processing power to break any real cryptographic algorithm, many cryptographers are designing new algorithms to prepare for a time when quantum computing becomes a threat. This work has gained greater attention from academics and industry through the PQCrypto conference series since 2006 and more recently by several workshops on Quantum Safe Cryptography hosted by the European Telecommunications Standards Institute (ETSI) and the Institute for Quantum Computing.

In cryptography, security level is a measure of the strength that a cryptographic primitive — such as a cipher or hash function — achieves. Security level is usually expressed in "bits", where n-bit security means that the attacker would have to perform 2n operations to break it, but other methods have been proposed that more closely model the costs for an attacker. This allows for convenient comparison between algorithms and is useful when combining multiple primitives in a hybrid cryptosystem, so there is no clear weakest link. For example, AES-128 is designed to offer a 128-bit security level, which is considered roughly equivalent to 3072-bit RSA.

References

  1. "ECRYPT II Yearly Report on Algorithms and Keysizes (2011-2012)" (PDF). 30 September 2012. pp. 29, 30, 32, 37–85, 89, 90. Archived from the original (PDF) on 2016-11-14. Retrieved 6 February 2017.
  2. "Final Report on Main Computational Assumptions in Cryptography" (PDF). 2013-01-11. p. 2. Retrieved 6 February 2017.
  3. "Final report of VAM2" (PDF). 17 January 2013. p. 1. Retrieved 6 February 2017.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.