Talk:Cryptography
 | Cryptography is a former featured article. Please see the links under Article milestones below for its original nomination page (for older articles, check the nomination archive) and why it was removed. | |||||||||||||||
 | This article appeared on Wikipedia's Main Page as Today's featured article on July 22, 2006. | |||||||||||||||
| ||||||||||||||||
| Current status: Former featured article | ||||||||||||||||
 | This article has not yet been rated on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Please add the quality rating to the {{WikiProject banner shell}} template instead of this project banner. See WP:PIQA for details.
Please add the quality rating to the {{WikiProject banner shell}} template instead of this project banner. See WP:PIQA for details.
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
"Distinguish between the essential aspects and variations of"Science", "Engineering", "Philosophy", Application" and "Management" of cryptography because the language, contexts and perspectives are complicated and different.. Roy D. Follendore III (talk) 14:15, 16 August 2019 (UTC) Priority 1 (top)
|
|
|
This page has archives. Sections older than 90 days may be automatically archived by Lowercase sigmabot III when more than 5 sections are present. |
Update the section for symmetric key cryptography for SHA-3 hash function
In the very end of the section about symmetric key cryptography, they mention hash functions and in particular they say:
Thus, a hash function design competition is underway and meant to select a new U.S. national standard, to be called SHA-3, by 2012.
However this competition is over as of October 2, 2012 and SHA-3 is officially the Keccak function. Please update (my native language is not English, so I think I shouldn't). For more information on the SHA-3, check http://en.wikipedia.org/wiki/Sha-3.
Request for comments - draft of authentication section
I have now done a first draft of an authentication section. I intended to insert it into this article but it has perhaps grown a little too much. Some feedback/copy editing would be very welcome as I probably do not feel comfortable dropping a whole new section into a featured article in the absence of some concensus. Draft is User:FrankFlanagan/Authentication. Many thanks.FrankFlanagan (talk) 11:54, 7 May 2011 (UTC)
- The proposed draft is pretty weak. Articles on cryptography should be based on published papers and well established standards and processes. This is not the case with this proposal and in fact is describes authentication methods that are known to be flawed. In particular, the first diagram describing a simple hash based authentication by encrypting the string message||hash(message) is generally not a good idea. Assume for example that CTR mode is used for the encryption and that the attacker can guess the message. Then the attacker can learn the key stream used for the encryption and substitute the ciphertext with any message chosen by the attacker. The attack is simplest when using CTR mode, but is also flawed with other encryption modes. The description of digital signatures is also not state of the art. None of the digital signature schemes I know of follows the "encrypt the hash of the message with the private key" paradigm. DSA is not even close to an encryption scheme. Using RSA encryption to generate signatures is not necessarily secure, because RSA encryption uses a padding suitable for encryption and RSA signatures use paddings suitable for signatures. Using one for the other has difficult to analyze consequences and thus must be avoided. 62.203.98.127 (talk) 13:27, 7 May 2011 (UTC)
- I'm probably not the best person to review this (I've never written any featured content myself) but there are a few points:
- Needs some more references. Some paragraphs don't have any at all.
- The manual of style discourages using bold text to emphasise things (WP:MOSBOLD), italics are preferred.
- I've fixed some typos and capitalisation errors (I don't think any cryptographic systems rely on a "pubic piece of shared data"!)
- Hut 8.5 13:36, 7 May 2011 (UTC)
- Many thanks to both of you for providing very useful feedback. On reflection, in light of the fact that this is intended to fit into an overview article I did perhaps let the balance tilt too much towards simplicity. I have kept, but caveated the first diagram, tidied up the public key material, while attempting to avoid getting into ASN1 and, I think, referenced the material fairly extensively. If anybody feels like taking a further look it would be much appreciated. If it looks like the draft section will not make the standard I am tempted to move it to the main space as a separate article.FrankFlanagan (talk) 22:12, 8 May 2011 (UTC)
Prior notification: I will review both your proposals soon, probably within the next few days. Watch out :) Nageh (talk) 20:50, 10 May 2011 (UTC)
Earliest use of the word Cryptography or cognate forms
As there was a recent edit putting forward a purported earliest known use of the word cryptography, and despite the fact that it may be of more relevance in a dictionary than an encyclopedia, the earliest reference of which I am aware, albeit actually to a cognate form thereof, as cited in the OED is
1641 Wilkins Mercury ii. (1707) 8 "There are also different Ways of Secresy. 1. Cryptologia. 2. Cryptographia. 3. Semæologia."
Any earlier confirmed usage would be welcome. FrankFlanagan (talk) 07:06, 26 May 2011 (UTC)
Cryptology
The article is misleading to the reader in that it confuses cryptography with cryptology (and in fact it suggests that cryptoanalysis is a part of cryptography). I know it's been already discussed zillion times before through the wikipedia history, and different editors have various ideas, possibly there are even some differences in the popular American vs British usage but still it stays confusing. Can we make the distinction clear, based on strong linguistic sources rather than individual editors' opinions ? Similar confusion is common in other languages, still most other wikis have this already properly handled. --Lysytalk 19:00, 24 September 2011 (UTC)
- Hence the expression "cryptographic attack" would be an oxymoron. But a quick search on Google scholar shows that the expression can be found in over 500 papers. This clearly indicates that even the experts do not always distinguish between the terms cryptography and cryptology. Wikipedia should merely state how a term is used and not try to correct rsp. redefine it. At the moment the article seems to achieve this reasonably well. 83.79.135.102 (talk) 20:25, 24 September 2011 (UTC)
Classical method may outperform quantum cryptography
I recently stumbled across this and it may prove to be necessary to add information regarding this subject in the future, however at present I am not sure if there is enough information to comment on it in any article yet. http://arxiv.org/abs/1206.2534 70.249.189.22 (talk) 13:43, 17 June 2012 (UTC)
- There is a wikipedia article on the Kish cypher, which might be related to the paper you mention above. 178.195.225.28 (talk) 14:46, 17 June 2012 (UTC)
Cryptography with Biometrics
Cryptography and Biometrics The procedure of cryptography comprises of key generation. The key is generated from a subject’s biometric image with the help of error-correction algorithms, which do not reveal the key, and can be saved in a tamper-resistant token such as a smart card. The reproduction of the key depends on two factors: the subject’s image and the token. The attacker has to procure both of them to compromise the key.
A number of researchers have studied the interaction between biometrics and cryptography, two potentially complementary security technologies. Biometrics is about measuring unique personal features, such as a subject’s voice, fingerprint, or iris. It has the potential to identify individuals with a high degree of assurance, thus providing a foundation for trust. Cryptography, on the other hand, concerns itself with the projection of trust: with taking trust from where it exists to where it is needed.
The main obstacle to algorithmic combination is that biometric data are noisy; only an approximate match can be expected to a stored template. Cryptography, on the other hand, requires that keys be exactly right, or protocols will fail. For that reason, previous product offerings have been based on specific hardware devices. It would be better to have a more general, protocol-level approach, combining cryptography and biometrics. Yet another consideration is privacy. Many users may be reluctant to have biometric data stored on central databases; and there may be less resistance to biometric technology if users can be credibly assured that their templates are not stored centrally (or, perhaps, at all).
How it works. Firstly (Enroll): In this subject enrolls the number of scanned image. It can be Iris, fingerprint, voice etc. This sample is stored in the database and is used for matching and key generation procedure.
Secondly (Key generation): The key is generated using biometric sample which is used in cryptography.
Third (Cryptography): In this message is encrypted using generated key. This process is employed before sending of message. User side: encryption of message using key and receiver’s key. Receiver side: decryption of message using the receiver key through biometric scan.
Biometric Key Generation[1]
BKGs are generally composed of two algorithms, an enrollment algorithm (Enroll) and a key-generation algorithm (Key Gen):
• Enroll (B1, . . . , Bℓ): The enroll algorithm is a probabilistic algorithm that accepts as input a number of biometric samples (B1, . . . , Bℓ), and outputs a template (T) and a cryptographic key (K). In the event that B1, . . . , Bℓ do not meet some predetermined criteria, the enroll algorithm might output the failure symbol ⊥.
• Key Gen (B, T): The key generation algorithm accepts as input one biometric sample (B), and a template (T). The algorithm outputs either a cryptographic key (K), or the failure symbol ⊥ if B cannot be used to create a key. The enrollment algorithm estimates the variation inherent to a particular user’s biometric reading and computes information needed to error-correct a new sample that is sufficiently close to the enrollment samples. Enroll encodes this information into a template and outputs the template and the associated key. The key-generation algorithm uses the template output by the enrollment algorithm and a new biometric sample to output a key. If the provided sample is sufficiently similar to those provided during enrollment, then Key Gen and Enroll output the same keys. Vinit2jain (talk) 17:36, 30 October 2012 (UTC)
- ^ [www.cl.cam.ac.uk/techreports/UCAM-CL-TR-640.pdf "Combining cryptography with biometrics effectively"] (PDF). University of Cambridge. 640: 17. 2005. Retrieved 25 October 2012.
{{cite journal}}:|first=missing|last=(help); Check|url=value (help); Unknown parameter|month=ignored (help)CS1 maint: multiple names: authors list (link)
- Wikipedia former featured articles
- Featured articles that have appeared on the main page
- Featured articles that have appeared on the main page once
- All unassessed articles
- Unassessed mathematics articles
- Top-priority mathematics articles
- Featured articles on Mathematics Portal
- B-Class Computer science articles
- Top-importance Computer science articles
- WikiProject Computer science articles
- B-Class Cryptography articles
- Top-importance Cryptography articles
- WikiProject Cryptography articles
- Wikipedia pages with to-do lists