"Verschlüsselung im NSA-Zeitalter" - Link- und Literaturverzeichnis
Dipl.-Inform. Carsten Eilers
"Verschlüsselung im NSA-Zeitalter" - Link- und Literaturverzeichnis
Kapitel 1: Sicherheit von symmetrischen Verfahren
Zurück
[1] FIPS PUB 46-2, Data Encryption Standard (DES)
[2] FIPS PUB 46-3, Data Encryption Standard (DES)
(PDF )
[3] Eli Biham, Adi Shamir: "Differential Cryptanalysis of DES-like Cryptosystems"
(PS.GZ )
[4] Bruce Schneier: "Applied Cryptography" (englisch, John Wiley & Sons 1996) / "Angewandte Kryptographie" (deutsch, Addison Wesley 1996)
(Website )
[5] Tom R. Johnson: " American Cryptology during the Cold War, 1945–1989: Book III: Retrenchment and Reform" , NSA, DOCID 3417193 (Seite 232 = Seite 114 im PDF)
(PDF )
[6] Tom R. Johnson: " American Cryptology during the Cold War, 1945–1989: Book III: Retrenchment and Reform" ,
FOIA-Veröffentlichung auf cryptome.org
mit weniger Schwärzungen
[7] Don Coppersmith: "The Data Encryption Standard (DES) and its strength against attacks"
(PDF )
[8] FAQ
zum "DES Cracker" der Electronic Frontier Foundation
[9] Electronic Frontier Foundation: "Cracking DES: Secrets of Encryption Research, Wiretap Politics, and Chip Design" [10] COPACOBANA - Special-Purpose Hardware for Code-Breaking
[11] SciEngines: "Break DES in less than a single day" [12] Department of Commerce, National Institute of Standards and Technology: "Announcing development of a federal information processing standard for advanced encryption standard" [13] Department of Commerce, National Institute of Standards and Technology: "Announcing request for candidate algorithm nominations for the advanced encryption standard (AES)" [14] NIST: AES Round 2 Information
[15] NIST Announces Encryption Standard Finalists
(PDF )
[16] Presseerklärung
"Commerce Department Announces Winner of Global Information Security Competition" [17] Federal Information Processing Standards Publication 197: Specification for the ADVANCED ENCRYPTION STANDARD (AES)
(PDF )
[18] Bruce Schneier, Schneier on Security: "The NSA's Cryptographic Capabilities" [19] James Ball, Julian Borger, Glenn Greenwald; The Guardian: "Revealed: how US and UK spy agencies defeat internet privacy and security" [20] Nicole Perlroth, Jeff Larson, Scott Shane; The New York Times: "N.S.A. Able to Foil Basic Safeguards of Privacy on Web" [21] Jeff Larson, Nicole Perlroth, Scott Shane; ProPublica: "Revealed: The NSA’s Secret Campaign to Crack, Undermine Internet Security" [22] Glenn Greenwald, The Guardian: "Edward Snowden: NSA whistleblower answers reader questions" "Is encrypting my email any good at defeating the NSA survelielance? Id my data protected by standard encryption?"
[23] Bruce Schneier, Schneier on Security: "The NSA Is Breaking Most Encryption on the Internet" "Ok, on to the big question. Is AES safe?" vom 6. September 2013
Kapitel 2: Sicherheit von asymmetrischen und hybriden Verfahren
[1] siehe Kapitel 1
[2] Ronald L. Rivest, Adi Shamir, Leonard Adleman: "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems"
(PDF )
[3] Wikipedia: Erweiterter euklidischer Algorithmus
[4] Wikipedia: Eulersche Phi-Funktion
[5] Newsgroup sci.crypt: "RSA factoring challenge" [6] RSA Laboratories: "The RSA Factoring Challenge" [7] RSA Laboratories: "The New RSA Factoring Challenge" [8] RSA Laboratories: "The RSA Challenge Numbers" [9] RSA Honor Roll (As of March 5, 1999)
[10] RSA Laboratories: "RSA-140 IS FACTORED!" [11] Kazumaro Aoki, Yuji Kida, Takeshi Shimoyama, Hiroki Ueda: "GNFS Factoring Statistics of RSA-100, 110, ..., 150" [12] RSA Laboratories: "RSA-155 IS FACTORED!" [13] RSA Laboratories: "RSA-160 IS FACTORED!" [14] Jens Franke: "We have factored RSA160 by gnfs." [15] Dominik Bonenberger, Martin Krone: "Factorization of RSA-170"
(PDF )
[16] RSA Laboratories: "RSA-576 IS FACTORED!" [17] S.A. Danilov, I.A. Popovyan: "Factorization of RSA-180" [18] I. Popovyan, A. Timofeev; mersenneforum.org: "RSA-190 factored" [19] RSA Laboratories: "RSA-640 IS FACTORED!" [20] Jens Franke: "We have factored RSA640 by GNFS." [21] RSA Laboratories: "RSA-200 IS FACTORED!" [22] Thorsten Kleinjung: "We have factored RSA200 by GNFS." [23] mersenneforum.org: "RSA-210 factored" [24] Shi Bai, Emmanuel Thomé, Paul Zimmermann: "Factorisation of RSA-704 with CADO-NFS"
(PDF )
[25] RSA Laboratories: "RSA-768 IS FACTORED!" [26] Thorsten Kleinjung, Kazumaro Aoki, Jens Franke, Arjen Lenstra, Emmanuel Thomé, Joppe Bos, Pierrick Gaudry, Alexander Kruppa, Peter Montgomery, Dag Arne Osvik, Herman te Riele, Andrey Timofeev, Paul Zimmermann:
"Factorization of a 768-bit RSA modulus" [27] RSA Laboratories: The RSA Challenge Numbers
[28] RSA Laboratories: The RSA Factoring Challenge FAQ
[29] Steven Rich, Barton Gellman; The Washington Post: "NSA seeks to build quantum computer that could crack most types of encryption" [30] Bruce Schneier: "I personally am concerned about any constant whose origins I don't personally trust."
(Kommentar
unter: Bruce Schneier: "The NSA Is Breaking Most Encryption on the Internet" )
[31] Bruce Schneier, theguardian.com: "NSA surveillance: A guide to staying secure" [32] Carsten Eilers: "Quo vadis, SSL? - Wie sicher sind HTTPS-Verbindungen noch?" , Entwickler Magazin 4.2012
[33] Joseph Menn, Reuters: "Exclusive: Secret contract tied NSA and security industry pioneer" [34] Speaking of Security - The RSA Blog and Podcast: "RSA Response to Media Claims Regarding NSA Relationship" [35] Jacob Appelbaum (@ioerror): "RC4 is broken in real time by the #NSA - stop using it." [36] Jacob Appelbaum (@ioerror): "I have confirmed it with several sources - including some with knowledge of #NSA #CES" [37] Steve Marquess; Mailingliste openssl-announce: "Flaw in Dual EC DRBG (no, not that one)"
Kapitel 3: Die NSA und ihr Einfluss auf Standards
[1] siehe Kapitel 1
[2] siehe Kapitel 2
[3] Daniel J. Bernstein: "Curve25519: A state-of-the-art Diffie-Hellman function" [4] OpenSSH: Changes since OpenSSH 6.4
[5] Ed25519: high-speed high-security signatures
[6] NIST Special Publication (SP) 800-90A: Recommendation for Random Number Generation Using Deterministic Random Bit Generators
(PDF , Version vom Januar 2012)
[7] Berry Schoenmakers, Andrey Sidorenko: "Cryptanalysis of the Dual Elliptic Curve Pseudorandom Generator" [8] Daniel R. L. Brown, Kristian Gjøsteen: "A Security Analysis of the NIST SP 800-90 Elliptic Curve Random Number Generator" [9] Dan Shumow, Niels Ferguson: "On the Possibility of a Back Door in the NIST SP800-90 Dual Ec Prng"
(PDF )
[10] Matthew Green: "The Many Flaws of Dual_EC_DRBG" [11] FIPS 140-2 - Security Requirements for Cryptographic Modules
(PDF )
[12] Steve Marquess, Mailingliste openssl-announce: "Flaw in Dual EC DRBG (no, not that one)" [13] RSA BSAFE
[14] Joseph Menn, Reuters: "Exclusive: Secret contract tied NSA and security industry pioneer" [15] RSA Security: RSA Response to Media Claims Regarding NSA Relationship
[16] Nicole Perlroth, Jeff Larson, Scott Shane; New York Times: "N.S.A. Able to Foil Basic Safeguards of Privacy on Web" [17] James Ball, Julian Borger, Glenn Greenwald; The Guardian: "Revealed: how US and UK spy agencies defeat internet privacy and security" [18] Jeff Larson, Nicole Perlroth, Scott Shane; ProPublica: "Revealed: The NSA’s Secret Campaign to Crack, Undermine Internet Security" [19] Nicole Perlroth, New York Times: "Government Announces Steps to Restore Confidence on Encryption Standards" [20] NIST: Supplemental ITL Bulletin for September 2013
(PDF )
[21] Kim Zetter, Wired: "RSA Tells Its Developer Customers: Stop Using NSA-Linked Algorithm" [22] Matthew Green: "RSA warns developers not to use RSA products" [23] NIST, Office of the Director: "Cryptographic Standards Statement" [24] NIST: SP 800-90 Arev1-B-C - DRAFT Draft SP 800-90 Series: Random Bit Generators
[25] NIST initiating Review of Cryptographic Standards Development Process
[26] RFC 4301 - Security Architecture for the Internet Protocol
[27] Niels Ferguson, Bruce Schneier: "A Cryptographic Evaluation of IPsec" [28] John Gilmore: "Re: [Cryptography] Opening Discussion: Speculation on "BULLRUN"" [29] Counterpane Labs: CMEA Cryptanalysis
[30] Microsoft Security Advisory (2880823) - Deprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate Program
[31] Amerk, Windows PKI blog: "SHA1 Deprecation Policy" [32] William Peteroy, Security Research & Defense Blog: "Security Advisory 2880823: Recommendation to discontinue use of SHA-1" [33] Microsoft Security Advisory (2862973) - Update for Deprecation of MD5 Hashing Algorithm for Microsoft Root Certificate Program
[34] NIST Computer Security Division - The SHA-3 Cryptographic Hash Algorithm Competition, November 2007 - October 2012
[35] The Keccak sponge function family
[36] NIST Computer Security Division - SHA-3 WINNER
[37] John Kelsey: "SHA3 - Past, Present, and Future"
(PDF )
[38] Keccak-Entwickler: "Yes, this is Keccak!" [39] Bruce Schneier: "Will Keccak = SHA-3?" [40] John M. Kelsey: "Moving forward with SHA3"
(PDF )
[41] European Union Agency for Network and Information Security (ENISA): "Algorithms, Key Sizes and Parameters Report" [42] Bundesnetzagentur für Elektrizität, Gas, Telekommunikation, Post und Eisenbahnen: "Bekanntmachung zur elektronischen Signatur nach dem Signaturgesetz und der Signaturverordnung (Übersicht über geeignete Algorithmen)" [43] NIST Special Publication (SP) 800-57: Recommendation for Key Management – Part 1: General (Revision 3)
(PDF )
[44] BetterCrypto*org
[45] BetterCrypto*org: "Applied Crypto Hardening"
(PDF )
Zurück
