"Verschlüsselung im NSA-Zeitalter" - Link- und Literaturverzeichnis
Dipl.-Inform. Carsten Eilers
"Verschlüsselung im NSA-Zeitalter" - Link- und Literaturverzeichnis
Kapitel 1: Sicherheit von symmetrischen Verfahren
Zurück
[1] FIPS PUB 46-2, Data Encryption Standard (DES)
[2] FIPS PUB 46-3, Data Encryption Standard (DES)
(PDF )
[3] Eli Biham, Adi Shamir: "Differential Cryptanalysis of DES-like Cryptosystems"
(PS.GZ )
[4] Bruce Schneier: "Applied Cryptography" (englisch, John Wiley & Sons 1996) / "Angewandte Kryptographie" (deutsch, Addison Wesley 1996)
(Website )
[5] Tom R. Johnson: " American Cryptology during the Cold War, 1945–1989: Book III: Retrenchment and Reform" , NSA, DOCID 3417193 (Seite 232 = Seite 114 im PDF)
(PDF )
[6] Tom R. Johnson: " American Cryptology during the Cold War, 1945–1989: Book III: Retrenchment and Reform" ,
FOIA-Veröffentlichung auf cryptome.org
mit weniger Schwärzungen
[7] Don Coppersmith: "The Data Encryption Standard (DES) and its strength against attacks"
(PDF )
[8] FAQ
zum "DES Cracker" der Electronic Frontier Foundation
[9] Electronic Frontier Foundation: "Cracking DES: Secrets of Encryption Research, Wiretap Politics, and Chip Design"
[10] COPACOBANA - Special-Purpose Hardware for Code-Breaking
[11] SciEngines: "Break DES in less than a single day"
[12] Department of Commerce, National Institute of Standards and Technology: "Announcing development of a federal information processing standard for advanced encryption standard"
[13] Department of Commerce, National Institute of Standards and Technology: "Announcing request for candidate algorithm nominations for the advanced encryption standard (AES)"
[14] NIST: AES Round 2 Information
[15] NIST Announces Encryption Standard Finalists
(PDF )
[16] Presseerklärung
"Commerce Department Announces Winner of Global Information Security Competition"
auf archive.org
[17] Federal Information Processing Standards Publication 197: Specification for the ADVANCED ENCRYPTION STANDARD (AES)
(PDF )
[18] Bruce Schneier, Schneier on Security: "The NSA's Cryptographic Capabilities" , 6. September 2013
[19] James Ball, Julian Borger, Glenn Greenwald; The Guardian: "Revealed: how US and UK spy agencies defeat internet privacy and security"
[20] Nicole Perlroth, Jeff Larson, Scott Shane; The New York Times: "N.S.A. Able to Foil Basic Safeguards of Privacy on Web"
[21] Jeff Larson, Nicole Perlroth, Scott Shane; ProPublica: "Revealed: The NSA’s Secret Campaign to Crack, Undermine Internet Security"
[22] Glenn Greenwald, The Guardian: "Edward Snowden: NSA whistleblower answers reader questions" ,
Antwort auf die Frage "Is encrypting my email any good at defeating the NSA survelielance? Id my data protected by standard encryption?"
[23] Bruce Schneier, Schneier on Security: "The NSA Is Breaking Most Encryption on the Internet" ,
5. September 2013, Antwort auf die Frage "Ok, on to the big question. Is AES safe?" vom 6. September 2013
Kapitel 2: Sicherheit von asymmetrischen und hybriden Verfahren
[1] siehe Kapitel 1
[2] Ronald L. Rivest, Adi Shamir, Leonard Adleman: "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems"
(PDF )
[3] Wikipedia: Erweiterter euklidischer Algorithmus
[4] Wikipedia: Eulersche Phi-Funktion
[5] Newsgroup sci.crypt: "RSA factoring challenge" , 18.3.1991
[6] RSA Laboratories: "The RSA Factoring Challenge"
[7] RSA Laboratories: "The New RSA Factoring Challenge" (14.7.2001, via archive.org)
[8] RSA Laboratories: "The RSA Challenge Numbers" (5.8.2001, via archive.org)
[9] RSA Honor Roll (As of March 5, 1999)
[10] RSA Laboratories: "RSA-140 IS FACTORED!"
[11] Kazumaro Aoki, Yuji Kida, Takeshi Shimoyama, Hiroki Ueda: "GNFS Factoring Statistics of RSA-100, 110, ..., 150"
[12] RSA Laboratories: "RSA-155 IS FACTORED!"
[13] RSA Laboratories: "RSA-160 IS FACTORED!"
[14] Jens Franke: "We have factored RSA160 by gnfs."
[15] Dominik Bonenberger, Martin Krone: "Factorization of RSA-170"
(PDF )
[16] RSA Laboratories: "RSA-576 IS FACTORED!"
[17] S.A. Danilov, I.A. Popovyan: "Factorization of RSA-180"
[18] I. Popovyan, A. Timofeev; mersenneforum.org: "RSA-190 factored"
[19] RSA Laboratories: "RSA-640 IS FACTORED!"
[20] Jens Franke: "We have factored RSA640 by GNFS."
[21] RSA Laboratories: "RSA-200 IS FACTORED!"
[22] Thorsten Kleinjung: "We have factored RSA200 by GNFS."
[23] mersenneforum.org: "RSA-210 factored"
[24] Shi Bai, Emmanuel Thomé, Paul Zimmermann: "Factorisation of RSA-704 with CADO-NFS"
(PDF )
[25] RSA Laboratories: "RSA-768 IS FACTORED!"
[26] Thorsten Kleinjung, Kazumaro Aoki, Jens Franke, Arjen Lenstra, Emmanuel Thomé, Joppe Bos, Pierrick Gaudry, Alexander Kruppa, Peter Montgomery, Dag Arne Osvik, Herman te Riele, Andrey Timofeev, Paul Zimmermann:
"Factorization of a 768-bit RSA modulus"
[27] RSA Laboratories: The RSA Challenge Numbers
[28] RSA Laboratories: The RSA Factoring Challenge FAQ
[29] Steven Rich, Barton Gellman; The Washington Post: "NSA seeks to build quantum computer that could crack most types of encryption"
[30] Bruce Schneier: "I personally am concerned about any constant whose origins I don't personally trust."
(Kommentar
unter: Bruce Schneier: "The NSA Is Breaking Most Encryption on the Internet" )
[31] Bruce Schneier, theguardian.com: "NSA surveillance: A guide to staying secure"
[32] Carsten Eilers: "Quo vadis, SSL? - Wie sicher sind HTTPS-Verbindungen noch?" , Entwickler Magazin 4.2012
[33] Joseph Menn, Reuters: "Exclusive: Secret contract tied NSA and security industry pioneer"
[34] Speaking of Security - The RSA Blog and Podcast: "RSA Response to Media Claims Regarding NSA Relationship"
[35] Jacob Appelbaum (@ioerror): "RC4 is broken in real time by the #NSA - stop using it."
[36] Jacob Appelbaum (@ioerror): "I have confirmed it with several sources - including some with knowledge of #NSA #CES"
[37] Steve Marquess; Mailingliste openssl-announce: "Flaw in Dual EC DRBG (no, not that one)"
Kapitel 3: Die NSA und ihr Einfluss auf Standards
[1] siehe Kapitel 1
[2] siehe Kapitel 2
[3] Daniel J. Bernstein: "Curve25519: A state-of-the-art Diffie-Hellman function"
[4] OpenSSH: Changes since OpenSSH 6.4
[5] Ed25519: high-speed high-security signatures
[6] NIST Special Publication (SP) 800-90A: Recommendation for Random Number Generation Using Deterministic Random Bit Generators
(PDF , Version vom Januar 2012)
[7] Berry Schoenmakers, Andrey Sidorenko: "Cryptanalysis of the Dual Elliptic Curve Pseudorandom Generator"
[8] Daniel R. L. Brown, Kristian Gjøsteen: "A Security Analysis of the NIST SP 800-90 Elliptic Curve Random Number Generator"
[9] Dan Shumow, Niels Ferguson: "On the Possibility of a Back Door in the NIST SP800-90 Dual Ec Prng"
(PDF )
[10] Matthew Green: "The Many Flaws of Dual_EC_DRBG"
[11] FIPS 140-2 - Security Requirements for Cryptographic Modules
(PDF )
[12] Steve Marquess, Mailingliste openssl-announce: "Flaw in Dual EC DRBG (no, not that one)"
[13] RSA BSAFE
[14] Joseph Menn, Reuters: "Exclusive: Secret contract tied NSA and security industry pioneer"
[15] RSA Security: RSA Response to Media Claims Regarding NSA Relationship
[16] Nicole Perlroth, Jeff Larson, Scott Shane; New York Times: "N.S.A. Able to Foil Basic Safeguards of Privacy on Web"
[17] James Ball, Julian Borger, Glenn Greenwald; The Guardian: "Revealed: how US and UK spy agencies defeat internet privacy and security"
[18] Jeff Larson, Nicole Perlroth, Scott Shane; ProPublica: "Revealed: The NSA’s Secret Campaign to Crack, Undermine Internet Security"
[19] Nicole Perlroth, New York Times: "Government Announces Steps to Restore Confidence on Encryption Standards"
[20] NIST: Supplemental ITL Bulletin for September 2013
(PDF )
[21] Kim Zetter, Wired: "RSA Tells Its Developer Customers: Stop Using NSA-Linked Algorithm"
[22] Matthew Green: "RSA warns developers not to use RSA products"
[23] NIST, Office of the Director: "Cryptographic Standards Statement"
[24] NIST: SP 800-90 Arev1-B-C - DRAFT Draft SP 800-90 Series: Random Bit Generators
[25] NIST initiating Review of Cryptographic Standards Development Process
[26] RFC 4301 - Security Architecture for the Internet Protocol
[27] Niels Ferguson, Bruce Schneier: "A Cryptographic Evaluation of IPsec"
[28] John Gilmore: "Re: [Cryptography] Opening Discussion: Speculation on "BULLRUN""
[29] Counterpane Labs: CMEA Cryptanalysis
[30] Microsoft Security Advisory (2880823) - Deprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate Program
[31] Amerk, Windows PKI blog: "SHA1 Deprecation Policy"
[32] William Peteroy, Security Research & Defense Blog: "Security Advisory 2880823: Recommendation to discontinue use of SHA-1"
[33] Microsoft Security Advisory (2862973) - Update for Deprecation of MD5 Hashing Algorithm for Microsoft Root Certificate Program
[34] NIST Computer Security Division - The SHA-3 Cryptographic Hash Algorithm Competition, November 2007 - October 2012
[35] The Keccak sponge function family
[36] NIST Computer Security Division - SHA-3 WINNER
[37] John Kelsey: "SHA3 - Past, Present, and Future"
(PDF )
[38] Keccak-Entwickler: "Yes, this is Keccak!"
[39] Bruce Schneier: "Will Keccak = SHA-3?"
[40] John M. Kelsey: "Moving forward with SHA3"
(PDF )
[41] European Union Agency for Network and Information Security (ENISA): "Algorithms, Key Sizes and Parameters Report"
[42] Bundesnetzagentur für Elektrizität, Gas, Telekommunikation, Post und Eisenbahnen: "Bekanntmachung zur elektronischen Signatur nach dem Signaturgesetz und der Signaturverordnung (Übersicht über geeignete Algorithmen)"
[43] NIST Special Publication (SP) 800-57: Recommendation for Key Management – Part 1: General (Revision 3)
(PDF )
[44] BetterCrypto*org
[45] BetterCrypto*org: "Applied Crypto Hardening"
(PDF )
Zurück