-
Notifications
You must be signed in to change notification settings - Fork 1
/
temporary.tex
149 lines (119 loc) · 5.95 KB
/
temporary.tex
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
\subsection{Not yet cited}
8.1 IPsec:
\url{https://en.wikipedia.org/wiki/Internet_Security_Association_and_Key_Management_Protocol#Implementation}
\url{https://en.wikipedia.org/wiki/Internet_Key_Exchange}
\url{https://tools.ietf.org/html/rfc7296 (IKEv2)}
\url{https://en.wikipedia.org/wiki/IPsec}
\url{https://trac.ietf.org/trac/sec/wiki (Security Area)}
\url{https://tools.ietf.org/html/rfc2407 (ddp)}
\url{https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Cipher_Block_Chaining_(CBC)}
\url{https://tools.ietf.org/html/rfc3602} (Frankel)
Additional IKE references:
ISAKMP:
\url{https://en.wikipedia.org/wiki/Internet_Security_Association_and_Key_Management_Protocol}
\url{http://www.racoon2.wide.ad.jp/w/}
\url{http://www.kame.net/racoon/}
<our URL>
AES-CBC use in IPsec:
\url{https://tools.ietf.org/html/rfc3602}
NIST key length recommendations:
\url{https://www.keylength.com/en/4/}
\url{https://www.keylength.com/en/}
Lenstra, Verheul, Selecting Cryptographic Key Sizes, J. Cryptology
(2001),. 14:255-293
\url{https://infoscience.epfl.ch/record/164526/files/NPDF-22.pdf}
IP Security Maintenance and Extensions (ipsecme) Working Group
\url{https://datatracker.ietf.org/wg/ipsecme/about/}
IPsec mailing list archives:
\url{https://mailarchive.ietf.org/arch/browse/ipsec/}
Searching that for "lifetime" resulted in (as of 2019/6/19) 1,018
email messages, the oldest of which was from July, 1993, and doesn't
seem relevant.
8.2 General crypto:
\url{https://en.wikipedia.org/wiki/Advanced_Encryption_Standard }
\url{https://brilliant.org/wiki/rsa-encryption/}
\url{https://en.wikipedia.org/wiki/RSA_(cryptosystem)}
\url{https://en.wikipedia.org/wiki/Forward_secrecy}
And of course the books
Schneier, Applied Cryptography
\url{https://www.schneier.com/books/applied_cryptography/}
Schneier, Ferguson, Kohno, Cryptography Engineering
\url{https://www.schneier.com/books/cryptography_engineering/}
Menezes, van Oorschot, Vanstone, Handbook of Applied Cryptography
\url{http://cacr.uwaterloo.ca/hac/}
(all chapters are available as free PDF downloads)
8.3 Cryptanalysis:
\url{https://en.wikipedia.org/wiki/Differential_cryptanalysis}
\url{https://en.wikipedia.org/wiki/Linear_cryptanalysis}
\url{https://www.cs.rit.edu/~ib/Classes/CS482-705_Winter10-11/Slides/crypto_lc.pdf}
\url{http://www.engr.mun.ca/~howard/Research/Papers/ldc_tutorial.html}
\url{http://www.ciphersbyritter.com/RES/LINANA.HTM} (a lit survey on LC;
rather ad hoc)
8.4 Key lifetime \& length:
\url{https://www.cryptomathic.com/news-events/blog/exploring-the-lifecycle-of-a-cryptographic-key-}
\url{https://searchsecurity.techtarget.com/definition/cryptoperiod}
\url{https://www.keylength.com/en/4/}
\url{https://arxiv.org/abs/quant-ph/0306078}
\url{https://royalsocietypublishing.org/doi/10.1098/rspa.2004.1372}
\url{https://www.physics.utoronto.ca/research/quantum-optics/cqiqc_events/jean-christian-boileau-tba}
\url{https://learningnetwork.cisco.com/thread/25765}
\url{http://cseweb.ucsd.edu/~mihir/}
\url{http://mathworld.wolfram.com/BirthdayAttack.html}
\url{https://danielmiessler.com/study/birthday_attack/}
\url{https://www.sciencedirect.com/topics/computer-science/birthday-attack}
(a collection of links to other books and materials mentioning the
birthday attack; some are relevant here, others less so)
\url{https://www.keylength.com/en/compare/}
\url{https://infoscience.epfl.ch/record/164526/files/NPDF-22.pdf} (Lenstra)
\url{https://mailarchive.ietf.org/arch/msg/ipsec/T1woQuwh1Ccoz6fWWFDBETBllaY}
(brief but good discussion of rekeying lifetime)
\url{https://en.wikipedia.org/wiki/Key_size} (not very well written)
\url{https://www.keylength.com/en/3/} (includes relative strength of algos)
\url{https://blog.cloudflare.com/why-are-some-keys-small/} (good article)
\url{https://www.ecrypt.eu.org/csa/documents/D5.4-FinalAlgKeySizeProt.pdf}
(2018 recommendations, 574 references)
\url{https://link.springer.com/chapter/10.1007/3-540-44448-3_42} (Abdalla \& Bellare)
\url{https://eprint.iacr.org/2012/623}
Cryptology eprint by David McGrew,
discussed in messages such as
\url{https://mailarchive.ietf.org/arch/msg/ipsec/7V6ry4le7eU3v283uF5D3Y9lCsU}
and
\url{https://mailarchive.ietf.org/arch/msg/ipsec/fQciMNrxTdsM3CNTAP0F4CKjjtc}
The former of those also discusses biclique attacks on AES.
8.5 Crypto law:
\url{http://www.cryptolaw.org/cls2.htm}
(country-by-country crypto export
status as of 2013)
\url{https://en.wikipedia.org/wiki/40-bit_encryption}
(the U.S. had a 40-bit
limit in 1990s; not clear to me when it was relaxed)
8.6 Bitcoin:
\url{https://driveinsider.com/the-quantum-attack-on-bitcoin/}
\url{https://www.bitcoinmarketjournal.com/how-many-people-use-bitcoin/}
\url{https://arxiv.org/abs/1710.10377}
\url{https://cointelegraph.com/news/quantum-computing-vs-blockchain-impact-on-cryptography}
(not very accurate)
8.7 Others:
\url{https://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=5208}
(38th FOCS)
\url{https://cloud.google.com/security/encryption-at-rest/default-encryption/}
(describes some of Google's current practices and planned upgrades wrt
encryption)
\url{https://info.townsendsecurity.com/km-trends}
\url{https://en.wikipedia.org/wiki/Key_management}
\url{https://www.theregister.co.uk/2019/06/26/amd_epyc_key_security_flaw/}
U.S. presidential candidate Andrew Yang has a policy on quantum
computing and encryption standards!
\url{https://www.yang2020.com/policies/quantum-computing/}
\url{https://blogs.technet.microsoft.com/secguide/2014/04/07/why-were-not-recommending-fips-mode-anymore/}
\url{https://en.wikipedia.org/wiki/FIPS_140-2}
Mozilla moved to limit the lifetime of TLS connections in 2016:
\url{https://bugzilla.mozilla.org/show_bug.cgi?id=1268745}
(found via SWEET32)
This was based in part on a paper by Luykx and Paterson, apparently,
though the PDF is dated later than the Mozilla web page above.
Atul Luykx and Kenneth G. Paterson
Limits on Authenticated Encryption Use in TLS
Weak PRNGs, including Microsoft's, and RSA/NSA elliptic curve
generator:
\url{https://en.wikipedia.org/wiki/Random_number_generator_attack}