Cryptography

Cryptography (or cryptology; from Greek κρυπτός kryptós, « hidden, secret »; and γράφειν graphein, « writing », or -λογία -logia, « study », respectively) is the practice and study of techniques for secure communication in the presence of third parties (called adversaries). More generally, it is about constructing and analyzing protocols that block adversaries; various aspects in information security such as data confidentiality, data integrity, authentication, and non-repudiation are central to modern cryptography. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, and electrical engineering. Applications of cryptography include ATM cards, computer passwords, and electronic commerce.

Cryptography law

Cryptography law

 

Cryptography law

 

Issues regarding cryptography law fall into four categories :

  • Export control, which is the restriction on export of cryptography methods within a country to other countries or commercial entities. There are international export control agreements, the main one being the Wassenaar Arrangement. The Wassenaar Arrangement was created after the dissolution of COCOM (Coordinating committee for Multilateral Export Controls), which in 1989 « decontrolled password and authentication-only cryptography. »
  • Import controls, which is the restriction on using certain types of cryptography within a country.
  • Patent issues, which deal with the use of cryptography tools that are patented.
  • Search and seizure issues, on whether and under what circumstances, a person can be compelled to decrypt data files or reveal an encryption key.

 

Cryptography law in different countries

 

France. As of 2011 and since 2004, the law for trust in the digital economy (LCEN) mostly liberalized the use of cryptography. As long as cryptography is only used for authentication and integrity purposes, it can be freely used. The cryptographic key or the nationality of the entities involved in the transaction do not matter. Typical e-business websites fall under this liberalized regime. Exportation and importation of cryptographic tools to or from foreign countries must be either declared (when the other country is a member of the European Union) or requires an explicit authorization (for countries outside the EU).

 

United States. In the United States, the International Traffic in Arms Regulation restricts the export of cryptography. The export of cryptography from the United States is the transfer from the United States to another country of devices and technology related to cryptography. Export of cryptographic technology was severely restricted by U.S. law until 1992, but was gradually eased until 2000; some restrictions still remain. Since World War II, many governments, including the U.S. and its NATO allies, have regulated the export of cryptography for national security considerations, and, as late as 1992, cryptography was on the U.S. Munitions List as an Auxiliary Military Equipment. In light of the enormous impact of cryptanalysis in World War II, it was abundantly clear to these governments that denying current and potential enemies access to cryptographic systems looked to be militarily valuable. They also wished to monitor the diplomatic communications of other nations, including the many new nations that were emerging in the post-colonial period and whose position on Cold War issues was regarded as vital. Since the U.S. and U.K. had, they believed, developed more advanced cryptographic capabilities than others, the intelligence agencies in these countries had a notion that controlling all dissemination of the more effective crypto techniques might be beneficial.

The First Amendment made controlling all use of cryptography inside the U.S. difficult, but controlling access to U.S. developments by others was thought to be more practical — there were at least no constitutional impediments. Accordingly, regulations were introduced as part of munitions controls which required licenses to export cryptographic methods (and even their description); the regulations established that cryptography beyond a certain strength (defined by algorithm and length of key) would not be licensed for export except on a case-by-case basis. The expectation seems to have been that this would further national interests in reading ‘their’ communications and prevent others from reading ‘ours’. This policy was also adopted elsewhere for various reasons.

The development, and public release, of Data Encryption Standard (DES) and asymmetric key techniques in the 1970s, the rise of the Internet, and the willingness of some to risk and resist prosecution, eventually made this policy impossible to enforce, and by the late 1990s it was being relaxed in the U.S., and to some extent (e.g., France) elsewhere. As late as 1997, NSA officials in the US were concerned that the widespread use of strong encryption will frustrate their ability to provide SIGINT regarding foreign entities, including terrorist groups operating internationally. NSA officials anticipated that the American encryption software backed by an extensive infrastructure, when marketed, was likely to become a standard for international communications. In 1997, Louis Freeh, then the Director of the FBI, said For law enforcement, framing the issue is simple. In this time of dazzling telecommunications and computer technology where information can have extraordinary value, the ready availability of robust encryption is essential. No one in law enforcement disputes that. Clearly, in today’s world and more so in the future, the ability to encrypt both contemporaneous communications and stored data is a vital component of information security.

As is so often the case, however, there is another aspect to the encryption issue that if left unaddressed will have severe public safety and national security ramifications. Law enforcement is in unanimous agreement that the widespread use of robust non-key recovery encryption ultimately will devastate our ability to fight crime and prevent terrorism. Uncrackable encryption will allow drug lords, spies, terrorists and even violent gangs to communicate about their crimes and their conspiracies with impunity. We will lose one of the few remaining vulnerabilities of the worst criminals and terrorists upon which law enforcement depends to successfully investigate and often prevent the worst crimes. For this reason, the law enforcement community is unanimous in calling for a balanced solution to this problem.

Share this post from Rbcafe :
Share on FacebookShare on Google+Share on LinkedInTweet about this on Twitter

Corecrypto

corecrypto

Cryptographic Libraries

The same libraries that secure iOS and OS X are available to third‑party developers to help them build advanced security features.

Security Framework

Security Framework provides interfaces for managing certificates, public and private keys, and trust policies. It supports the generation of cryptographically secure pseudorandom numbers. It also supports the storage of certificates and cryptographic keys in the keychain, which is a secure repository for sensitive user data.

Common Crypto

The Common Crypto library provides additional support for operations like symmetric encryption, hash-based message authentication codes, and digests.

corecrypto

Both Security Framework and Common Crypto rely on the corecrypto library to provide implementations of low level cryptographic primitives. This is also the library submitted for validation of compliance with U.S. Federal Information Processing Standards (FIPS) 140-2 Level 1. Although corecrypto does not directly provide programming interfaces for developers and should not be used by iOS or OS X apps, the source code is available to allow for verification of its security characteristics and correct functioning.

Share this post from Rbcafe :
Share on FacebookShare on Google+Share on LinkedInTweet about this on Twitter

Cryptext review by Softpedia

 

Cryptext

Cryptext

 

Cryptext is a basic Mac OS X text encryption/decryption utility featuring a plain-looking user interface and support for the 2 AES methods of encryption.

The utility is designed to help you secure sensitive information, such as notes or other pieces of writing and share them with others.

Well-organized encryption and decryption tool that can be setup in no time

The application’s main window is divided into 3 tabs, one for entering the text string you want to secure and encrypting or decrypting it, another tab for checking the logs and the third for accessing the preferences.

Before being able to process a piece of text, you must specify the password and AES key from the preferences, as well as the AES mode, which is of 2 kinds. Also from the preferences, you can choose the text and background colors that suit your needs the most.

 

Cryptext

 

Effortlessly encrypt or decrypt any text string with a press of a button

After finishing these steps, you can enter your text in the Cryptext tab and encrypt it by clicking a button.

The generated sequence of letters and numbers can be easily copied to your clipboard, and then saved to a local text file or emailed. In order to decrypt encrypted text, you will have to specify the password and key, of course.

Furthermore, the passwords are safely stored inside your operating system’s keychains. Also, Cryptext comes with an extensive help section that will guide you through all the important aspects of the app you need to be aware of.

Protect your notes without having to deal with a complicated workflow

Taking everything into consideration, the Cryptext app does not reinvent the wheel as far text encryption/decryption apps are concerned, but it offers a highly intuitive workflow and support for 2 different AES algorithms. Securing text is as easy as it gets with Cryptext

 

 

Share this post from Rbcafe :
Share on FacebookShare on Google+Share on LinkedInTweet about this on Twitter

Crypt version 1.0.4

Version 1.0.4

 Crypt

– Addition of Crypt cleaner. (Clean references, etc…)
– Addition of preferences.
– Addition of references. (List of references to files or encrypted files)
– Addition of a toolbar.
– Correction of the background.
– Correction of the interface.
– Correction of numerous bugs. (Thanks to critics)
– Correction of password storage.
– Correction of translations.

Share this post from Rbcafe :
Share on FacebookShare on Google+Share on LinkedInTweet about this on Twitter

Historique de Hash

Historique du logiciel Hash.

 Hash

Version 1.0.0
– Initial release.

Version 1.0.2
– Addition of SHA256 algorithm.
– Addition of DSS1 algorithm.
– Addition of Algorithms menu.
– Addition of Window menu.
– Addition of Algorithms selector.

Share this post from Rbcafe :
Share on FacebookShare on Google+Share on LinkedInTweet about this on Twitter

Cryptext version 1.0.8

Version 1.0.8

 Cryptext

– Correction of colors.
– Correction of compatibility.
– Correction of drag and drop.
– Correction of the localizations.
– Correction of the documentation.
– Addition of transparency.

Share this post from Rbcafe :
Share on FacebookShare on Google+Share on LinkedInTweet about this on Twitter

Cryptext version 1.0.6

Version 1.0.6

 Cryptext

– Correction of the save process.
– Correction of cryptography.
– Correction of width and height.
– Correction of code.

Share this post from Rbcafe :
Share on FacebookShare on Google+Share on LinkedInTweet about this on Twitter

Cryptext version 1.0.5

Version 1.0.5

 Cryptext

– Correction of the translations.
– Correction of the AES key.
– Correction of the logs.
– Code correction.

Share this post from Rbcafe :
Share on FacebookShare on Google+Share on LinkedInTweet about this on Twitter
Page 1 sur 512345
Rbcafe © 2004- | Rb Cafe 1.3 | Contacter Rbcafe | Rbcafe sur Twitter | Rbcafe sur Facebook | Politique de confidentialité