Cryptography

  1. Key Management and Distribution
    1. Key Management Lifecycle
      1. Key Generation
        1. Random Number Generation
          1. True Random Number Generators
            1. Pseudorandom Number Generators
              1. Entropy Sources
                1. Seed Management
                2. Key Generation Algorithms
                  1. Symmetric Key Generation
                    1. Asymmetric Key Pair Generation
                      1. Parameter Selection
                      2. Key Quality Assessment
                        1. Statistical Testing
                          1. Entropy Measurement
                        2. Key Storage
                          1. Secure Storage Requirements
                            1. Access Control
                              1. Tamper Resistance
                                1. Environmental Protection
                                2. Software-based Storage
                                  1. Encrypted Key Files
                                    1. Operating System Keystores
                                      1. Application-level Protection
                                      2. Hardware-based Storage
                                        1. Hardware Security Modules
                                          1. Smart Cards
                                            1. Trusted Platform Modules
                                              1. Secure Elements
                                              2. Key Escrow
                                                1. Recovery Mechanisms
                                                  1. Split Knowledge
                                                    1. Dual Control
                                                  2. Key Distribution
                                                    1. Manual Key Distribution
                                                      1. Physical Transfer
                                                        1. Courier Services
                                                          1. Split Knowledge Techniques
                                                          2. Electronic Key Distribution
                                                            1. Key Distribution Centers
                                                              1. Public Key Infrastructure
                                                                1. Key Agreement Protocols
                                                                2. Key Transport vs. Key Agreement
                                                                  1. Security Properties
                                                                    1. Performance Considerations
                                                                  2. Key Usage
                                                                    1. Key Separation Principles
                                                                      1. Encryption Keys
                                                                        1. Authentication Keys
                                                                          1. Signature Keys
                                                                          2. Key Usage Policies
                                                                            1. Authorized Operations
                                                                              1. Usage Limitations
                                                                                1. Audit Requirements
                                                                                2. Key Rotation
                                                                                  1. Rotation Schedules
                                                                                    1. Backward Compatibility
                                                                                      1. Forward Secrecy
                                                                                    2. Key Archival and Recovery
                                                                                      1. Long-term Storage
                                                                                        1. Archive Formats
                                                                                          1. Storage Media
                                                                                            1. Environmental Controls
                                                                                            2. Key Recovery Procedures
                                                                                              1. Recovery Authorization
                                                                                                1. Recovery Mechanisms
                                                                                                  1. Audit Trails
                                                                                                  2. Business Continuity
                                                                                                    1. Disaster Recovery
                                                                                                      1. Backup Strategies
                                                                                                    2. Key Destruction
                                                                                                      1. Secure Deletion Methods
                                                                                                        1. Cryptographic Erasure
                                                                                                          1. Physical Destruction
                                                                                                            1. Overwriting Techniques
                                                                                                            2. Destruction Verification
                                                                                                              1. Audit Requirements
                                                                                                                1. Compliance Documentation
                                                                                                                2. End-of-Life Procedures
                                                                                                                  1. Decommissioning
                                                                                                                    1. Certificate Revocation
                                                                                                                3. Key Distribution Systems
                                                                                                                  1. Symmetric Key Distribution
                                                                                                                    1. Key Distribution Centers
                                                                                                                      1. Needham-Schroeder Protocol
                                                                                                                        1. Kerberos Authentication
                                                                                                                          1. Key Server Architecture
                                                                                                                          2. Pairwise Key Establishment
                                                                                                                            1. Pre-shared Keys
                                                                                                                              1. Key Derivation
                                                                                                                            2. Public Key Infrastructure
                                                                                                                              1. PKI Components
                                                                                                                                1. Certificate Authority
                                                                                                                                  1. Root CA
                                                                                                                                    1. Subordinate CA
                                                                                                                                      1. Cross-Certification
                                                                                                                                      2. Registration Authority
                                                                                                                                        1. Identity Verification
                                                                                                                                          1. Certificate Request Processing
                                                                                                                                          2. Certificate Repository
                                                                                                                                            1. Directory Services
                                                                                                                                              1. Certificate Distribution
                                                                                                                                            2. Digital Certificates
                                                                                                                                              1. X.509 Certificate Format
                                                                                                                                                1. Certificate Fields
                                                                                                                                                  1. Extensions
                                                                                                                                                    1. Certificate Profiles
                                                                                                                                                    2. Certificate Lifecycle
                                                                                                                                                      1. Certificate Request
                                                                                                                                                        1. Certificate Issuance
                                                                                                                                                          1. Certificate Renewal
                                                                                                                                                            1. Certificate Revocation
                                                                                                                                                          2. Certificate Validation
                                                                                                                                                            1. Certificate Chain Verification
                                                                                                                                                              1. Revocation Checking
                                                                                                                                                                1. Certificate Revocation Lists
                                                                                                                                                                  1. Online Certificate Status Protocol
                                                                                                                                                                    1. Short-lived Certificates
                                                                                                                                                                    2. Path Validation Algorithm
                                                                                                                                                                    3. Trust Models
                                                                                                                                                                      1. Hierarchical Trust
                                                                                                                                                                        1. Web of Trust
                                                                                                                                                                          1. Bridge CA Model
                                                                                                                                                                            1. Cross-Certification
                                                                                                                                                                            2. PKI Applications
                                                                                                                                                                              1. SSL/TLS Certificates
                                                                                                                                                                                1. Code Signing
                                                                                                                                                                                  1. Email Security
                                                                                                                                                                                    1. Document Signing
                                                                                                                                                                                  2. Key Agreement Protocols
                                                                                                                                                                                    1. Two-Party Key Agreement
                                                                                                                                                                                      1. Diffie-Hellman Variants
                                                                                                                                                                                        1. Elliptic Curve Key Agreement
                                                                                                                                                                                          1. Password-based Key Agreement
                                                                                                                                                                                          2. Multi-Party Key Agreement
                                                                                                                                                                                            1. Group Key Agreement
                                                                                                                                                                                              1. Conference Key Agreement
                                                                                                                                                                                              2. Authenticated Key Agreement
                                                                                                                                                                                                1. Station-to-Station Protocol
                                                                                                                                                                                                  1. MQV Protocol
                                                                                                                                                                                                    1. HMQV Protocol
                                                                                                                                                                                                2. Key Management Standards and Practices
                                                                                                                                                                                                  1. Key Management Standards
                                                                                                                                                                                                    1. NIST Key Management Guidelines
                                                                                                                                                                                                      1. ISO/IEC 11770 Series
                                                                                                                                                                                                        1. ANSI X9 Standards
                                                                                                                                                                                                        2. Key Management Best Practices
                                                                                                                                                                                                          1. Principle of Least Privilege
                                                                                                                                                                                                            1. Separation of Duties
                                                                                                                                                                                                              1. Key Ceremony Procedures
                                                                                                                                                                                                                1. Audit and Compliance
                                                                                                                                                                                                                2. Key Management in Different Contexts
                                                                                                                                                                                                                  1. Enterprise Key Management
                                                                                                                                                                                                                    1. Cloud Key Management
                                                                                                                                                                                                                      1. IoT Key Management
                                                                                                                                                                                                                        1. Mobile Device Key Management

                                                                                                                                                                                                                    Previous

                                                                                                                                                                                                                    6. Message Authentication and Integrity

                                                                                                                                                                                                                    Go to top

                                                                                                                                                                                                                    Next

                                                                                                                                                                                                                    8. Cryptanalysis and Security Analysis