RSA Labs FAQ 4.0

Table of Contents......Page 3
Foreword......Page 8
Question 1.1.  What is the RSA Laboratories' Frequently Asked Questions About  Today's Cryptography?......Page 9
Question 1.2.  What is cryptography?......Page 10
Question 1.3.  What are some of the more popular techniques in cryptography?......Page 11
Question 1.4.  How is cryptography applied?......Page 12
Question 1.5.  What are cryptography standards?......Page 14
Question 1.6.  What is the role of the United States government in cryptography?......Page 15
Question 1.7.  Why is cryptography important?......Page 16
Question 2.1.1.  What is public-key cryptography?......Page 18
Question 2.1.2.  What is secret-key cryptography?......Page 19
Question 2.1.3.  What are the advantages and disadvantages of public-key  cryptography compared with secret-key cryptography?......Page 20
Question 2.1.4.  What is a block cipher?......Page 21
Question 2.1.5.  What is a stream cipher?......Page 25
Question 2.1.6.  What is a hash function?......Page 27
Question 2.1.7.  What are Message Authentication Codes (MACs)?......Page 28
Question 2.1.8.  What are interactive proofs and zero-knowledge proofs?......Page 29
Question 2.1.9.  What are secret sharing schemes?......Page 30
Question 2.2.1.  What is privacy?......Page 31
Question 2.2.2.  What is a digital signature and what is authentication?......Page 32
Question 2.2.3.  What is a key agreement protocol?......Page 33
Question 2.2.4.  What is a digital envelope?......Page 34
Question 2.2.5.  What is identification?......Page 35
Question 2.3.1.  What is a hard problem?......Page 36
Question 2.3.2.  What is a one-way function?......Page 37
Question 2.3.3.  What is the factoring problem?......Page 38
Question 2.3.4.  What are the best factoring methods in use today?......Page 39
Question 2.3.5.  What improvements are likely in factoring capability?......Page 40
Question 2.3.7.  What is the discrete logarithm problem?......Page 42
Question 2.3.8.  What are the best discrete logarithm methods in use today?......Page 43
Question 2.3.9.   What are the prospects for a theoretical breakthrough in the  discrete log problem?......Page 44
Question 2.3.10.  What are elliptic curves?......Page 45
Question 2.3.11.  What are lattice-based cryptosystems?......Page 46
Question 2.3.12.  What are some other hard problems?......Page 47
Question 2.4.1.  What is cryptanalysis?......Page 48
Question 2.4.2.  What are some of the basic types of cryptanalytic attack?......Page 49
Question 2.4.3.  What is exhaustive key search?......Page 50
Question 2.4.4.  What is the RSA Secret Key Challenge?......Page 51
Question 2.4.5.  What are the most important attacks on symmetric block ciphers?......Page 52
Question 2.4.7.  What are the most important attacks on stream ciphers?......Page 54
Question 2.4.8.  What are the most important attacks on MACs?......Page 55
Question 2.4.9.  At what point does an attack become practical?......Page 56
Question 2.5.1.   What is primality testing?......Page 57
Question 2.5.2.  What is random number generation?......Page 58
Question 3.1.1.  What is RSA?......Page 59
Question 3.1.2. How fast is RSA?......Page 60
Question 3.1.3.  What would it take to break RSA?......Page 61
Question 3.1.4.  What are strong primes and are they necessary for RSA?......Page 62
Question 3.1.5.  How large a key should be used in RSA?......Page 63
Question 3.1.6.  Could users of RSA run out of distinct primes?......Page 64
Question 3.1.7.  How is RSA used for privacy in practice?......Page 65
Question 3.1.8.  How is RSA used for authentication and digital signatures in practice?......Page 66
Question 3.1.9.  Is RSA currently in use?......Page 67
Question 3.1.10.  Is RSA an official standard today?......Page 68
Question 3.1.11.  Is RSA a de facto standard?......Page 69
Question 3.2.1.  What is DES?......Page 70
Question 3.2.2.  Has DES been broken?......Page 71
Question 3.2.3.  How does one use DES securely?......Page 72
Question 3.2.4.  Should one test for weak keys in DES?......Page 73
Question 3.2.5.  Is DES a group?......Page 74
Question 3.2.6.  What is triple-DES?......Page 75
Question 3.2.7.  What is DES-X?......Page 76
Question 3.2.8.  What are some other DES variants?......Page 77
Question 3.3.1.  What is the AES?......Page 78
Question 3.3.2.  What are some candidates for the AES?......Page 79
Question 3.3.3.  What is the schedule for the AES?......Page 80
Question 3.4.1.  What are DSA and DSS?......Page 81
Question 3.4.2.  Is DSA secure?......Page 82
Question 3.5.1.  What are elliptic curve cryptosystems?......Page 83
Question 3.5.2.  Are elliptic curve cryptosystems secure?......Page 84
Question 3.5.3.  Are elliptic curve cryptosystems widely used?......Page 85
Question 3.5.4.  How do elliptic curve cryptosystems compare with other cryptosystems?......Page 86
Question 3.6.1.  What is Diffie-Hellman?......Page 87
Question 3.6.2.  What is RC2?......Page 88
Question 3.6.3.  What is RC4?......Page 89
Question 3.6.4.  What is RC5?......Page 90
Question 3.6.5.  What are SHA and SHA-1?......Page 91
Question 3.6.6.  What are MD2, MD4, and MD5?......Page 92
Question 3.6.7.  What are some other block ciphers?......Page 93
Question 3.6.8.  What are some other public-key cryptosystems?......Page 95
Question 3.6.9.  What are some other signature schemes?......Page 97
Question 3.6.10.  What are some other stream ciphers?......Page 98
Question 3.6.11.  What other hash functions are there?......Page 99
Question 3.6.12.  What are some secret sharing schemes?......Page 100
Question 4.1.1.  What is key management?......Page 102
Question 4.1.2.1.  What key size should be used?......Page 103
Question 4.1.2.2.  How does one find random numbers for keys?......Page 104
Question 4.1.2.3.  What is the life cycle of a key?......Page 105
Question 4.1.3.1.  What is a PKI?......Page 106
Question 4.1.3.2.  Who needs a key pair?......Page 107
Question 4.1.3.3.  How does one get a key pair?......Page 108
Question 4.1.3.4.  Should a key pair be shared among users?......Page 109
Question 4.1.3.5.  What happens when a key expires?......Page 110
Question 4.1.3.6.  What happens if my key is lost?......Page 111
Question 4.1.3.7.  What happens if my private key is compromised?......Page 112
Question 4.1.3.8.  How should I store my private key?......Page 113
Question 4.1.3.9.  How do I find someone else's public key?......Page 114
Question 4.1.3.10.  What are certificates?......Page 115
Question 4.1.3.11.  How are certificates used?......Page 116
Question 4.1.3.12.  Who issues certificates and how?......Page 117
Question 4.1.3.13.  How do certifying authorities store their private keys?......Page 118
Question 4.1.3.14.  How are certifying authorities susceptible to attack?......Page 119
Question 4.1.3.15.  What if a certifying authority's key is lost or compromised?......Page 120
Question 4.1.3.16.  What are Certificate Revocation Lists (CRLs)?......Page 121
Question 4.2.1. What is electronic money?......Page 122
Question 4.2.2.  What is iKP?......Page 123
Question 4.2.3.  What is SET?......Page 124
Question 4.2.4.  What is Mondex?......Page 125
Question 4.2.5.  What are micropayments?......Page 126
Question 5.1.1.  What is S/MIME?......Page 127
Question 5.1.2.  What is SSL?......Page 128
Question 5.1.3.  What is S/WAN?......Page 129
Question 5.1.4.  What is IPSec?......Page 130
Question 5.1.5.  What is SSH?......Page 131
Question 5.1.6.  What is Kerberos?......Page 132
Question 5.2.1.  What are CAPIs?......Page 133
Question 5.2.2.  What is the GSS-API?......Page 134
Question 5.2.3.  What are RSA BSAFE CRYPTO-C and RSA BSAFE CRYPTO-J?......Page 135
Question 5.2.4.  What is SecurPC?......Page 136
Question 5.2.5.  What is SecurID?......Page 137
Question 5.2.6.  What is PGP?......Page 138
Question 5.3.1.  What are ANSI X9 standards?......Page 139
Question 5.3.2.  What are the ITU-T (CCITT) Standards?......Page 141
Question 5.3.3.  What is PKCS?......Page 143
Question 5.3.4.  What are ISO standards?......Page 144
Question 5.3.5.  What is IEEE P1363?......Page 145
Question 5.3.6.  What are some other cryptography specifications?......Page 146
Section 6.1.  Legal Disclaimer.......Page 147
Question 6.2.1.  What is NIST?......Page 148
Question 6.2.2.  What is the NSA?......Page 149
Question 6.2.3.  What is Capstone?......Page 150
Question 6.2.4.  What is Clipper?......Page 151
Question 6.2.5.  What is the Current Status of Clipper?......Page 152
Question 6.2.6.  What is Fortezza?......Page 153
Question 6.3.1.  Is RSA patented?......Page 154
Question 6.3.2.  Is DSA patented?......Page 155
Question 6.3.3.  Is DES patented?......Page 156
Question 6.3.4.  Are elliptic curve cryptosystems patented?......Page 157
Question 6.3.5.  What are the important patents in cryptography?......Page 158
Question 6.4.1.  Can RSA be exported from the United States?......Page 159
Question 6.4.2.  Can DES be exported from the United States?......Page 160
Question 6.4.3.  Why is cryptography export-controlled?......Page 161
Question 6.4.4.  Are digital signature applications exportable from the United States?......Page 162
Question 6.5.1.  Which major countries have import restrictions on cryptography?......Page 163
Question 7.1.  What is probabilistic encryption?......Page 164
Question 7.2.  What are special signature schemes?......Page 165
Question 7.3.  What is a blind signature scheme?......Page 166
Question 7.4.  What is a designated confirmer signature?......Page 167
Question 7.5.  What is a fail-stop signature scheme?......Page 168
Question 7.6.  What is a group signature?......Page 169
Question 7.7.  What is a one-time signature scheme?......Page 170
Question 7.8.  What is an undeniable signature scheme?......Page 171
Question 7.9.  What are on-line/off-line signatures?......Page 172
Question 7.10.  What is OAEP?......Page 173
Question 7.11.  What is digital timestamping?......Page 174
Question 7.12.  What is key recovery?......Page 176
Question 7.13.  What are LEAFs?......Page 177
Question 7.14.  What is PSS/PSS-R?......Page 178
Question 7.15.  What are covert channels?......Page 179
Question 7.16.  What are proactive security techniques?......Page 180
Question 7.17.  What is quantum computing?......Page 181
Question 7.18. What is quantum cryptography?......Page 182
Question 7.19.  What is DNA computing?......Page 183
Question 7.20.  What are biometric techniques?......Page 184
Question 7.21.  What is tamper-resistant hardware?......Page 185
Question 7.22.  How are hardware devices made tamper-resistant?......Page 186
Question 8.1.  Where can I learn more about cryptography?......Page 187
Question 8.2.  Where can I learn more about cryptographic protocols and architecture?......Page 188
Question 8.3.  Where can I learn more about recent advances in cryptography?......Page 189
Question 8.4.  Where can I learn more about electronic commerce?......Page 190
Question 8.5.  Where can I learn more about cryptography standards?......Page 191
Question 8.6.  Where can I learn more about laws concerning cryptography?......Page 192
Glossary......Page 193
References......Page 203