FACTOID # 25: If you're tired of sitting in traffic on your way to work, move to North Dakota.
 
 Home   Encyclopedia   Statistics   States A-Z   Flags   Maps   FAQ   About 
   
 
WHAT'S NEW
 

SEARCH ALL

FACTS & STATISTICS    Advanced view

Search encyclopedia, statistics and forums:

 

 

(* = Graphable)

 

 


Encyclopedia > Integrated Encryption Scheme

Integrated Encryption Scheme (IES) is a public-key encryption scheme which provides semantic security against an adversary who is allowed to use chosen-plaintext and chosen-ciphertext attacks. The scheme is based on Diffie-Hellman problem. Two incarnations of the IES are standardized: Discrete Logarithm Integrated Encryption Scheme (DLIES) and Elliptic Curve Integrated Encryption Scheme (ECIES), which is also known as the Elliptic Curve Augmented Encryption Scheme or simply the Elliptic Curve Encryption Scheme. These two incarnations are identical up to the change of an underlying group and so to be concrete we concentrate on the latter. Public key cryptography is a form of cryptography which generally allows users to communicate securely without having prior access to a shared secret key. ... In cryptography, encryption is the process of obscuring information to make it unreadable without special knowledge. ... Semantic security is a widely-used definition for security in an asymmetric key encryption algorithm. ... In cryptography, an adversary (rarely opponent, enemy) is a malicious entity whose aim is to prevent the users of the cryptosystem from achieving their goal (primarily privacy, integrity and availability of data). ... The Diffie-Hellman problem (DHP) is an open problem in number theory developed by Whitfield Diffie and Martin Hellman with implications for modern cryptography. ... In abstract algebra and its applications, the discrete logarithms are defined in group theory in analogy to ordinary logarithms. ... In mathematics, an elliptic curve is a plane curve defined by an equation of the form y2 = x3 + a x + b, which is non-singular; that is, its graph has no cusps or self-intersections. ...


To send an encrypted message to Bob using ECIES Alice needs the following information:

  • cryptographic suite to be used:
    • KDF, e.g., ANSI-X9.63-KDF with SHA-1 option;
    • MAC, e.g., HMAC-SHA-1-160 with 160-bit keys or HMAC-SHA-1-80 with 160-bit keys;
    • symmetric encryption scheme E, e.g., 3-key TDES in CBC mode or XOR encryption scheme;
  • EC domain parameters: (p,a,b,G,n,h) for a curve over prime field or (m,f(x),a,b,G,n,h) for a curve over binary field;
  • Bob's public key: KB (Bob generates it as follows: KB = kBG, where k_B is the private key he chooses at random: k_B in [1, n-1]);
  • optional shared information: S1 and S2.

To encrypt a message m Alice does the following: A Key derivation function or key stretcher is a cryptographic hash function which is designed to make a key or password harder to attack using a precomputed dictionary attack or brute force attack. ... A cryptographic message authentication code (MAC) is a short piece of information used to authenticate a message. ... Symmetric-key algorithms are a class of algorithms for cryptography that use trivially related cryptographic keys for both decryption and encryption. ...

  1. generates a random number r in [1, n-1] and calculates R = rG;
  2. derives a shared secret: S = Px, where P = (Px,Py) = rKB (and P ne O);
  3. uses KDF to derive a symmetric encryption and a MAC keys: k_E | k_M = textrm{KDF}(S|S_1);
  4. encrypts the message: c = E(kE;m);
  5. computes the tag of encrypted message and S2: d = textrm{MAC}(k_M; c | S_2);
  6. outputs R | c | d.

To decrypt the ciphertext R | c | d Bob does the following:

  1. derives the shared secret: S = Px, where P = (Px,Py) = kBR (it is the same as the one Alice derived because P = kBR = kBrG = rkBG = rKB), or outputs failed if P = O;
  2. derives keys the same way as Alice did: k_E | k_M = textrm{KDF}(S|S_1);
  3. uses MAC to check the tag and outputs failed if d ne textrm{MAC}(k_M; c | S_2);
  4. uses symmetric encryption scheme to decrypt the message m = E − 1(kE;c).

References


 
 

COMMENTARY     


Share your thoughts, questions and commentary here
Your name
Your comments

Want to know more?
Search encyclopedia, statistics and forums:

 


Press Releases |  Feeds | Contact
The Wikipedia article included on this page is licensed under the GFDL.
Images may be subject to relevant owners' copyright.
All other elements are (c) copyright NationMaster.com 2003-5. All Rights Reserved.
Usage implies agreement with terms, 1022, m