The Elliptic Curve Digital Signature Algorithm (ECDSA) is the elliptic curve analogue of the Digital Signature Algorithm (DSA). It was accepted in 1999 as an ANSI standard and in 2000 as IEEE and NIST standards. It was also accepted in 1998 as an ISO standard and is under consideration for inclusion in some other ISO standards. Unlike the ordinary discrete logarithm problem and the integer factorization problem, no subexponential-time algorithm is known for the elliptic curve discrete logarithm problem. For this reason, the strength-per-key-bit is substantially greater in an algorithm that uses elliptic curves. This paper describes the ANSI X9.62 ECDSA, and discusses related security, implementation, and interoperability issues.

/pdf/the-elliptic-curve-digital-signature-algorithm-ecdsa-33tvnr4ena.pdf

The Elliptic Curve Digital Signature Algorithm (ECDSA)

Review: Digital image steganography: Survey and analysis of current methods

A method of maintaining digital medical records, comprising a step of receiving a medical transaction record (102), encrypted with a key in accordance with a patient-file association. Also comprising a step of accessing the encrypted medical transaction record according to a patient association with the record (111). And further comprising a step of re-encryption of the encrypted accessed medical transaction record with a key associated with an intended recipient of the medical record. The system and method according to the present invention presents a new business model for creation, maintenance, transmission, and use of medical records. The invention also allows financial burdens to be reallocated optimally and equitably, resulting in decreased overall societal cost and providing a successful business model for a database proprietor. Secure entrusted medical records are held in trust by an independent third party on behalf of the patient (113), and serve the medical community at large. Separately encrypted record elements may be aggregated as an information polymer.

Information record infrastructure, system and method

This document provides guidance on how to secure Industrial Control Systems (ICS), including Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC), while addressing their unique performance, reliability, and safety requirements The document provides an overview of ICS and typical system topologies, identifies typical threats and vulnerabilities to these systems, and provides recommended security countermeasures to mitigate the associated risks

/pdf/guide-to-industrial-control-systems-ics-security-48jy3kri07.pdf

Guide to Industrial Control Systems (ICS) Security

True randomness does not exist in classical physics, where randomness is necessarily a result of forces that may be unknown but exist. The quantum world, however, is intrinsically truly random. This is difficult to prove, as it is not readily distinguishable from noise and other uncontrollable factors. Now Pironio et al. present proof of a quantitative relationship between two fundamental concepts of quantum mechanics — randomness and the non-locality of entangled particles. They first show theoretically that the violation of a Bell inequality certifies the generation of new randomness, independently of any implementation details. To illustrate the approach, they then perform an experiment in which — as confirmed using the theoretical tools that they developed — 42 new random bits have been generated. As well as having conceptual implications, this work has practical implications for cryptography and for numerical simulation of physical and biological systems. Here it is shown, both theoretically and experimentally, that non-local correlations between entangled quantum particles can be used for a new cryptographic application — the generation of certified private random numbers — that is impossible to achieve classically. The results have implications for future device-independent quantum information experiments and for addressing fundamental issues regarding the randomness of quantum theory. Randomness is a fundamental feature of nature and a valuable resource for applications ranging from cryptography and gambling to numerical simulation of physical and biological systems. Random numbers, however, are difficult to characterize mathematically1, and their generation must rely on an unpredictable physical process2,3,4,5,6. Inaccuracies in the theoretical modelling of such processes or failures of the devices, possibly due to adversarial attacks, limit the reliability of random number generators in ways that are difficult to control and detect. Here, inspired by earlier work on non-locality-based7,8,9 and device-independent10,11,12,13,14 quantum information processing, we show that the non-local correlations of entangled quantum particles can be used to certify the presence of genuine randomness. It is thereby possible to design a cryptographically secure random number generator that does not require any assumption about the internal working of the device. Such a strong form of randomness generation is impossible classically and possible in quantum systems only if certified by a Bell inequality violation15. We carry out a proof-of-concept demonstration of this proposal in a system of two entangled atoms separated by approximately one metre. The observed Bell inequality violation, featuring near perfect detection efficiency, guarantees that 42 new random numbers are generated with 99 per cent confidence. Our results lay the groundwork for future device-independent quantum information experiments and for addressing fundamental issues raised by the intrinsic randomness of quantum theory.

/pdf/random-numbers-certified-by-bell-s-theorem-5chjbj1xv7.pdf

Random numbers certified by Bell's theorem.

: This paper discusses some aspects of selecting and testing random and pseudorandom number generators. The outputs of such generators may he used in many cryptographic applications, such as the generation of key material. Generators suitable for use in cryptographic applications may need to meet stronger requirements than for other applications. In particular, their outputs must he unpredictable in the absence of knowledge of the inputs. Some criteria for characterizing and selecting appropriate generators are discussed in this document. The subject of statistical testing and its relation to cryptanalysis is also discussed, and some recommended statistical tests are provided. These tests may he useful as a first step in determining whether or not a generator is suitable for a particular cryptographic application. The design and cryptanalysis of generators is outside the scope of this paper.

/pdf/a-statistical-test-suite-for-random-and-pseudorandom-number-xf8s068cdk.pdf

A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications

This Recommendation provides cryptographic key management guidance. It consists of three parts. Part 1 provides general guidance and best practices for the management of cryptographic keying material. Part 2 provides guidance on policy and security planning requirements for U.S. government agencies. Finally, Part 3 provides guidance when using the cryptographic features of current systems.

/pdf/recommendation-for-key-management-part-1-general-revision-3-1l1d32pzxc.pdf

Recommendation for Key Management, Part 1: General (Revision 3)

This paper discusses some aspects of selecting and testing random and pseudorandom number generators. The outputs of such generators may be used in many cryptographic applications, such as the generation of key material. Generators suitable for use in cryptographic applications may need to meet stronger requirements than for other applications. In particular, their outputs must be unpredictable in the absence of knowledge of the inputs. Some criteria for characterizing and selecting appropriate generators are discussed in this document. The subject of statistical testing and its relation to cryptanalysis is also discussed, and some recommended statistical tests are provided. These tests may be useful as a first step in determining whether or not a generator is suitable for a particular cryptographic application. However, no set of statistical tests can absolutely certify a generator as appropriate for usage in a particular application, i.e., statistical testing cannot serve as a substitute for cryptanalysis. The design and cryptanalysis of generators is outside the scope of this paper.

SP 800-22 Rev. 1a. A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications

SP 800-57. Recommendation for Key Management, Part 1: General (revised)

This Recommendation provides the specifications of key establishment schemes that are appropriate for use by the U.S. Federal Government, based on standards developed by the Accredited Standards Committee (ASC) X9, Inc.: American National Standard (ANS) X9.42 Agreement of Symmetric Keys using Discrete Logarithm Cryptography and ANS X9.63 Key Agreement and Key Transport using Elliptic Curve Cryptography. A key establishment scheme can be characterized as either a key agreement scheme or a key transport scheme. The asymmetric-key-based key agreement schemes in this Recommendation are based on the Diffie-Hellman (DH) and Menezes-Qu-Vanstone (MQV) algorithms. In addition, an asymmetric-key-based key transport scheme is specified.

Miles E. Smid

Papers

A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications

Recommendation for Key Management, Part 1: General (Revision 3)

SP 800-22 Rev. 1a. A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications

SP 800-57. Recommendation for Key Management, Part 1: General (revised)

SP 800-56A. Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography (Revised)