ZXZYZ reviews and designs of cryptographic algorithms, security protocols. ZXZYZ offers security review of existing systems and infrastructure.
| Cryptographic Algorithms | |||||||||||
| Symmetric key cryptography | Asymmetric key cryptography | ||||||||||
| Ciphers. Used for Encryption | Public key cryptography. Ciphers. Used for Key Exchange | ||||||||||
| Block | Stream | Hash | |||||||||
| Keyed | Unkeyed | ||||||||||
| Used for Message authentication code (MAC) | |||||||||||
| AES, ARIA, Blowfish, Camellia, DES, GOST, ICE, Kalyna, KASUMI, MESH, SEED, Twofish | RC4, Rabbit, Scream, SOBER, Turing, VEST | BLAKE, HMAC, MD6, PMAC, Poly1305 | BLAKE, GOST, HAVAL, MD6, SHA, Skein, SWIFFT, Tiger, Whirlpool |
|
|||||||
Digital Certificate: Asymmetric key algorithms (private/public key),X-509 format, PKI structure. Created by CA (trusted third party). Identify the sender, authenticate the message. Contains public key.
Digital Signature: Asymmetric key algorithms (private/public key), DSS structure. Self Created. Authenticate the message only.
Public key infrastructure (PKI) is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption.
X.509 is a standard for the format and contents of certificates.
PEM preceded S/MIME as a mail security standard. A PEM (Privacy-Enhanced Mail) file is a container format that is a base64-encoded bit of data that may include a public key, a private key, X509 certificates, PKCS7 data, files containing multiple certificates, files containing both the private key and the X509 certificate, PKCS#10 certificate signing requests or whatever.
Transport Layer Security.
HTTP, FTP, SMTP, NNTP and XMPP use TLS.
Key Exchange
X.509 format-PKI sructure-Public key-digital certificates used during exchange/agreement. Asymmetric key algorithms are used.Cipher
Symmetric Block Ciphers are used.Data Integrity
Message authentication code (MAC)