1961 First computer password Fernando Corbató MIT implemented the first password and username method of user authentification for time-sharing computer called CTSS. Cracked by Allan Scherr a Ph.D. researcher at MIT who was looking for a way to bump up his usage time on CTSS. He had been allotted four hours per week, but it wasn’t nearly enough time to run the detailed performance simulations he’d designed for the new computer system. 1985 Elliptic curves in cryptography Neal Koblitz Victor S. Miller One of the most powerful types of cryptography that is widely used today. The elliptic curve cryptography was first proposed in 1985, but only became widely used in 2004 1976 Diffie–Hellman key exchange Whitfield Diffie Martin Hellman Ralph Merkle The Diffie–Hellman key exchange is a specific method of securely exchanging cryptographic keys over a public channel and was one of the first public-key protocols. 1977 RSA (Rivest-Shamir-Adelman) Ron Rivest Adi Shamir Leonard Adleman It is the first algorithm known to be suitable for signing as well as encryption, and was one of the first great advances in public key cryptography. RSA is widely used in electronic commerce protocols, and is believed to be secure given sufficiently long keys and the use of up-to-date implementations. 1979 Data Encryption Standard (DES) Horst Feistel, Walter Tuchman, Don Coppersmith, Alan Konheim, Carl Meyer, Mike Matyas, Roy Adler, Edna Grossman, Bill Notz, Lynn Smith, Bryant Tuckerman. This was the previously predominant algorithm for the encryption of electronic data. It highly influenced the advancement of modern cryptography in the academic world. DES is now considered to be unsecure due to the 56-bit key size being too small. 1984 ElGamal Taher Elgamal A predecessor of DSA, the ElGamal cryptosystem is usually used in a hybrid cryptosystem, i.e., the message itself is encrypted using a symmetric cryptosystem and ElGamal is then used to encrypt the key used for the symmetric cryptosystem. 1991 Digital Signature Algorithm (DSA) David W. Kravitz A digital signature algorithm (DSA) refers to a standard for digital signatures. It was introduced in 1991 by the National Institute of Standards and Technology (NIST) as a better method of creating digital signatures. Along with the RSA, the DSA is considered one of the most preferred digital signature algorithms used today. 1991 Pretty Good Privacy (PGP) Phil Zimmermann A methodology used for encrypting and decrypting digital files and communications over the Internet. Phill created PGP to promote awareness of the privacy issue in a digital age. It was initially designed for email security. PGP is such an effective encryption tool that the U.S. government actually brought a lawsuit against Zimmerman for putting it in the public domain and hence making it available to enemies of the U.S. After a public outcry, the U.S. lawsuit was dropped, but it is still illegal to use PGP in many other countries. 1998 Advanced Encryption Standard (AES) / Rijndael Vincent Rijmen Joan Daemen The AES replaced the DES. It is a symmetric block cipher used by the U.S. government to protect classified information and is implemented in software and hardware throughout the world to encrypt sensitive data. 1993 Blowfish Bruce Schneier It is a symmetric-key block cipher. At the time Blowfish was released, many other designs were proprietary, encumbered by patents or were commercial or government secrets. Schneier has stated that, "Blowfish is unpatented, and will remain so in all countries. The algorithm is hereby placed in the public domain, and can be freely used by anyone." 1997 CAPTCHA Mark D. Lillibridge Martín Abadi Krishna Bharat Andrei Broder (Completely Automated Public Turing test to tell Computers and Humans Apart). First implemented at AltaVista to prevent bots from adding URLs to their search engine 1999 GNU Privacy Guard Werner Koch Werner began writing GNU Privacy Guard in 1997, inspired after attending a talk by Richard Stallman who made a call for someone to write a replacement for Phil Zimmermann's Pretty Good Privacy (PGP) which was subject to U.S. export restrictions. 2004 Off-the-Record Messaging Ian Goldberg Nikita Borisov The primary motivation behind the protocol was providing deniable authentication for the conversation participants while keeping conversations confidential, like a private conversation in real life, or off the record in journalism sourcing. 2006 ZRTP (Zimmermann Real-time Transport Protocol) Phil Zimmermann It is a cryptographic key-agreement protocol for a Voice over Internet Protocol (VoIP). It provides users the ability to verify that there is no man in the middle, by verbally comparing two strings. The two strings will be displayed on the caller phone and the called phone, and they have to be exactly the same. 1994 HTTPS Netscape Communications A protocol for secure communication over a computer network which is widely used on the Internet. The main motivation for HTTPS is authentication of the visited website and to protect the privacy and integrity of the exchanged data. 1998 3DES Walter Tuchman IBM The original DES cipher's key size of 56 bits was generally sufficient when that algorithm was designed, but the availability of increasing computational power made brute-force attacks feasible. Triple DES provides a relatively simple method of increasing the key size of DES to protect against such attacks, without the need to design a completely new block cipher algorithm. 2013 SHA-3 Guido Bertoni Joan Daemen Michaël Peeters Gilles Van Assche It is a cryptographic hash function that came after SHA-2 that was not yet cracked, which came after SHA-1 that is theorethically crackable, that came after a cracked SHA-0. During the last half of the century, digital security went a long way thanks to the great people who, most of the time, made their inventions free to use by anyone without being afraid of patent issues. THE EVOLUTION OF DIGITAL SECURITY and who made a Secure Communication Environment possible to build Thanks to these and many other great people, security tools are now at the level that most of the time renders brute force attacks ineffective. OI OI Today, the key to building a secure communication environment is using the right combination of tools and technics and correct implementation. xvisible.net xvisible.net
Evolution of information security
Aug 14, 2015
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
1961 First computer password
Fernando Corbató MIT implemented the first password and username method of user authentification for time-sharing computer called CTSS.Cracked by Allan Scherr a Ph.D. researcher at MIT who was looking for a way to bump up his usage time on CTSS. He had been allotted four hours per week, but it wasn’t nearly enough time to run the detailed performance simulations he’d designed for the new computer system.
1985Elliptic curves in cryptography
Neal Koblitz Victor S. MillerOne of the most powerful types of cryptography that is widely used today. The elliptic curve cryptography was first proposed
in 1985, but only became widely used in 2004
1976Diffie–Hellman key exchange
Whitfield Diffie Martin Hellman Ralph MerkleThe Diffie–Hellman key exchange is a specific method of securely
exchanging cryptographic keys over a public channel and was one of the first public-key protocols.
1977RSA (Rivest-Shamir-Adelman)
Ron Rivest Adi Shamir Leonard AdlemanIt is the first algorithm known to be suitable for signing as well as encryption, and was one of the first great advances in public key cryptography. RSA is widely used in electronic commerce protocols, and is believed to be secure given sufficiently long keys and the use of up-to-date implementations.
1979Data Encryption Standard (DES)
Horst Feistel, Walter Tuchman, Don Coppersmith, Alan Konheim, Carl Meyer, Mike Matyas, Roy Adler,
Edna Grossman, Bill Notz, Lynn Smith, Bryant Tuckerman.
This was the previously predominant algorithm for the encryption of electronic data. It highly influenced the advancement of modern
cryptography in the academic world. DES is now considered to be unsecure due to the 56-bit key size being too small. 1984
ElGamal
Taher Elgamal A predecessor of DSA, the ElGamal cryptosystem is usually used in a hybrid cryptosystem, i.e., the message itself is encrypted using a symmetric cryptosystem and ElGamal is then used to encrypt the key used for the symmetric cryptosystem.
1991Digital Signature Algorithm (DSA)
David W. KravitzA digital signature algorithm (DSA) refers to a standard for digital signatures. It was introduced in 1991 by the National Institute of Standards and Technology (NIST) as a better method of creating digital signatures. Along with the RSA, the DSA is considered one of the most preferred digital signature algorithms used today.
1991Pretty Good Privacy (PGP)
Phil ZimmermannA methodology used for encrypting and decrypting digital files
and communications over the Internet. Phill created PGP to promote awareness of the privacy issue in a digital age. It was
initially designed for email security. PGP is such an effective encryption tool that the U.S. government actually brought a
lawsuit against Zimmerman for putting it in the public domain and hence making it available to enemies of the U.S. After a
public outcry, the U.S. lawsuit was dropped, but it is still illegal to use PGP in many other countries.
1998Advanced Encryption Standard (AES) / Rijndael
Vincent Rijmen Joan DaemenThe AES replaced the DES. It is a symmetric block cipher used by the U.S. government to protect classified information and is implemented in software and hardware throughout the world to encrypt sensitive data.
1993Blowfish
Bruce SchneierIt is a symmetric-key block cipher. At the time Blowfish was released, many other designs were proprietary, encumbered by patents or were commercial or government secrets. Schneier has stated that, "Blowfish is unpatented, and will remain so in all countries. The algorithm is hereby placed in the public domain, and can be freely used by anyone."
1997CAPTCHA
Mark D. Lillibridge Martín Abadi Krishna Bharat Andrei Broder(Completely Automated Public Turing test to tell Computers and Humans Apart). First implemented at AltaVista to prevent bots from adding URLs to their search engine
1999GNU Privacy Guard
Werner KochWerner began writing GNU Privacy Guard in 1997, inspired
after attending a talk by Richard Stallman who made a call for someone to write a replacement for Phil Zimmermann's Pretty
Good Privacy (PGP) which was subject to U.S. export restrictions.
2004Off-the-Record Messaging
Ian Goldberg Nikita BorisovThe primary motivation behind the protocol was providing deniable authentication for the conversation participants while keeping conversations confidential, like a private conversation in real life, or off the record in journalism sourcing.
2006ZRTP (Zimmermann Real-time
Transport Protocol)
Phil ZimmermannIt is a cryptographic key-agreement protocol for a Voice over Internet Protocol (VoIP). It provides users the ability to verify
that there is no man in the middle, by verbally comparing two strings. The two strings will be displayed on the caller phone and the called phone, and they have to be exactly the same.
1994HTTPS
Netscape CommunicationsA protocol for secure communication over a computer network
which is widely used on the Internet. The main motivation for HTTPS is authentication of the visited website and to protect the
privacy and integrity of the exchanged data.
19983DES
Walter Tuchman IBMThe original DES cipher's key size of 56 bits was generally sufficient when that algorithm was designed, but the availability of increasing computational power made brute-force attacks feasible. Triple DES
provides a relatively simple method of increasing the key size of DES to protect against such attacks, without the need to design a
completely new block cipher algorithm.
2013SHA-3
Guido Bertoni Joan Daemen Michaël Peeters Gilles Van AsscheIt is a cryptographic hash function that came after SHA-2 that was not yet cracked, which came after SHA-1 that is theorethically crackable, that came after a cracked SHA-0.
During the last half of the century, digital security went a long way thanks to the great people who, most of the time, made their inventions free to use by anyone without being afraid of patent issues.
THE EVOLUTION OF DIGITAL
SECURITYand who madea Secure Communication Environment
possible to build
Thanks to these and many other great people, security tools are now at the level that most of the time renders brute force attacks ineffective.
OIOI
Today, the key to building a secure communication environment is using the right combination of tools and technics and correct implementation.
xvisible.net
xvisible.net
Related Documents
