DDoS (Distributed Denial of Service)
is a software attack of the category of DoS but using a distributed base of computers for the attack. The most sophisticated tools are Trin()(), Tribe Flood Network, or Stacheldraht. They use remote pirated hosts, so called zombie programs, to perform the real attack.
Decryption
is the reverse mathematical operation of encryption.
Denial Of Services (DoS)
is a software attack that remotely disables a computer by consuming illegally resources. The modern version floods the target with an overwhelming traffic. In the past, they involved consuming resources such as memory or CPU.
DOS attacks may affect any IT sysetm. Recent Grey Goo virus in Secondd Life was a kind of DOS attack in virtual Worlds.
DES
is a symmetric block cipher designed by IBM in the 1970s and adopted by NIST. It is a 64-bit block cipher with a 56-bit key. (NSA required the key size to be reduced from 112-bit to its actual size). DES is 100 times faster than RSA in software. DES is 1,000 to 10,000 times faster than RSA in hardware. DES is widely used.
Due to increasing computing power, DES becomes weaker and weaker. Triple DES is the current successor. In 1999 a 250,000$ dedicated machine broke by brute force attack a key in an average time of 2.5 days.
Differential Cryptanalysis
is a way to attempt to compromise a cryptographic mechanism. This attack is based on the study of the statistical repartition of the XOR values of cipher texts and of clear texts. A hacker may get some information useful to compromise the system by studying this repartition.
BIHAM and SHAMIR designed it in 1990. It is the first attack against DES that was faster than brute force attack.
DIFFIE HELLMAN
Key Agreement Protocol allows two users to concurrently generate a common secret key without any prior secret sharing. This protocol is vulnerable to middle person attack.
DigiCash
bv was a Dutch company founded by David Chaum. It specialized in electronic commerce applications that offers a high level of privacy and security. It was the pioneer in electronic cash. It bankrupted in 1998.
DigiCipher
was a US Conditional Access system developed by General Instruments DigiCipher I was one of the first Conditional Access. It has been each time successfully hacked and on a large scale.
Digital cash
There are two kinds of electronic payments.
- Anonymous schemes do not reveal the identity of the customer. It is the equivalent of cash.
- Identified schemes do reveal the identity of the customer. It is the equivalent of credit card, or checks.
Digital Millenium Copyright Act (DMCA)
is the US regulation that rules copyright laws for digital contents. It was passed by Congress on 1998. It complements the previous act on copyright passed on 1976. From the content security point of view, the most interesting point is the section that makes illegal any circumvention of a copy protection scheme. This has been used by the content owners very often (Felten case, …) It is available at http://www.copyright.gov/legislation/dmca.pdf
Digital Rights Management (DRM)
is a system that manages and controls the usages of a digital content. It defines the usage rules, enforces the usage rules, and ensures the monetarization of the usage of the content. Some examples of commercial DRMs are Intertrust, ContentGuard, or Glassbook.
Digital signatures
replace the hand written signature. Public key cryptography provides confidentiality.
Digital Signature Algorithm
is the algorithm used in the Digital Signature Scheme (DSS) published by the NIST. It is the US government s digital authentication standard. It is an ELGAMAL cryptosystem.
Discrete Logarithm Problem
Given an element g in a group G of order t, g being a generator, i.e., g can generate all elements of G by repetitive group operation. Given another element y of G, it is assumed to be difficult to find a number x, such as y=gxprovided t is large enough.
DMCA
See Digital Millenium Copyright Act
DMZ
(Demilitarized Zone) is a computer or a network of computers that isolates a private network from the public network. When a computer from private network wants to access the public network, it sends its request to the DMZ that will actually access the public network. Computers from the public network can only access computers from the DMZ.
DNS
See Pharming
DoS
DRM
DSA
See Digital Signature Algorithm