DDoS (Distributed Denial of Service)
is a software attack of the category of DoS but using a distributed base of computers for the attack. The most sophisticated tools are Trin()(), Tribe Flood Network, or Stacheldraht. They use remote pirated hosts, so called zombie programs, to perform the real attack.
is the reverse mathematical operation of encryption.
is a software attack that remotely disables a computer by consuming illegally resources. The modern version floods the target with an overwhelming traffic. In the past, they involved consuming resources such as memory or CPU.
DOS attacks may affect any IT sysetm. Recent Grey Goo virus in Secondd Life was a kind of DOS attack in virtual Worlds.
is a symmetric block cipher designed by IBM in the 1970s and adopted by NIST. It is a 64-bit block cipher with a 56-bit key. (NSA required the key size to be reduced from 112-bit to its actual size). DES is 100 times faster than RSA in software. DES is 1,000 to 10,000 times faster than RSA in hardware. DES is widely used.
Due to increasing computing power, DES becomes weaker and weaker. Triple DES is the current successor. In 1999 a 250,000$ dedicated machine broke by brute force attack a key in an average time of 2.5 days.
is a way to attempt to compromise a cryptographic mechanism. This attack is based on the study of the statistical repartition of the XOR values of cipher texts and of clear texts. A hacker may get some information useful to compromise the system by studying this repartition.
Key Agreement Protocol allows two users to concurrently generate a common secret key without any prior secret sharing. This protocol is vulnerable to middle person attack.
bv was a Dutch company founded by David Chaum. It specialized in electronic commerce applications that offers a high level of privacy and security. It was the pioneer in electronic cash. It bankrupted in 1998.
was a US Conditional Access system developed by General Instruments DigiCipher I was one of the first Conditional Access. It has been each time successfully hacked and on a large scale.
There are two kinds of electronic payments.
- Anonymous schemes do not reveal the identity of the customer. It is the equivalent of cash.
- Identified schemes do reveal the identity of the customer. It is the equivalent of credit card, or checks.
Digital Millenium Copyright Act (DMCA)
is the US regulation that rules copyright laws for digital contents. It was passed by Congress on 1998. It complements the previous act on copyright passed on 1976. From the content security point of view, the most interesting point is the section that makes illegal any circumvention of a copy protection scheme. This has been used by the content owners very often (Felten case, …) It is available at http://www.copyright.gov/legislation/dmca.pdf
Digital Rights Management (DRM)
is a system that manages and controls the usages of a digital content. It defines the usage rules, enforces the usage rules, and ensures the monetarization of the usage of the content. Some examples of commercial DRMs are Intertrust, ContentGuard, or Glassbook.
replace the hand written signature. Public key cryptography provides confidentiality.
Digital Signature Algorithm
Discrete Logarithm Problem
Given an element g in a group G of order t, g being a generator, i.e., g can generate all elements of G by repetitive group operation. Given another element y of G, it is assumed to be difficult to find a number x, such as y=gxprovided t is large enough.
(Demilitarized Zone) is a computer or a network of computers that isolates a private network from the public network. When a computer from private network wants to access the public network, it sends its request to the DMZ that will actually access the public network. Computers from the public network can only access computers from the DMZ.