DDoS (Distributed Denial of Service)

is a software attack of the category of DoS but using a distributed base of computers for the attack. The most sophisticated tools are Trin()(), Tribe Flood Network, or Stacheldraht. They use remote pirated hosts, so called zombie programs, to perform the real attack.


is the reverse mathematical operation of encryption.

 Denial Of Services (DoS)

is a software attack that remotely disables a computer by consuming illegally resources. The modern version floods the target with an overwhelming traffic. In the past, they involved consuming resources such as memory or CPU.

DOS attacks may affect any IT sysetm.  Recent Grey Goo virus in Secondd Life was a kind of DOS attack in virtual Worlds.


is a symmetric block cipher designed by IBM in the 1970s and adopted by NIST. It is a 64-bit block cipher with a 56-bit key. (NSA required the key size to be reduced from 112-bit to its actual size). DES is 100 times faster than RSA in software. DES is 1,000 to 10,000 times faster than RSA in hardware. DES is widely used.

Due to increasing computing power, DES becomes weaker and weaker. Triple DES is the current successor. In 1999 a 250,000$ dedicated machine broke by brute force attack a key in an average time of 2.5 days.

Differential Cryptanalysis

is a way to attempt to compromise a cryptographic mechanism. This attack is based on the study of the statistical repartition of the XOR values of cipher texts and of clear texts. A hacker may get some information useful to compromise the system by studying this repartition.

BIHAM and SHAMIR designed it in 1990. It is the first attack against DES that was faster than brute force attack.


Key Agreement Protocol allows two users to concurrently generate a common secret key without any prior secret sharing. This protocol is vulnerable to middle person attack.


bv was a Dutch company founded by David Chaum. It specialized in electronic commerce applications that offers a high level of privacy and security. It was the pioneer in electronic cash. It bankrupted in 1998.


was a US Conditional Access system developed by General Instruments  DigiCipher I was one of the first Conditional Access.  It has been each time successfully hacked and on a large scale.

Digital cash

There are two kinds of electronic payments.

  • Anonymous schemes do not reveal the identity of the customer. It is the equivalent of cash.
  • Identified schemes do reveal the identity of the customer. It is the equivalent of credit card, or checks.

Digital Millenium Copyright Act (DMCA)

is the US regulation that rules copyright laws for digital contents. It was passed by Congress on 1998. It complements the previous act on copyright passed on 1976.  From the content security point of view, the most interesting point is the section that makes illegal any circumvention of a copy protection scheme.  This has been used by the content owners very often (Felten case, …)  It is available at http://www.copyright.gov/legislation/dmca.pdf

Digital Rights Management (DRM)

is a system that manages and controls the usages of a digital content. It defines the usage rules, enforces the usage rules, and ensures the monetarization of the usage of the content. Some examples of commercial DRMs are Intertrust, ContentGuard, or Glassbook.

Digital signatures

replace the hand written signature. Public key cryptography provides confidentiality.

Digital Signature Algorithm

is the algorithm used in the Digital Signature Scheme (DSS) published by the NIST. It is the US government s digital authentication standard. It is an ELGAMAL cryptosystem.

Discrete Logarithm Problem

Given an element g in a group G of order t, g being a generator, i.e., g can generate all elements of G by repetitive group operation. Given another element y of G, it is assumed to be difficult to find a number x, such as  y=gxprovided t is large enough.


See Digital Millenium Copyright Act


(Demilitarized Zone) is a computer or a network of computers that isolates a private network from the public network. When a computer from private network wants to access the public network, it sends its request to the DMZ that will actually access the public network. Computers from the public network can only access computers from the DMZ.


See Pharming


See Denial Of Services


see Digital Rights Management


See Digital Signature Algorithm


Leave a Reply

Your email address will not be published. Required fields are marked *