P3P (Platform for Privacy Preferences)
was a project of Microsoft to develop a trusted platform for computing. Its objective was to ensure that all the elements (software, hardware) were trusted ones. The new name is Next Generation Secure Computing Base (NGSCB) . Palladium is very similar to TCPA.
Palladium suffered a terrible backlash from the public and some researchers. The fear was the creation of a new Big Brother and restricting the PC to a limited set of trusted applications. Many people, wrongly, equated Palladium with DRM. Palladium was the first step of Microsoft towards the End to End trustinitiative.
is the result of a workgroup of 5 companies (CP8 BULL, Hewlett-Packard, Microsoft, Schlumberger and Siemens Nixdorf) which have proposed a specification to facilitate the use of a smart card reader in a PC environment.
PCT (Private Communication Technology)
was a protocol developed by MICROSOFT and VISA International to provide security and privacy on the Internet. It was the competitor of SSL.
It is a widely available software package originally designed by P. ZIMMERMANN. It employs RSA signature, MD5 hashing and IDEAto cipher mail exchange. The current version is 6.5.8. Since version 5.0, it includes key escrowing facilities.
is a type of hack on the Internet. The attacker redirects a legitimate URL to an illegal site that mimicks a legitimate site. Although being very simlilar to phisingin the results and objectives, pharming is more insidious. Pharming modifies the DNS tables. The victim types regular legitimate URLs. In phising, the victim uses a non-legitimate URL.
is a type of hack on the Internet. The attacker builds a mirror site of a known large site such as a bank, e-commerce, or ISP. Then, she sends out random spamsrequesting the customer of the site to connect to the site to update his personal data. The spam will necessarily hit a customer of the real site who will connect to the mirror site. She can then collect data such as address, phione number or credit card number.
PKCS (Public Key Cryptography Standards)
- PKCS #1 defines mechanisms for using RSA.
- PKCS #3 defines a DIFFIE HELLMAN key agreement protocol.
- PKCS #5 defines a string encryption method with a secret key derived from a password.
- PKCS #6 defines a format for extended certificates. Version 3 of X.509 is currently replacing PKCS #6.
- PKCS #7 defines syntax for signal and encrypted messages.
- PKCS #11 defines a cryptographic library together with its API.
is the complete organization needed to manage an information system based on public key cryptosystem. It compounds TTP, Certifying Authority , and public key directories. It manages also the revocation of certificates.
A Pseudo Random Binary Sequence generator generates a one bit wide sequence that appears to be chosen at random. They are at the heart of many scrambling systems for Pay TV.
PTS (Protocol Type Selection)
is a category of attack trying to guess an embedded private key through the measurement of the consumed power. Depending of the implementation a part of the algorithm may require more operations, and power, depending on the value of a bit of the key.
PRNG (Pseudo Random Number Generator)
(also called asymmetric cryptography): In this type of system, each person has a couple of two keys: the public key, and the private key. The public key is published and accessible to every body. User never issues the private key.
For digital signature, the sender uses his private key for the signature. The receiver uses the public key to validate the signature.
The advantages of public key cryptography versus secret key cryptography are:
- An increased security: The private keys have not to circulate.
- It is not possible to repudiate an authentication with public key.
The disadvantages of public key cryptography versus secret key cryptography are:
- Public key encryption is slower.
- It is possible to impersonate.