Cryptology - Science topic

You might want to read this, to see how AES was evaluated:

Key size, vulnerability to known attacks, performance (computation time) with different types of data, flexibility of application to different platform types, randomness of cipher, cost, and so on. I think that in terms of strength, aside from key size, randomness is very important, even when encrypting repetitive plaintext.

This paper looks mostly at performance comparisons:

The favorite these days still appears to be AES, and many of the others have been downgraded, such as DES. So we can expect AES to be scrutinized most, in the near future.

Ok. Now how to encode the black and white pixels?i was trying with the mayrices

1 0 0 0             1 0 0 0

1 0 0 0             0 1 0 0

1 0 0 0          0 0 1 0

1 0 0 0  and  0 0 0 1

But it is not working!

thank you Nayeen

You can see this:

@AR Reddy: the Goppa codes used in crypto are introduced by elementary means ie

explicit generator matrices. While they can be described by means of AG codes it is hardly relevant there. Historically they were introduced **before** general AG codes on curves. Also I dont understand your comment on the size of the key which depends only on the parameters n,k,q and not on the choice of the family of codes...

I am reading your article to understand your above response. I will reply you later.

Finally i developed RS steganalysis code by myself with the help of 

Thanks

There are three methods of data hiding. In cryptography, we can openly announce that we added some data and the interceptor don't have key to open. In watermarking also, we can announce the same, but interceptor can attack te file to remove the data. We need to embed small data for identification. However, in steganography, we cannot announce to anybody, because if anyone is able to find the presence of data in image, they can remove the file. So our aim will not be achieved. So, in steganography, We must be able to exploit HVS (Human Visual System). This we can achieve using frequency domain because our eyes cannot detect high frequencies. So, either you can go for DCT or DWT. if you are using DCT, don't worry about lossy compression. You just have to aim to embed the data in low frequencies which you can decide that how much compression your file can handle. Check out papers in my profile on watermarking. You can check the tables mentioning the compression attacks.

First, asymmetric cryptography takes two forms: authentication and confidentiality

For message confidentiality, the message is encrypted with the receiver's public key and only the authentic receiver who has the corresponding private key can successfully decrypt it.

For message authentication, it is the other way around, encryption is done with the sender's private key and any receiver who holds the corresponding public key can decrypt the message. A successful decryption indicates that this message is from the claimed sender.

The choice over public or private key cryptography would depend highly on the exact place of non-interactive application you have in mind and how would (or did) you implement it.

For example, suppose you would like to control the access of you application that only you would like to use. You may prefer a symmetric cryptography (private key) to achieve this (although a conventional method is to use a digest function like MD5).

But, if you would like to selectively lock a specific functionality of an application that you would like to distribute (to customers), you may want to create a configuration file and encrypt it. If this is done with a symmetric key, then one way or another, the application must include the symmetric key along with it to decrypt the config. file for use - a simple reverse engineering attempt can locate the key within the application.

The solution thus lies in public key cryptography. You can encrypt your config. file in your own system with your private key, then store the public key along with the application to decrypt it for its use. You can encode the config. file to include the MAC address of the system or the disk ID for an integrity check for the machine it is entitled to operate in. This is what I did for my ERP application, it works just fine.

Who is the threat in your question? If I am reading it correctly you are excluding the trusted third party as a threat, and you are excluding any active attackers. The rough answer to your question is that if there are no threats you could send the email in clear text and be just fine. Encryption is only necessary if you are protecting yourself from something.

Alternatively, you may be viewing passive network monitors as threats. For example, systems that are scanning email for keywords at the boarder of an organization. However, most passive monitors can be easily handled by even XORing the bits, a complex security protocol is only needed in the presence of an active attack on the email in question.

Finally, if you are assuming that there are no active attackers, and you actually have a trusted third party, you would be much better served by using stenography than public/private key encryption. Passive monitors are likely looking for odd things to flag for further scrutiny, a hidden email is more likely to pass unnoticed than an encrypted one.

Computational complexity: The time required to break it.

For example, if you have 1 digit password, you may have 10 possible passwords (0-9). Therefore, to break this password, you must try from 0-9. Now lets say, a system allows only 1 try/second. So the max time required to break this password would be 10 seconds.

Hope that helps :)

Maybe the following work could help you: http://lasecwww.epfl.ch/pub/lasec/doc/YV04a.pdf.

Regards,

Llanos