Certificate authority

certificate authoritiesCAcertification authority
OpenSSL, an SSL/TLS library that comes with tools allowing its use as a simple certificate authority. EasyRSA, OpenVPN's command line CA utilities using OpenSSL. r509. TinyCA, which is a perl gui on top of some CPAN modules. XCA. XiPKI, CA and OCSP responder. With SHA3 support, OSGi-based (Java). Boulder is an automated server that uses the Automated Certificate Management Environment (ACME) protocol. Windows Server contains a CA as part of Certificate Services for the creation of digital certificates. In Windows Server 2008 and later the CA may be installed as part of Active Directory Certificate Services. OpenXPKI. SAFE-BioPharma Association - an example of a non-HTTPS CA.

Public key certificate

digital certificatecertificatedigital certificates
However, in Transport Layer Security (TLS) a certificate's subject is typically a computer or other device, though TLS certificates may identify organizations or individuals in addition to their core role in identifying devices. TLS, sometimes called by its older name Secure Sockets Layer (SSL), is notable for being a part of HTTPS, a protocol for securely browsing the web. In a typical public-key infrastructure (PKI) scheme, the certificate issuer is a certificate authority (CA), usually a company that charges customers to issue certificates for them.

Cryptographic hash function

cryptographic hashhashhashing
Concatenating outputs from multiple hash functions provides collision resistance as good as the strongest of the algorithms included in the concatenated result. For example, older versions of Transport Layer Security (TLS) and Secure Sockets Layer (SSL) use concatenated MD5 and SHA-1 sums. This ensures that a method to find collisions in one of the hash functions does not defeat data protected by both hash functions. For Merkle–Damgård construction hash functions, the concatenated function is as collision-resistant as its strongest component, but not more collision-resistant.

HTTP cookie

cookiescookiepersistent cookie
This issue can be resolved by securing the communication between the user's computer and the server by employing Transport Layer Security (HTTPS protocol) to encrypt the connection. A server can specify the flag while setting a cookie, which will cause the browser to send the cookie only over an encrypted channel, such as an TLS connection. If an attacker is able to cause a DNS server to cache a fabricated DNS entry (called DNS cache poisoning), then this could allow the attacker to gain access to a user's cookies. For example, an attacker could use DNS cache poisoning to create a fabricated DNS entry of that points to the IP address of the attacker's server.

Web server

webserverweb serversserver
A web server processes incoming network requests over HTTP and several other related protocols. The primary function of a web server is to store, process and deliver web pages to clients. The communication between client and server takes place using the Hypertext Transfer Protocol (HTTP). Pages delivered are most frequently HTML documents, which may include images, style sheets and scripts in addition to the text content. A user agent, commonly a web browser or web crawler, initiates communication by making a request for a specific resource using HTTP and the server responds with the content of that resource or an error message if unable to do so.

Curl-loader

curl-loader is an open-source software performance testing tool written in the C programming language. curl-loader is capable of simulating application behavior of hundreds of thousands of HTTP/HTTPS and FTP/FTPS clients, each with its own source IP-address. In contrast to other tools, curl-loader is using real C-written client protocol stacks, namely, HTTP and FTP stacks of libcurl and TLS/SSL of openssl, and simulates user behavior with support for login and authentication flavors. The major features are: Running up to 2500-100,000 and more virtual loading clients, all from a single curl-loader process.

Man-in-the-middle attack

man-in-the-middleman in the middle attackman in the middle
As a consequence, a green padlock does not indicate that the client has successfully authenticated with the remote server but just with the corporate server/proxy used for SSL/TLS inspection. HTTP Public Key Pinning, sometimes called "certificate pinning," helps prevent a MITM attack in which the certificate authority itself is compromised, by having the server provide a list of "pinned" public key hashes during the first transaction. Subsequent transactions then require one or more of the keys in the list must be used by the server in order to authenticate that transaction.

Public key infrastructure

PKIpublic-key infrastructurepublic key infrastructure (PKI)
HTTP/2, the latest version of HTTP protocol allows unsecured connections in theory, in practice major browser companies have made it clear that they would support this state-of-art protocol only over a PKI secured TLS connection. Web browser implementation of HTTP/2 including Edge from Microsoft, Chrome from Google, Firefox from Mozilla, and Opera supports HTTP/2 only over TLS by using ALPN extension of TLS protocol. This would mean that to get the speed benefits of HTTP/2, website owners would be forced to purchase SSL certificates controlled by corporations such as Symantec. Current web browsers carry pre-installed intermediary certificates issued and signed by a Certificate Authority.

Digest access authentication

digest authenticationDigestDigest SSP
It prevents the use of a strong password hash (such as bcrypt) when storing passwords (since either the password, or the digested username, realm and password must be recoverable). Public key authentication (usually implemented with a HTTPS / SSL client certificate) using a client certificate. Kerberos or SPNEGO authentication, employed for example by Microsoft IIS running configured for Integrated Windows Authentication (IWA). Secure Remote Password protocol (preferably within the HTTPS / TLS layer). However, this is not implemented by any mainstream browsers.

Wget

GNU Wget
GNU Wget is distributed under the terms of the GNU General Public License, version 3 or later, with a special exception that allows distribution of binaries linked against the OpenSSL library. The text of the exception follows: Additional permission under GNU GPL version 3 section 7 If you modify this program, or any covered work, by linking or combining it with the OpenSSL project's OpenSSL library (or a modified version of that library), containing parts covered by the terms of the OpenSSL or SSLeay licenses, the Free Software Foundation grants you additional permission to convey the resulting work.

FTPS

Firewall IncompatibilitiesFTP over SSL (FTPS)FTP over SSL and TLS
FTPS (also known as FTPES, FTP-SSL, and FTP Secure) is an extension to the commonly used File Transfer Protocol (FTP) that adds support for the Transport Layer Security (TLS) and, formerly, the Secure Sockets Layer (SSL, which is now prohibited by RFC7568) cryptographic protocols. FTPS should not be confused with the SSH File Transfer Protocol (SFTP), a secure file transfer subsystem for the Secure Shell (SSH) protocol with which it is not compatible. It is also different from FTP over SSH, which is the practice of tunneling FTP through an SSH connection. The File Transfer Protocol was drafted in 1971 for use with the scientific and research network, ARPANET.

Computer network

networknetworkingcomputer networking
Netscape created a standard called secure socket layer (SSL). SSL requires a server with a certificate. When a client requests access to an SSL-secured server, the server sends a copy of the certificate to the client. The SSL client checks this certificate (all web browsers come with an exhaustive list of CA root certificates preloaded), and if the certificate checks out, the server is authenticated and the client negotiates a symmetric-key cipher for use in the session. The session is now in a very secure encrypted tunnel between the SSL server and the SSL client. Users and network administrators typically have different views of their networks.

SHA-1

sha1secure hashSHA
See #Attacks SHA-1 forms part of several widely used security applications and protocols, including TLS and SSL, PGP, SSH, S/MIME, and IPsec. Those applications can also use MD5; both MD5 and SHA-1 are descended from MD4. SHA-1 and SHA-2 are the hash algorithms required by law for use in certain U.S. government applications, including use within other cryptographic algorithms and protocols, for the protection of sensitive unclassified information. FIPS PUB 180-1 also encouraged adoption and use of SHA-1 by private and commercial organizations. SHA-1 is being retired from most government uses; the U.S.

X.509

X.509 certificatesX.509 v3certificate-based
In February 2017, a group of researchers produced a SHA-1 collision, demonstrating SHA-1's weakness. PKCS7 (Cryptographic Message Syntax Standard — public keys with proof of identity for signed and/or encrypted message for PKI). Transport Layer Security (TLS) and its predecessor SSL — cryptographic protocols for Internet secure communications. Online Certificate Status Protocol (OCSP) / certificate revocation list (CRL) — this is to check certificate revocation status. PKCS12 (Personal Information Exchange Syntax Standard) — used to store a private key with the appropriate public key certificate. Abstract Syntax Notation One. Certificate policy. Code Access Security.

SHA-2

SHA-256sha256Secure Hash Algorithm 2
The NIST hash function competition selected a new hash function, SHA-3, in 2012. The SHA-3 algorithm is not derived from SHA-2. The SHA-2 hash function is implemented in some widely used security applications and protocols, including TLS and SSL, PGP, SSH, S/MIME, and IPsec. SHA-256 partakes in the process of authenticating Debian software packages and in the DKIM message signing standard; SHA-512 is part of a system to authenticate archival video from the International Criminal Tribunal of the Rwandan genocide. SHA-256 and SHA-512 are proposed for use in DNSSEC. Unix and Linux vendors are moving to using 256- and 512-bit SHA-2 for secure password hashing.

WolfSSL

wolfCrypt
SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3. DTLS 1.0, DTLS 1.2. SSL 2.0 - SSL 2.0 was deprecated (prohibited) in 2011 by RFC 6176. wolfSSL does not support it. SSL 3.0 - SSL 3.0 was deprecated (prohibited) in 2015 by RFC 7568. In response to the POODLE attack, SSL 3.0 has been disabled by default since wolfSSL 3.6.6, but can be enabled with a compile-time option. STSAFE. ATECC508A. Transport Layer Security. Comparison of TLS implementations. Comparison of cryptography libraries. GnuTLS. Network Security Services. OpenSSL. wolfSSL/CyaSSL Homepage. wolfSSL Now With ChaCha20 and Poly1305.

SPDY

SPDY v3
TLS encryption is nearly ubiquitous in SPDY implementations, and transmission headers are gzip- or DEFLATE-compressed by design (in contrast to HTTP, where the headers are sent as human-readable text). Moreover, servers may hint or even push content instead of awaiting individual requests for each resource of a web page. SPDY requires the use of SSL/TLS (with TLS extension ALPN) for security but it also supports operation over plain TCP. The requirement for SSL is for security and to avoid incompatibility when communication is across a proxy. SPDY does not replace HTTP; it modifies the way HTTP requests and responses are sent over the wire.

Tor (anonymity network)

TorTor anonymity networkTor network
As Tor cannot encrypt the traffic between an exit node and the target server, any exit node is in a position to capture traffic passing through it that does not use end-to-end encryption such as Secure Sockets Layer (SSL) or Transport Layer Security (TLS). While this may not inherently breach the anonymity of the source, traffic intercepted in this way by self-selected third parties can expose information about the source in either or both of payload and protocol data.

Website

web sitewebsitesonline
Web pages are accessed and transported with the Hypertext Transfer Protocol (HTTP), which may optionally employ encryption (HTTP Secure, HTTPS) to provide security and privacy for the user. The user's application, often a web browser, renders the page content according to its HTML markup instructions onto a display terminal. Hyperlinking between web pages conveys to the reader the site structure and guides the navigation of the site, which often starts with a home page containing a directory of the site web content. Some websites require user registration or subscription to access content.

CURL

libcurl
The libcurl library can support axTLS, GnuTLS, mbed TLS, NSS, QSOSSL on IBM i, SChannel on Windows, Secure Transport on macOS and iOS, SSL/TLS through OpenSSL, and wolfSSL. cURL is a command-line tool for getting or sending files using URL syntax. Since cURL uses libcurl, it supports a range of common network protocols, currently including HTTP, HTTPS, FTP, FTPS, SCP, SFTP, TFTP, LDAP, DAP, DICT, TELNET, FILE, IMAP, POP3, SMTP and RTSP (the last four only in versions newer than 7.20.0 or 9 February 2010). cURL supports HTTPS and performs SSL certificate verification by default when a secure protocol is specified such as HTTPS.

CrushFTP Server

Encryption is supported for files "at rest" using PGP, as well as for passwords using an MD5 or SHA, SHA512, SHA3, MD4 non-reversible hash. SFTP uses SSH for encryption, and FTPS uses SSL/TLS for encryption. SHA-2 hashing algorithms are supported. Hashes can be salted with random salt values. As April 2018, there has been five published vulnerabilities in CrushFTP. *Comparison of FTP server software DMZ feature to separate Internal and external server interfaces. High availability, session replication, data replication and VIP capabilities. Event based actions to trigger emails. Job scheduler, visual flow designer, manage and move files across protocols.

Forward secrecy

perfect forward secrecyPFSforward secure
In Transport Layer Security (TLS), cipher suites based on Diffie–Hellman key exchange (DHE-RSA, DHE-DSA) and elliptic curve Diffie–Hellman key exchange (ECDHE-RSA, ECDHE-ECDSA) are available. In theory, TLS can choose appropriate ciphers since SSLv3, but in everyday practice many implementations have refused to offer forward secrecy or only provide it with very low encryption grade. OpenSSL supports forward secrecy using elliptic curve Diffie–Hellman since version 1.0, with a computational overhead of approximately 15%. The Signal Protocol uses the Double Ratchet Algorithm to provide forward secrecy.

FFmpeg

SnowlibavformatNUT
HLS, HTTP Live Streaming. IFF. ISO base media file format (including QuickTime, 3GP and MP4). Matroska (including WebM). Maxis XA. MPEG-DASH. MPEG program stream. MPEG transport stream (including AVCHD). MXF, Material eXchange Format, SMPTE 377M. MSN Webcam stream. NUT. Ogg. OMA. RL2. Segment, for creating segmented video streams. Smooth Streaming. TXD. WTV. IETF RFCs. FTP. Gopher. HTTP. HTTPS. RTP. RTSP. SCTP. SDP. SRTP. TCP. TLS. UDP. UDP-Lite. IETF I-Ds:. HLS. SFTP (via libssh). Microsoft OSP. CIFS/SMB (via libsmbclient). MMS over TCP (MS-MMSP) and MMS over HTTP (MS-WMSP). Pro-MPEG Forum:.

World Wide Web

Webthe webweb-based
HyperText Transfer Protocol (HTTP), especially as defined by : HTTP/1.1 and : HTTP Authentication, which specify how the browser and server authenticate each other. Electronic publishing. Internet metaphors. Internet security. Lists of websites. Prestel. Streaming media. Web 2.0. Web development tools. Web literacy. Webgraph. World Wide Telecom Web. The first website. Early archive of the first Web site. Internet Statistics: Growth and Usage of the Web and the Internet. Living Internet A comprehensive history of the Internet, including the World Wide Web. World Wide Web Consortium (W3C). W3C Recommendations Reduce "World Wide Wait".

Index of cryptography articles

Friedman • William Montgomery (cryptographer) • WinSCP • Wired Equivalent Privacy • Wireless Transport Layer Security • Witness-indistinguishable proof • Workshop on Cryptographic Hardware and Embedded Systems • World War I cryptography • World War II cryptography • W. T.