21.03.2013 Views

Problem - Kevin Tafuro

Problem - Kevin Tafuro

Problem - Kevin Tafuro

SHOW MORE
SHOW LESS

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

CryptGetUserKey( ), 245, 247<br />

CryptHashCertificate( ), 545<br />

CryptHashData( ), 276<br />

CryptImportKey( ), 239, 245<br />

CryptoAPI, 66<br />

certificate stores, 532<br />

CRLs, obtaining with, 556–562<br />

design features, 238<br />

extracting raw key data from key<br />

objects, 246–248<br />

key object creation with raw key<br />

data, 244–246<br />

MAC implementations, 275<br />

message authentication via HMAC, 276<br />

public key cryptography issues, 308<br />

symmetric encryption using, 238–244<br />

X.509 certificate verification<br />

using, 530–535<br />

CryptoExportKey( ), 247<br />

cryptographic hash algorithms, 254–258<br />

cryptographic hash functions, 250<br />

algorithms, 254–258<br />

properties, 256–258<br />

collision resistance and one-wayness, 255<br />

desirable characteristics, 254<br />

patents, 256<br />

PRNGs, using as, 588–591<br />

whitening, using for, 613<br />

cryptographic hashes, 269<br />

cryptographic primitives, timing, 150–154<br />

Cryptographic Service Providers (see CSPs)<br />

cryptography<br />

algorithms, comparing, 150–154<br />

CPU clock speed and, 150<br />

elliptic curve cryptography, 308<br />

keys, 117<br />

random symmetric, generating, 119<br />

representation, public vs.<br />

symmetric, 118<br />

machines, comparing, 150<br />

one-time values, 133<br />

public key (see public key cryptography)<br />

symmetric primitives, 117<br />

(see also symmetric cryptography)<br />

CryptReleaseContext( ), 244<br />

CryptSetHashParam( ), 276<br />

CryptSetKeyParam( ), 241<br />

CRYPT_VERIFYCONTEXT flag, 238<br />

CSPs (Cryptographic Service Providers), 238,<br />

244<br />

supported symmetric ciphers, 240<br />

CSS (see cross-site scripting attacks)<br />

CTR (counter) mode, 165, 197–202<br />

high-level API, 198<br />

MACs, conversion into stream ciphers<br />

using, 301<br />

nonce, 198<br />

PKCS #11 compliance, 200<br />

precomputing keystream for, 207<br />

SPC_CTR_CTX data type, 199<br />

CTS (ciphertext stealing) mode, 177<br />

current_stamp( ), 152<br />

entropy gathering, using for, 631<br />

CWC (Carter-Wegman + CTR) mode, 168,<br />

202–205<br />

Brian Gladman’s implementation, 202<br />

in a high-level encryption and decryption<br />

API, 217–221<br />

local_options.h file, 202<br />

precomputing keystream for, 207<br />

cwc_cleanup( ), 205<br />

cwc_decrypt_message( ), 204, 497<br />

cwc_encrypt_message( ), 203<br />

cwc_init( ), 203<br />

This is the Title of the Book, eMatter Edition<br />

Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.<br />

D<br />

d2i API, 354<br />

d2i_X509_CRL_bio( ), 554<br />

DACL (discretionary access control list), 41<br />

Darwin and ELF-based Unix systems, 4<br />

data validation, 72–75<br />

rules for, 72<br />

database connections, securing, 487<br />

MySQL, 488<br />

PostgreSQL, 489<br />

database fields, encrypting, 146<br />

Davies-Meyer algorithm, 257<br />

hash function, creation using, 291–294<br />

AES-128 implementation, 292<br />

Dean, Drew, 17<br />

decryption, parallelizing in modes that allow<br />

it, 208–211<br />

decrypt_within_charset( ), 149<br />

“default deny” rule, 74<br />

defense in depth, 73<br />

delta CRLs, 508<br />

denial of service attacks, prevention, 23<br />

DER (distinguished encoding rules), 352<br />

format, objects convertible to and<br />

from, 355<br />

representation in PEM format, 356<br />

DER_decode_RSA_public( ), 354<br />

Index | 743

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!