Upload
others
View
5
Download
0
Embed Size (px)
Citation preview
11 LiteraturIntemetstandards der IETF, die sogenarmten ,,Request für Comments" (RFC), sind im Internetunter http://w\V\V.ietf.orglrfc.htmlzufinden.KeIlllt man bereits die Nummer des RFCs, z.B.RFC 1234, so kann man auch direkt auf http://w\V\V.ietf.orglrfclrfc1234.txt oderhttp://tools.ietforglhtmllrfc1234 zugreifen. Es wurde daher darauf verzichtet, dieangegebenen RFCs hier noch einmal gesondert aufzuführen.
[B96]
[B97]
[Bac][BauOO]
[3GPP]
[802.11]
[AS02][AST98]
The 3GPP Website: http.Z'www.Sgpp.org.
Information teclmology-Telecommunications and information exchange between
systems-Local and metropolitan area networks-Specific requirements-Part 11:
Wireless LAN Medium Access Contra! (MAC) and Physical Layer (PHY)Specifications. ANSI!IEEE Std 802.11, 1999 Edition.
[S02.11i] IEEE Standard für Information teclmology-Telecommunications and informationexchange between systems-Local and metropolitan area networks-Specific
requirements. Part 11: Wire1ess LAN Medium Access Contro1 (MAC) and PhysicalLayer (PHY) specifications. Amendment 6: Medium Access Contro1 (MAC)Security Enhancements. http://standards.ieee.org/getieee802/do\VJl1oad/802.1li
2004.pdf[ACEC2] Amazon E1astic Compute C10ud (Amazon EC2): http://aws.amazon.com/ec2/
[AES] Federal Information Processing Standards Publication 197, November 26, 2001.Specification for the ADVANCED ENCRYPTION STANDARD (AES)http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
[AGSOS] Andre Adelsbach, Sebastian Gajek and Jörg Schwenk: Phishing - Die Täuschung
des Benutzers zur Preisgabe geheimer Benutzerdaten. 9. Deutscher IT
Sicherheitskongress des BSI, Mai 2005.
AirSnort Homepage: http://airsnort.shmoo.coml.G. Ateniese, M. Steiner and G. Tsudik, Authenticated group key agreement andfriends. 5th ACM Conference on Computer and Communication Security,
November 1998.A. Bal1ardie, Scalab1e multicastkey distribution. IETF RFC 1949, May 1996.
K1aus-C1emens Becker, Design und Analyse von Konferenzschlüsselsystemen.Dissertation Justus-Liebig-Universität Gießen (1996), Shaker Verlag, Aachen 1997.
Adam Back, PGP Timeline. http://www.cypherspace.org/adam/timeline/F. L. Bauer, Entzifferte Geheimnisse. Methoden und Maximen der Kryptologie.
Springer Verlag, 3. Auflage, Heide1berg 2000.[BCD01] Mark Baugher, Ran Canetti, Lakshminath Dondeti, ''Group Key Management
Architecture", RFC 4046.[BD94] M. Bunnester and Y. Desmedt, A secure and efficient conference key distribution
system. Eurocrypt'94, Springer LNCS, pp. 275-288.[BD96] M. Burmester and Y. Desmedt, Efficient and secure conference key distribution.
Cambridge Workshop on Security Protoco1s, Springer LNCS 1189, pp 119-129
(1996).
[BDG88] 1. L. Balcazar, 1. Diaz und 1. Gabarr6, Structural Comp1exity I. Springer Verlag
1988.
251
[BIND9]
[Ble98]
[Bra88]
[BRK95]
[Beu96]
[Beu02]
[Beu09]
[BDL97] D. Boneh, R. A. DeMillo und R. 1. Lipton, On the Importance of Checking
Computations. Proc. Eurocrypt '97 (1997), 37-51.
A. Beute1spacher, Kryptologie. 5. Auflage, Verlag Vieweg, Wiesbaden 1996.
A. Beutelspacher, Kryptologie. 6. Auflage, Verlag Vieweg, Wiesbaden 2002.
A. Beute1spacher, Kryptologie. 9. Auflage, Vieweg+Teubner Verlag, Wiesbaden
2009.
[BGW01] N. Borisov, I. Goldberg und D. Wagner, Intercepting Mobile Communications: The
Insecurity of 802.11. Mobicom 2001,
http://www .isaac. es.berke1ey.edulisaac/mobicom .pdf.
[Bie96] W. Bieser, Sachstand der gesetzlichen Regelung zur digitalen Signatur. In: Digitale
Signaturen, P. Horster (Hrsg.), Vieweg Verlag, Wiesbaden 1996.
[Bih93] Eli Biham, On Modes of Operation. Proceedings of Fast Software Encryption 1,
Cambridge Security Workshop, 1993, Springer LNCS 809.
Berkley Internet Name Domain, Version 9, http://www.isc.org/swlbind .
D. Bleichenbacher "Chosen Ciphertext Attacks against Protoco1s Based on RSAEncryption Standard PKCS #1" in Advances in Cryptology --CRYPTO'98, LNCS
vol. 1462, pages: 1--12,1998. http://www.bell-1abs.com/userIb1eichenlbib.h1m1
[BMSOO] D. Balenson, D. McGrew, A. Shennan: "Key Management for Large Dynamic
Groups: One-Way Function Trees and Amortized Initialization'', Internet Draft,http://www .securemulticast. orgldraft-balenson-gro upkeymgmt-0ft-00 .txt.
[BP82] H. Beker und F. Piper, Cipher Systems. The Protection ofCommunication. North-
wood, London 1982.
G. Brassard, Modem Cryptology. Springer LNCS 325.
A. Bartholome, 1. Rung und H. Kern: Zahlentheorie für Einsteiger. Verlag Vieweg,
Braunschweig und Wiesbaden 1995.
[BRK10] A. Bartholome, 1. Rung und H. Kern: Zahlentheorie für Einsteiger. 7. Auflag,
Vieweg+Teubner Verlag, Wiesbaden 2010.
[BS99] Alex Biryukov, Adi Shamir: Real Time Cryptanalysis ofthe Al1eged A5/1 on a PC
(1999). http://citeseer.ist.psu. edu1biryukov9 9real.h1m1
[BSW01] A. Beute1spacher, J. Schwenk und K.-D. Wo1fenstetter, Modeme Verfahren der
Kryptographie. 4. Auflage 2001, Vieweg Verlag Wiesbaden.
[BSW04] A. Beute1spacher, J. Schwenk und K.-D. Wo1fenstetter, Modeme Verfahren der
Kryptographie. 5. Auflage 2004, Vieweg Verlag Wiesbaden.
[BSW10] A. Beute1spacher, 1. Schwenk und K.-D. Wo1fenstetter, Modeme Verfahren der
Kryptographie. 7. Auflage 2010, Vieweg+Teubner Verlag Wiesbaden, 2010.
[Buc01] 1. Buchmarm, Einführung in die Kryptographie, 2., durchges. u. erw. Aufl.,
Springer-Verlag, 2001.
[BW98] C. Becker and U. Wille, Communication comp1exity of group key distribution.
ACM Conference on Computer and Communication Security, November 1998.
[CBCATT] Moeller, B., "Security of CBC Ciphersuites in SSLffLS: Problems and
Countermeasures", http://www .openssl.org/r-bodo/tls-cbc.txt.
[CERT01] CERT® Advisory CA-2001-04 Unauthentic "Microsoft Corporation" Certificates.
http://www.cert.org/advisories/CA-2001-04.htm1.
[CG399] Crypto-Gram March 15, 1999, http://www.sclmeier.com/crypto-gram-9903.html.
252
[COMP128] Chaos Computer Club e.V.: CCC klont D2 Kundenkarte.
http://www.ccc.de/gsm/.
[DA99] T. Dierks, C. Allen: The TLS Protoco1, Version 1.0 (RFC 2246).
[DeCSS] DeCSS Central, http://\V\V\V.1emuria.org/DeCSS/main.html.
[DES77] FIPS 46, "Data encryption standard", Federal Information Processing Standards
Publication 46, U.S. Departrnent of CommercelNational Bureau of Standards,
National Technical Information Service, Springfie1d, Virginia, 1977 (revised as
FIPS 46-1:1988; FIPS 46-2:1993).
[DH76] W. Diffie und M. E. Hellman, New Directions in Cryptography. IEEE Transactions
on Information Theory, 6, November 1976, 644-654.
[Dif92] W. Diffie, The first ten years ofPublic Key Cryptography. In: Contemporary Cryp
to1ogy: The Science ofInformation Integrity, G. J. Simmons, ed., IEEE Press 1992,
65-134.
[DIVX] DivX Digest. http://www.divx-digest.comlhe1p.htm1
[DK02] H. De1fs und H. Kneb1, Introduction to Cryptography. Springer Verlag, Heide1berg
2002.
[Dob96b] H. Dobbertin, ''Cryptanalysis of MD4", D. Gollmarm, editor, Fast Software
Encryption, Third International Workshop (LNCS 1039),53-69, Springer-Verlag,
1996.
[Dob96] H. Dobbertin, Welche Hash-Funktionen sind für digitale Signaturen geeignet? In:
Digitale Signaturen, P. Horster (Hrsg.), Vieweg Verlag, Wiesbaden 1996.
[Dob96a] H. Dobbertin, Cryptanalysis of MD5 Compress.
http:// citeseer.ist.psu. edul dobbertin96cryptanalysis.h1m1 .
[DOW92] W. Diffie, P.c. van Oorschot and M. J. Wiener, Authentication and authenticated
key exchanges. Designs, Codes and Cryptography, 2, 107-125 (1992)
[DRMDE] http://www.digital-rights-management.del.
[DTD] Document Type Defmition. http://www.w3.org/Consortium/siteindex.htm1#D.
[DVDRip] http://de.wikipedia.org/wikiIDVD-Rip
[EFF99] Cracking DES. E1ectronic Frontier Foundation. http://w2.eff.org/Privacy/
Crypto/Crypto_misclD ESCracker1HTML/19980716_eff_ descracker---'pressrel.htm1
[E1G85] T. E1Gamal, A Public Key Cryptosystem and a Signature Scheme based on
Diskrete Logarithms. IEEE Trans. on Information Theory, Vol. IT-31 (1985),469
472.
[Ethereal] Ethereal: Sniffmg the glue that ho1ds the Internet together.
http://www.ethereal.coml. Projekt wird weitergeführt unter [Wireshark].
[FIPS91] FIPS PUB 186, Digital Signature Standard. Federal Information Processing
Standard, National Institute of Standards and Technology, US Departrnent of
Commerce, Washington D. C. (1994).
[FKK96] A1an o. Freier, Philip Karlton, Paul C. Kocher: The SSL Protoco1, Version 3.0.http://to ols.i etf.orglhtmlldraft -ietf-tls -ssl-versi on3 -00.
[FMSOl] S. F1uhrer, I. Mantin und A. Shamir, Weaknesses in Key Scheduling ofRC4. Eight
Annual Worshop on Se1ected Areas in Cryptography, August 2001.
http.z/www.drizzle.come-ab 0 ball EEElrc4 _ksaproc. pdf.
253
[IMC][IPSec]
[Hor85]
[HuiOO][IDRM][IKEv2]
[IM02]
[FR94] W. Fumy und H. P. Ries, Kryptographie. Oldenbourg Verlag, 2. Auflage, München
1994.[G04] Gieben, Miek: DNSSEC: The Protocol, Deployment, and a Bit 0/ Development.
Internet Protocol Journal Vol. 7 No. 2, June 2004, pp. 17-28.[GJKS10] S. Gajek, M. Jensen, F. Kohlar, 1. Schwenk: Secure Bindings o/SAA1L Assertions
to TLS Sessions. Proceedings ofthe Fifth International Conference on Availability,Reliability and Security (ARES), Krakow, Poland., February 2010
[GLS07] Sebastian Gajek, Lijun Liao und Jörg Schwenk: Signieren mit Chipkartensystemenin unsicheren Umgebungen - Homebanking mit Secure HBCIIFinTS. Datenschutz
und Datensicherheit, 1112007[GP09] Ulrich Greveler und Christian Puls: Über den Aufwand, Malware auf einem
privaten PC zu installieren - Wie einfach lassen sich Virenscarmer und Personal
Firewalls umgehen? 11. Deutscher IT-Sicherheitskongress: Sichere Wege in dervernetzen Welt, SecuMedia, Mai 2009. ISBN 978-3-922746-97-3
[GSSX09] 3.Sebastian Gajek, Jörg Schwenk, Michael Steiner and Chen Xuan. Risks of the
CardSpace Protocol. In Proceedings of the 12th Information Security Conference
(ISC'09), volume 5735 ofLNCS, pages 278-294. Springer, 2009.[HH99] Hugh Hamey, Eric Harder: "Logical Key Hierarchy Protocol'', Internet Draft, draft
hamey-sparta-lkhp-sec-OO.txt, March, 1999.
[Hil101] Joshua Hin: An Analysis of the RADIUS Authentication Protocol.http://www.untruth. orgl~j osh/securitylradi us/radi us-auth .html
[His99] History ofPGP. http://www.geocities.com/openpgplhistory.htm[HMP95] P. Horster, V. Michels und H. Petersen, Das Meta-ElGamal Signaturverfahren und
seine Anwendungen. Proc. VIS'95, Vieweg Verlag, Wiesbaden 1995, 207-228.[HMR96] H. Hamey, C. Muckenhirn and T. Rivers, Group key management protocol (gkmp)
architecture. IETF Draft, 1996.[HN98] Johan Hästad Mats Näslund: The Security of Individual RSA Bits. FOCS
1998:510-521.
[Ho103] John Holmblad, The Evolving Threats to the Availability and Security of the
Domain Name Service. SANS Institute 2003, www.sans.org.P. Horster, Kryptologie. BI-Verlag, Mannheim 1985.
C. Huitema, IPv6, die neue Generation. Addison-Wesley, München 2000 .Internet Digital Rights Management (IDRM), http://www.idnn.orgl.Internet Key Exchange (IKEv2) Protocol. RFC 4306 .
Security in a Web Services Wor1d: A Proposed Architecture and Roadmap. A jointsecurity whitepaper from IBM Corporation and Microsoft Corporation. April 7,
2002, Version 1.0. http://www-106.ibm.com/developerworks/webservicesllibrary/ws-secmapl oder http://msdn.microsoft.com/en-usllibraryIms977312.aspx
Internet Mai1 Consortium, http://www.imc.org.IPSec Working Group (ipsec). http://www.ietf.orglhtml.charters/OLD/ipsec
charter.h1ml[IS08824-1] Information Technology - Abstract Syntax Notation One (ASN. 1): Specification
of Basic Notation. { International Standard ITU-T Rec. X.680 (1997) j ISO!lEC8824-1:1998.
254
http://www.itu.intlreclrecommendation.asp?type=folders&lang=e&parent=T-REC
X.680.[IS08825-1] Information technology - ASN.l encoding rules: Specification of Basic
Encoding Rules (BER), Canonical Encoding Rules (CER) and DistinguishedEncoding Rules (DER). ( International Standard ITU-T Rec. X690 (1997) jISOIIEC 8825-1: 1998. http://www.itu.intlreclrecommendation.asp?type=folders&lang=e&parent=T-REC-X.690.
[ITW82] I. Ingemarsson, D. Tang and C. Wong, A conference key distribution system. IEEETransactions on Information Theory 28/5, September 1982.
[Kaminski08] Dan Kaminski: This is the end ofthe cache as we know it. Black Hat 2008.[KL07] Jonathan Katz and Yehuda Lindell, Introduction to Modern Cryptography.
Chapman & HalllCRC Press 2007.[Kli05] Vlastimil Klima: Finding MD5 Collisions on a Notebook PC Using Multi-message
Modifications, March 31, 2005, IACR ePrint archive, Report 20051102, 3rd Int.Conference Security and Protection of Information 2005, Bmo, Czech Republic,
May 3 - 5, 2005.[KPR03] Klima, V., Pokomy, 0., Rosa, T., "Attacking RSA-based Sessions in SSLffLS",
http://eprint.iacr.org/2003/052/, March 2003.[KNT91] John T. Kohl, B. Clifford Neuman, Theodore Y. Ts'o, The Evolution of the
Kerberos Authentication Service. Proc. 1991 EurOpen Conference, Tromse,Norway.
[KPTOO] Yongdae Kim , Adrian Perrig und Gene Tsudik, Simple and Fault-Tolerant Key
Agreement for Dynamic Collaborative Groups. Proc. Computer and Comm.Security, Athen 2000.
[KROO] Vlastimil Klima und Tomas Rosa: Attack on Private Signature Keys of theOpenPGP format, PGP TM programs and other applications compatible withOpenPGP, http://eprint.iacr.orgI2002/076.pdf
[KR95] B. Kaliski and M. Robshaw, The Secure Use of RSA. CryptoBytes Vol. 1 No.3 ,
RSA Laboratories, Autumn 1995.[KROO] David P. Kormann and Aviel D. Rubin, Risks of the Passport Single Signon
Protocol. Computer Networks, Elsevier Science Press, volume 33, pages 51-58,2000.
[Kra86] E. Kranakis, Primality and Cryptography. Teubner Verlag, Stuttgart 1986.
[Kra96] Krawczyk, H., "SKEME: A Versatile Secure Key Exchange Mechanism forInternet", from IEEE Proceedings of the 1996 Symposium on Network and
Distributed Systems Security.[KSTW07] Karlof, C"; Shankar, U.; Tygar, J. D.; Wagner, D.: Dynamic phanning attacks and
locked same-origin policies for web browsers, CCS '07: Proceedings of the 14thACM conference on Computer and communications security, ACM, 2007, 58-71
[L99] LOpht Heavy Indus1ries, Inc., LOphtcrack, 1999,http://www.atstake.com/productsllc/acrobaUatstake_lc5 .pdf (nicht mehr verfügbar).
[Lan06] Langweg, H.: Malware attacks on electronic signatures revisited. Sicherheit2006.Konferenzband der 3. Jahrestagung Fachbereich Sicherheit der Gesellschaftfür Informatik S. 244-255 .
255
[LS07] H. Langweg, 1. Schwenk: Schutz von FinTS/HBCI-Clients gegenüber Malware. D
A-CH Sicherheit, 2007.[Mat97] M. Matsui, New Block Encryption Algorithm MISTY. Proc. 4th Int. Workshop on
Fast Software Encryption. LNCS 1267, S. 54-68, Springer Verlag 1997.[Mer78] Re. MERKLE, "Secure communications over msecure channels",
Communications ofthe ACM, 21 (1978), 294-299.[MOV97]A. J. Menezes, P. C. van Oorschot und S. A. Vanstone, Handbook of Applied
Cryptography. CRC Press, New York 1997.[MOV01]A. J. Menezes, P. C. van Oorschot und S. A. Vanstone, Handbook of Applied
Cryptography. 5. Auflage, CRC Press, New York 2001.[MS01] A. Meller und M. I. Schwar1zbach, DTD, XML Schema, and DSD.
http://www.brics.dk/~amoellerIXMLlschemas/.
[MS07] K.-H. B. Chris Masone and S. Smith. Wske: Web server key enabled cookies. InProceedings ofUsable Security 2007 (USEC 07), 2007.
[MS98] B. Sehneier and Mudge, Cryptanalysis of Microsoft's Point-to-Point TunnelingProtocol (PPTP) . Proceedings ofthe 5th ACM Conference on Communications and
Computer Security, ACM Press, pp. 132-141. http://www.sclmeieI.com/pptp.html)[MSAC] Microsoft Authentieode http://msdn.microsoft.com/de-
de~ibrary/msl72240(VS.80).aspx[MSEC] Multicast SECurity Group. http://www.ietforglhtml.charters/msec-charter.html[Multicast] Deutsche MBONE Informationsseite. http://www.mbone.de/(vorübergehend
außer Betrieb, vgl. auch http://en.vvikipedia.org/vviki/Mbone).[NIST01] National Institute of Standards and Technology, Advanced Encryption Standard
(AES). http://csrc.nist.gov/publications/fips/fipsI97/fips-197.pdf
[NR96] K. Nyberg und R Rueppel, Message Recovery for Signature Schemes Based on the
Discrete Logarithm Problem. Designs, Codes and Cryptography, 7, 61-81 (1996).[NS78] R M. Needham und M. D. Schroeder, Using Encryption for Authentication in
Large Networks ofComputers. Comm. ACM Vol. 21 NI. 12 (1978), 993-999.[NSOS] Netscape Object Signing. http://docs.sun.com/source/816-6171-10/ovvp.h1m.
[OASIS] Organization for the Advancement of Structured Information Standards.http://www .oasis-open.org
[098] H. Orman, The OAKLEY key determination protocol. IETF RFC 2412, November1998.
[OpenSSL] OpenSSL. http://www.openssl.orgl.
[P99] A. Perrig. Efficient collaborative key management protocols for secure autonomousgroup communication. In CrypTEC '99, pages 192-202,1999.
[PCBTS01]Perrig, Canetti, Briscoe, Tygar, Song: ''TESLA: Multicast Source AuthenticationTransform", RFC 4082.
[PeT95] 1. Benaloh, B. Lampson, D. Simon, T. Spies, B. Yee: The Private CommunicationTechnology (PeT) Protocol. http://tools.ietforglhtmlldraft-benaloh-pct-OO.
[PGP] PGPTM Corporation, http://www.pgp.com.
[PGPdump] PGPdump Web Interface. http://www.pgpdump.net!.
[PGPi] PGP International Homepage, http://www.pgpi.org.[PKCS] Public-Key Cryptography Standards. http://www.rsasecurity.comlrsalabs/pkcsl.
256
[PKIX] IETF Public-Key Infrastructure (X.509) (pkix) Working Group:
http://www.ietf.orgihtml.charters/pkix-charter.htm1.
[PSMOl] s. Pütz, R. Schmitz und T. Martin, Security Mechanisms in UMTS. Datenschutz
und Datensicherheit 25 (2001).[PTW07] Erik Tews, Ralf-Philipp Weinmann, und Andrei Pyshkin: Breaking 104 bit WEP in
less than 60 seconds. http://eprint.iacr.orgI20071120.pdf
[PVOl] J. Posegga und S. Vetter, Wireless Internet Security. Informatik Spektrum Band 24
Heft 6, Dezember 2001, S. 383-386.[PW02] B. Pfitzmann und M. Waidner, BBAE - A General Protocol für Browser-based
Attribute Exchange. IBM Research Report RZ 3455 (# 93800) (2002).[RC4] RC4. http://www.wisdom.weizmarm.ac.i1l~itsik!RC4Irc4.html.
[RealDRM] Real Networks Digital Rights Management.
http://docs.real.com/docs/dnn/DRM_WPl.pdf.
[RFC NNNN] http://www.ietf.orgirfc/rfcNNNN.txt
[RIPEMD] H. Dobbertin, A. Bosselaers, and B. Preneel, "RIPEMD-160: A strengthened
version of RIPEMD", Fast Software Encryption, LNCS Vol 1039, pp. 71-82.
http://www.esat.kuleuven.ac.bel~bosselae/ripemd 160.html.
[RR04] Jothy Rosenberg und David Remy, Securing Web Services with WS Security. Sams
Publishing, Indianapolis, USA, 2004.
[RSA] RSA Security. http://www.rsasecurity.com/.
[RSA78] R. Rivest, A. Shamir und L. Adleman, A Method for Obtaining Digital Signatures
and Public Key Cryptosystems. Comm. ACM, Vol. 21, NI. 2 (1978),120-126.
[Rue86] R. Rueppel, Analysis and Design ofStream Ciphers. Springer Verlag Berlin 1986.
[S98] 1. Schwenk, Verfahren zum Etablieren eines gemeinsamen kryptografischen
Schlüssels für n Teilnehmer, Patentantrag DE 198 47 941 (1998).
[Sal90] A. Salomaa, Public-Key Cryptography. Springer Verlag Berlin Heidelberg 1990.
[SAML] Security Assertion Markup Language (SAML) 2.0. http://saml.xml.org/saml
specifications
[SaS95] K. Sakurai and H. Shizuya, Relationships among the Computational Powers of
Breaking Discrete Log Cryptosystems. EUROCRYPT'95, Springer LNCS 921,pp.341-355.
[Sch96] B. Schneier, Angewandte Kryptographie. 5. Auflage, Addison-Wesley, Bonn 1996.
[Sclm90] C. P. Schnorr, Efficient Identification and Signature Schemes for Smart Cards.CRYPTO ·89, Springer LNCS 435 (1990), 239-251.
[Sclm96] B. Schneier, Angewandte Kryptographie. Addison-Wesley, Bonn 1996.
[Selflitrnl] http://de.selflitrnl.orgl.
[SenOO] RalfSenderek, Key-Experiments: How PGP Deals With Manipulated Keys. August
2000, http://senderek.de/securitylkey-experiments.html.
[SHA93] ANSI X9.30 (PART 2), "American National Standard for Financial Services
Public key cryptography using irreversible algorithms for the financial services
industry - Part 2: The secure hash algorithm (SHA)", ASC X9 Secretariat
American Bankers Association, 1993. http://www.itl.nist.gov/fipspubs/fipI80
lhtm.
257
[SHA02] Federal Information Processing Standards Publication 180-2. 2002 August 1.
Armouncing the SECURE HASH STANDARDhttp://csrc .nist.gov/publi cations/ fips/fips180-2/fips180-2.pdf
[Sha07] Hovav Shacham. The geometry of innocent flesh on the bone: Return-into-libcwithout function cal1s (on the x86). In Sabrina De Capitani di Vimercati and Pau1
Syverson, editors, Proceedings of CCS 2007, pages 552-61. ACM Press, October2007.
[SigG01] Gesetz über Rahmenbedingungen für elektronische Signaturen und zur Änderungweiterer Vorschriften. \V\Vw.dud.de/dudldocuments/siggO 10214.pdf
[SigG97] Gesetz zur digitalen Signatur (Signaturgesetz - SigG). Bundesgesetzblatt I S. 1870,1872 in der Version von 2001 unter http.z/www.gesetze-im-
internet.de/sigg_200 1/index.h1m1verfüg bar.
[SigV97] Verordnung zur digitalen Signatur (Signaturverordnung SigV)http.z/www.ecombase.deNerordnung-Digitale-Signatur-SIGV-2009 .php; in der
Version von 2001 unter http://\V\Vw.gesetze-im-internet.de/sigv_2001/index.htm1.
[Sim92] G. J. Simmons (Hrsg.), Contemporary Crypto1ogy. IEEE Press 1992.
[SKIP] A. Aziz, T. Markson und H. Prafullchandra: Simple Key Management for InternetProtoco1s (SKIP). http://w\V\V.skip-vpn.org/spec/SKIP.htm1(Link nicht mehr
verfügbar).[Sle01] Mark Slemko, Microsoft Passport to Trouble. http.z/alive.znep.com/crnarcs/
passport!.
[SM98] B. Sehneier and Mudge, Cryptanalysis of Microsoft's Point-to-Point TunnelingProtoco1 (PPTP). Proceedings ofthe 5th ACM Conference on Communications and
Computer Security, ACM Press, November 1998 http.Zwww.schneier.corn/paperpptp.html .
[SMIME] S/MIMEMail Security (smime). http://w\V\V.ietf.orglhtml.charters/smimecharter.h1m1 .
[SMSOl] 1. Schwenk, T. Martin und R. Schaffelhofer, Tree based Key Agreement forMulticast. Proc. Communications and Multimedia Security 2001, Mai 2001,
Dannstadt.[SMUG] Secure Multicast Group. http://\V\Vw.securemulticast.org/smug-index.htm .
[SMW99]B. Schneier, Mudge und D. Wagner, ''Cryptanalysis of Microsoft's PPTPAuthentication Extensions (MS-CHAPv2). Proc. of CQRE: InternationalExhibition and Congress on Secure Networking (1999).http://\V\Vw.sclmeier.com/paper-pptpv2.h1m1 .
[SOAP] SOAP Version 1.2. http.z/www.wß.org/Züüä/ws/.
[SOAPSig] SOAP Security Extensions: Digital Signature. http://w\V\V.w3.orgffRiSOAPdsigl.
[Som02] S. Somogyi, PGP is dead! Long live PGP? Maybe. ZDNet, 5.3.2002,http://zdnet.com.comI2100-1107-851515.htrnl.
[SpiOO] Der Spiegel, 11. Juni 2001. http://\V\Vw.spiegel.de/spiegellO,1518,138702,00.html.[S-RTP] Secure Real Time Protocol. RFC 3711.
258
Generation.
Presentations.
Next
&
The
Notes
SSL Protoco1 (2.0). http://too1s.ietf.orgih1mlldraft
http.z/www.mozilla. org/proj ects/security/pki/nss/ssll
[Sti95][STS92]
[TLS]
[TCG]
[TieOl]
[SSL2] Kipp E.B. Hickman: Thehickman-nets cape-s sI-OO;
draft02.htmL
[SSL3] Alan o. Freier, Philip Karlton, Paul C. Kocher, The SSL Protocol Version 3.0.Internet Draft, March 1996. http://tools.ietf.orglhtmlldraft-ietf-tls-ssl-version3-00.
[SS LStrip] http://\V\Vw.thoughtcrime.org/software/sslstrip/.
[Ste99] Frank A. Stevens Oll, Cryptanalysis ofContents Scrambling System. 8th November
1999. http://\V\Vw.derfrosch.de/decss.html.
[Ste02] Joe Stewart, DNS Cache Poisoning
http://www.1urhq.com/cachepoisoning.html.D. R. Stinson, Cryptography. CRC Press Boca Raton, London, Tokyo 1995.W. Diffie, P.c. Van Oorschot, and M.l. Wiener, "Authentication and Authenticated
Key Exchanges," in Designs, Codes and Cryptography, Kluwer AcademicPublishers, 1992, pp. 107
[STW96] M. Steiner, G. Tsudik and M. Waidner, Diffie-Hellman key distribution extended togroups . ACM Conference on Computer and Communication Security, pp 31-37,
March 1996.[STW98] M. Steiner, G. Tsudik and M. Waidner, CLIQUES: A new approach to group key
agreement. IEEE International Conference on Distributed Computing Systems,May 1998.
[Tan01] Andrew S. Tanenbaum, Modem Operating Systems (2nd ed.). Prentice Hall
International, London 2001.[Tan02] Andrew S. Tanenbaum, Computer Networks (4th ed.). Prenlice Hall International,
London 2002.Trusted Computing Group. http://w\V\V.trustedcomputinggroup.org.
Robert 1. Tiess, Simple Sampie DTD/XML 1.0 Generator, 2001.http://rtiess.tripod.com/dtdxm1.htm (nicht mehr verfügbar).
IETF Transport Layer Security (tls) working group, The TLS Protoco1 Version 1.0(RFC 2246). http.z/www.ietf.orgih1m1.charters/tls-charter.html.
[TPG] Trusted Computing Group. https://\V\Vw.trustedcomputinggroup.org[UDDI] Universal Description, Discovery and Integration (UDDI). http.z/www.uddi.org.
[USPAT] United States Patent and Trademark Office . http://patft.uspto.govl.[VPNC] Virtual Private Network Consortium. http://w\V\V.vpnc.org/vpn-standards.h1m1.[W3C] WWW Consortium. http.z/www.wß.org.
[W3CDRM] W3C DRM 2001 Workshophttp.z/www.w3.orgI2000/12/dnn-ws/minutes/.
[WC02] WEPCrack. http://sourceforge.netlprojects/wepcrack.[Wireshark] http.z/www.wireshark.org/[WSDL] Web Service Description Language 2.0. http.z/www.wß.org/Züüä/ws/.
[WSFed] Web Services Federation Language (WS-Federation), 08 July 2003, Updated 29May 2007. http://w\V\V.ibm.com/developerworksllibrary/specification/ws-fed!
[WSSC] WS-SecureConversation 1.3. http://docs.oasis-open.org/ws-sxlws-
secureconversation/200512/ws-secureconversation-1.3-os .pdf
259
[WSSec] Web Services Security: SOAP Message Security 1.1 (\VS-Security 2004).http://www.oasis-open.org/committees/download.php/16790/wss-vLl-spec-os
SOAPMessageSecurity.pdf[WSP] Web Services Policy 1.5 - Framework. http://www.w3.orgffR/2007/REC-ws
policy-20070904/
[WSSP] WS-SecurityPolicy 1.2. http://docs.oasis-open.org/ws-sxlws-securitypolicy/200702/ws-securitypolicy-l.2-spec-os .pdf
[WSTr] WS-Trust 1.3. http://docs.oasis-open.org/ws-sxlws-trust/200512/ws-trust-l.3-
os.pdf
[X.500] ITU-T Recommendation X500 (1997) I ISO/IEC 9594-1:1997, Informationtechnology - Open Systems Interconnection - The Directory: Overview of concepts,
models and services
[X.501] ITU-T Recommendation X501 (1997) I ISO/IEC 9594-2:1997, Informationtechnology - Open Systems Interconnection - The Directory: Models
[X.509] ITU-T Recommendation X509 (1997) I ISO/IEC 9594-8:1997, Informationtechnology - Open Systems Interconnection - The Directory: Authentication
framework[X.520] ITU-T Recommendation X520 (1997) I ISO/IEC 9594-6:1997, Information
technology - Open Systems Interconnection - The Directory: Selected attribute
types.[XMLI0] XML in 10 Points. http://www.w3.org/XML/1999/XML-in-l0-points
[XMLCan] Canonical XML Version 1.0. http://www.w3.orgffR/2001lREC-xml-c14n-
20010315.
[XMLEnc] XML Encryption WG. http://www.w3.org/Encryption/2001l[XMLEnc2] XML Encryption Syntax and Processing. http://www.w3.orgffR/xmlenc-corel.
[XMLKey] XML Key Management WG. http://www.w3.orgI2001IXKMSI.[XMLPro] XML Protocol Comparisons. http://www.w3.orgI2000/03129-XML-protocol
matrix[XMLSchema] XML Schema. http://www.w3.org/XML/Schema.
[XMLSig] XML Signature WG. http://www.w3.org/Signature/, https:l/www.ietforg/html.charters/xmldsig-charter.html.
[Zal09] Michal Zalewski, Browser Security Handbook.http://code.google.com/plbrowsersec/wikilMain
Verwendete Abkürzungen:FOCS : IEEE Symposium on the Foundations ofComputer Science
IETF: Internet Engineering Task ForceJCSS: Journal ofComputer and System Seiences
LNCS: Lecture Notes in Computer ScienceSTOC: ACM Symposium on the Theory ofComputing
260
12 IndexAAA 179Abs tract S)11ta."( No tatio n One 74Acti ve-X 24 5Advanced Encry ption Standard 8AES 8AH 134AH/ESP -Mo dul 129AKA 170Aktive Angriffe 4Ano nymität 6Anwendungsebene 29ASN . I 74Asymmetrische Kryptographie 13Authentication Header 134Authentication, Authorization and
Accounting 179Authen tizität 6Auxil iary Key Ag reeme nt 170Base ö-l 62Basic Encoding Rules 74BER 74B[ND [96, [99Blockchi ffre 8Body 44Burmester-Desmedt-Protokoll 169CA 24CBC 9CBC-MAC 12ccTLD 195CertificatIVerify 21Certi ficate Revocation List 27Certification Authority 24CFB 9Challenge-and-Respo nse 20, 178, 190Chosen Ciphertext 252Cipher Block Chain ing-Modus 9Cipher Feedback-Modu s 9clear-signed 68Client-initiierter Tunn el 180CMS 74Code Signa tur 245Computerviren 243Computerw urm 243Conditional Access -Sys tem 162Cookie 140Cookies 229CRL 27, 73Cryptographic Message Syntax 74Curnulative Trust 40
CW 162Data Encryption Standard 8Denia l-o f-Servi ce 140Denial-of-Service-Angriffe 5DES 8Diffi e-Hellrnan 14Digital Signa/ure Standard J7digital e Signatur 13DNS 85, [95
Iterative Abtrage 201Rekursive Abfrage 201
DNS Cache Poisoning 201DNS Poisoning 5DNS Spoofing 20 1DNSSEC 205
DNS KEY -RR 209DS-RR 2[ [NSEC-RR 2[ [RRS[G-RR 209
net [49Domai n 196Domai n Name Sys tem 195Domain of lnterpretation 149DoS [40DTD 220ECB 9EC M 162Einwegeigenschaft 11Einwegfunktion 15Ek(m) 8E1ectronic Codebook-Modus 9E1Gamal
Signatur 17Versc hlüsselung 16
E-Mai l 59Body 59Header 59
Encapsul ation Security Payload 136Entitlement Control Message 162ESP 136eXtended Markup Langnage 2 16Fault Anal ysis 55FQDN [97fully qual ified domain names 197GC KS [65GnuPG 36GPRS [90Group Controller and Key Server 165Gruppen-MAC 166
261
GSM 189Hashfunktion 11HBCI 243Reader 44HMAC 12,106HTML 84HTTP 84HTIP-Authentikation
Basic 86Digest Access 87
Hypertext Markup Language 84Hypertext Transfer Protocol 84IDH 171IEEE 802.11 187IGMP 159IKA 170IKE 139,150
Phase 1 150Phase 2 154
IMAP 59,81Initial Key Agreement 170Initialisierungsvektor 9Initiator 144Internet 1Internet Group Management Protocol 159Internet Key Exchange 139,150Internet Message Access Protocol 59Internet Protocol 124Internet Security Association and Key
Management Protocol 147IP 2, 124IP Multicast 159IP Security 128IP Spoofing 5IPSec 128IPv4 124
Reader 125IPv6 125ISAKMP 147
Reader 149Payload-Header 149Phase 1 147Phase 2 147
Iteriertes Diffie-Hellman-Verfahren 171ITW -Protokoll 168IV 9Java-Applet 245Kerberos 20, 226Known Plaintext-Attacke 10Kollisionsresistenz 11Kontrollwort 162
262
Kryptographie 6kryptographische Protokolle 19L2TP 181Layer 2 Forwarding 181Layer 2 Tunneling Protoco1 181Live-Streaming 160LKH 165Logical Key Hierachy 165MAC 12Man-in-the-middle 22MDS 12Message Authentication Code 12Microsoft Authentieode 246MIME 60
Base64 62Content-Transfer-Encoding 61Content-Type 61Quoted-printab1e 61
MS Passport 225MSEC 165Mu1tipurpose Internet Mai1 Extensions 60NAS-initiierter Tunnel 181NAT 157NAT Traversal 157Netscape Object Signing 247Network Address Translation 157Network Associates 37OAKLEY 143OCSP 28,73OFB 9öffentlicher Schlüssel 13One Time Password 20One-Time Pad 9Online Certificate Status Protoco1 28opaque-signed 68OpenPGP 36,80OSI-Schichtenmodell 1Output Feedback-Modus 9Passive Angriffe 4Pay-TV 161PCT 92PEM 78Perfeet Forward Secrecy 139PFS 139PGP 29PGPDisk 42PGPkeys 41PGP-Nachrichten 44PGPNet 43PGP-Paketen 44PGPToo1s 37
PGPWipe 43Photuris 140PKCS 65PKCS#7 74PKI24PKIX 26Point to Point Protoco1 176Point-to-Point Tunneling Protoco1 181POP 59POP3 80Port Scans 5Post Office Protoco1 59PPP 176PPP-Authentisierung
CHAP 178PAP 178
PPTP 181Pretty Good Privacy 29Privacy Enhanced Mai1 78Private Communication Techno1ogy 92privater Schlüssel 13Pseudozufal1sfo1ge 11Public Key Cryptography Standards 65Public Key Infrastruktur 24Public-Key Kryptographie 13pubring.pkr 40RADIUS 179RC4 11Redirect 231Remote Authentication Dial-In User
Service 179Rep1ay-Attacke 21Reso1ver 199Resource Record Set 198Resource Records 197Responder 144RFC 821 59RFC 822 59RIPEMD-160 12Root 24Root Cert:ificate 24RR 197RRSet 198RSA 15,252S!MIME 63
Schlüsselmanagement 71SA 129SAD 129SAML 241Satz von Euler 15Schieberegister 11
Schlüssel 7Schlüsselhierarchie 164Schlüssellänge
asymmetrisch 15Scrambling 162secring.skr 40Seeure Socket Layer 92Secure- HTTP 88Security Association 129Security Association Database 129Security Parameters Index 129Security Policy Database 130SHA-l 12S-HTTP 88Sicherungsschicht 176Simple Key Management for Internet
Protoco1s 126SimpleMail Transfer Protoco1 59SKEME 142SKIP 126SMTP 59SOAP 237Son ofIKE 156SPD 130SPI 129SSL 92
Alert 98Bestandteile 93CertificateRequest 105CertificateVerify 105ChangeCipherSpec 98,104Ciphersuite 102ClientCert:ificate 105ClientHello 100ClientKeyExchange 103Finished 104Framespoofing 114Handshake 95,99Million Question Attack 111Record Layer 93ServerHello 101ServerHelloDone 103
SSL 2.0 91SSL 3.0 92SSL 3.1 105Station-to-Station-Protokoll 139Strom chiffren 9STS-Protokoll 139symmetrische Kryptographie 7Tag 44TCP 2,84
263
TCpnP-Pakel 3TCPIIP-Schichtenm odell 1TCP-Verhindungsaufbau 5TLD 195,1 96T LS 105
Ciphersuites 109PRF 106
Top Level Domains 195Top Level-Domains 196Transport Layer Security 105Transponcrnodus 132Trojanisches Pferd 243TSIG 2 15Tunnelmodus 132UDm 237UDP 2UMTS 191U semame/Password 19Verschlüsselung
asymmetrisch 13hybride 18symmetrische 7
Vertraulichkeit 6virtuelles privates Netz 131VPN 131W3C 2 16Web of Tru st 40WEP 187Wired Equivalent Privac y 187Wire less LAN 187
264
WLAN 187Wor1d Wid e Web 84WS-Authorization 240WSDL 237WS -Federation 240WS-Privacy 240WS-SecureConversation 240WS-Security 238WS-SecurityPolicy 239WS-Tru st 240W urzelinstanz 24Wurzel-Zertifikat 24WWW 84WWW-Konsortium 216X.509 22XACML 241XML 216
DTD 217Schlüsselmanagement 224XML Schema 218
XML Schema 220XML-Signature 220
Detached Signature 221Enveloped Signature 221Enveloping Signa ture 221
XML-Verschlüsselung 223XrM L 24 1XS LT 219Zertifikate 22,44Zone 196