Strong cryptography

<h2 id="background">Background</h2>
The level of expense required for strong cryptography originally restricted its use to the government and military agencies,<a class="footnote-ref" id="fnref:11" href="#fn:11">11</a> until the middle of the 20th century the process of encryption required a lot of human labor and errors (preventing the decryption) were very common, so only a small share of written information could have been encrypted.<a class="footnote-ref" id="fnref:12" href="#fn:12">12</a> US government, in particular, was able to keep a monopoly on the development and use of cryptography in the US into the 1960s.<a class="footnote-ref" id="fnref:13" href="#fn:13">13</a> In the 1970, the increased availability of powerful computers and unclassified research breakthroughs (<a href="/facts/Data_Encryption_Standard/STfBjTGb">Data Encryption Standard</a>, the <a href="/facts/Diffie-Hellman/xR4YQcaD">Diffie-Hellman</a> and <a href="/facts/RSA_(algorithm)/XTzyfHuq">RSA</a> algorithms) made strong cryptography available for civilian use.<a class="footnote-ref" id="fnref:14" href="#fn:14">14</a> Mid-1990s saw the worldwide proliferation of knowledge and tools for strong cryptography.<a class="footnote-ref" id="fnref:15" href="#fn:15">15</a> By the 21st century the technical limitations were gone, although the majority of the communication were still unencrypted.<a class="footnote-ref" id="fnref:16" href="#fn:16">16</a> At the same the cost of building and running systems with strong cryptography became roughly the same as the one for the weak cryptography.<a class="footnote-ref" id="fnref:17" href="#fn:17">17</a>
The use of computers changed the process of cryptanalysis, famously with <a href="/facts/Bletchley_Park/ID0B04WB">Bletchley Park</a>'s <a href="/facts/Colossus_computer/pbkHLPwp">Colossus</a>. But just as the development of digital computers and electronics helped in cryptanalysis, it also made possible much more complex ciphers. It is typically the case that use of a quality cipher is very efficient, while breaking it requires an effort many orders of magnitude larger - making cryptanalysis so inefficient and impractical as to be effectively impossible.

<h2 id="cryptographically-strong-algorithms">Cryptographically strong algorithms</h2>

This term "cryptographically strong" is often used to describe an <a href="/facts/Encryption/16q29Fdv">encryption</a> <a href="/facts/Algorithm/fnl5NmRt">algorithm</a>, and implies, in comparison to some other algorithm (which is thus cryptographically weak), greater resistance to attack. But it can also be used to describe hashing and unique identifier and filename creation algorithms. See for example the description of the Microsoft .NET runtime library function Path.GetRandomFileName.<a class="footnote-ref" id="fnref:18" href="#fn:18">18</a> In this usage, the term means "difficult to guess".
An encryption algorithm is intended to be unbreakable (in which case it is as strong as it can ever be), but might be breakable (in which case it is as weak as it can ever be) so there is not, in principle, a continuum of strength as the <a href="/facts/Idiom/JaAk3qnW">idiom</a> would seem to imply: Algorithm A is stronger than Algorithm B which is stronger than Algorithm C, and so on. The situation is made more complex, and less subsumable into a single strength metric, by the fact that there are many types of <a href="/facts/Cryptanalysis/7CPEQlJI">cryptanalytic</a> attack and that any given algorithm is likely to force the attacker to do more work to break it when using one attack than another.
There is only one known unbreakable cryptographic system, the <a href="/facts/One-time_pad/03hA9XSQ">one-time pad</a>, which is not generally possible to use because of the difficulties involved in exchanging one-time pads without them being compromised. So any encryption algorithm can be compared to the perfect algorithm, the one-time pad.
The usual sense in which this term is (loosely) used, is in reference to a particular attack, <a href="/facts/Brute_force_attack/TXl8pkfb">brute force</a> key search — especially in explanations for newcomers to the field. Indeed, with this attack (always assuming keys to have been randomly chosen), there is a continuum of resistance depending on the length of the key used. But even so there are two major problems: many algorithms allow use of different length keys at different times, and any algorithm can forgo use of the full key length possible. Thus, <a href="/facts/Blowfish_(cipher)/H6fYatpd">Blowfish</a> and <a href="/facts/RC5/RjIGUnNk">RC5</a> are <a href="/facts/Block_cipher/MJywAyfQ">block cipher</a> algorithms whose design specifically allowed for several <a href="/facts/Key_size/1amrJ13L">key lengths</a>, and who cannot therefore be said to have any particular strength with respect to brute force key search. Furthermore, US export regulations restrict key length for exportable cryptographic products and in several cases in the 1980s and 1990s (e.g., famously in the case of <a href="/facts/Lotus_Notes/X3KHrPQj">Lotus Notes</a>' export approval) only partial keys were used, decreasing 'strength' against brute force attack for those (export) versions. More or less the same thing happened outside the <a href="/facts/United_States/P0sCdLe5">US</a> as well, as for example in the case of more than one of the cryptographic algorithms in the <a href="/facts/Global_System_for_Mobile_Communications/Sw8QYaLE">GSM</a> cellular telephone standard.
The term is commonly used to convey that some algorithm is suitable for some task in <a href="/facts/Cryptography/e94PEVau">cryptography</a> or <a href="/facts/Information_security/horlrCln">information security</a>, but also resists <a href="/facts/Cryptanalysis/7CPEQlJI">cryptanalysis</a> and has no, or fewer, security weaknesses. Tasks are varied, and might include:

<ul><li>generating <a href="/facts/Randomness/QJQBoEX5">randomness</a></li>
<li><a href="/facts/Encryption/16q29Fdv">encrypting</a> data</li>
<li>providing a method to ensure <a href="/facts/Data_integrity/g3XGbKIH">data integrity</a></li></ul>
Cryptographically strong would seem to mean that the described method has some kind of maturity, perhaps even approved for use against different kinds of systematic attacks in theory and/or practice. Indeed, that the method may resist those attacks long enough to protect the information carried (and what stands behind the information) for a useful length of time. But due to the complexity and subtlety of the field, neither is almost ever the case. Since such assurances are not actually available in real practice, sleight of hand in language which implies that they are will generally be misleading.
There will always be uncertainty as advances (e.g., in cryptanalytic theory or merely affordable computer capacity) may reduce the effort needed to successfully use some attack method against an algorithm.
In addition, actual use of cryptographic algorithms requires their encapsulation in a <a href="/facts/Cryptosystem/GyDVJ4D0">cryptosystem</a>, and doing so often introduces vulnerabilities which are not due to faults in an algorithm. For example, essentially all algorithms require random choice of keys, and any cryptosystem which does not provide such keys will be subject to attack regardless of any attack resistant qualities of the encryption algorithm(s) used.

<h2 id="legal-issues">Legal issues</h2>
See also: <a href="/facts/Cryptography/e94PEVau">Cryptography § Forced disclosure of encryption keys</a>
Widespread use of encryption increases the costs of <a href="/facts/Surveillance/hJhvWdSJ">surveillance</a>, so the government policies aim to regulate the use of the strong cryptography.<a class="footnote-ref" id="fnref:19" href="#fn:19">19</a> In the 2000s, the effect of encryption on the surveillance capabilities was limited by the ever-increasing share of communications going through the global social media platforms, that did not use the strong encryption and provided governments with the requested data.<a class="footnote-ref" id="fnref:20" href="#fn:20">20</a> Murphy talks about a legislative balance that needs to be struck between the power of the government that are broad enough to be able to follow the quickly-evolving technology, yet sufficiently narrow for the public and overseeing agencies to understand the future use of the legislation.<a class="footnote-ref" id="fnref:21" href="#fn:21">21</a> 

<h3>USA</h3>
The initial response of the US government to the expanded availability of cryptography was to treat the cryptographic research in the same way the <a href="/facts/Atomic_energy/X4UJfgG3">atomic energy</a> research is, i.e., "<a href="/facts/Born_classified/D6xf5gAM">born classified</a>", with the government exercising the legal control of dissemination of research results. This had quickly found to be impossible, and the efforts were switched to the control over deployment (export, as prohibition on the deployment of cryptography within the US was not seriously considered).<a class="footnote-ref" id="fnref:22" href="#fn:22">22</a> 

Main article: <a href="/facts/Export_of_cryptography_from_the_United_States/CH5yLRYo">Export of cryptography from the United States</a>
The export control in the US historically uses two tracks:<a class="footnote-ref" id="fnref:23" href="#fn:23">23</a>

<ul><li>military items (designated as "munitions", although in practice the items on the <a href="/facts/United_States_Munitions_List/Klh4Exhq">United States Munitions List</a> do not match the common meaning of this word). The export of munitions is controlled ty the <a href="/facts/Department_of_State/WsB5FMBT">Department of State</a>. The restrictions for the munitions are very tight, with individual export licenses specifying the product and the actual customer;</li>
<li><a href="/facts/Dual-use/h1UHINIl">dual-use</a> items ("commodities") need to be commercially available without excessive paperwork, so, depending on the destination, broad permissions can be granted for sales to civilian customers. The licensing for the dual-use items is provided by the <a href="/facts/Department_of_Commerce/3sch0DLr">Department of Commerce</a>. The process of moving an item from the munition list to commodity status is handled by the Department of State.</li></ul>
Since the original applications of cryptography were almost exclusively military, it was placed on the munitions list. With the growth of the civilian uses, the dual-use cryptography was defined by <a href="/facts/Cryptographic_strength/aYUIhgLe">cryptographic strength</a>, with the strong encryption remaining a munition in a similar way to the guns (<a href="/facts/Small_arms/GuHx4aGE">small arms</a> are dual-use while artillery is of purely military value).<a class="footnote-ref" id="fnref:24" href="#fn:24">24</a> This classification had its obvious drawbacks: a major bank is arguably just as systemically important as a military installation,<a class="footnote-ref" id="fnref:25" href="#fn:25">25</a> and restriction on publishing the strong cryptography code run against the <a href="/facts/First_Amendment/1hNSoIvG">First Amendment</a>, so after experimenting in 1993 with the <a href="/facts/Clipper_chip/mbvGQ5cv">Clipper chip</a> (where the US government kept special decryption keys in <a href="/facts/Escrow/IofFwvPo">escrow</a>), in 1996 almost all cryptographic items were transferred to the Department of Commerce.<a class="footnote-ref" id="fnref:26" href="#fn:26">26</a>

<h3>EU</h3>
The position of the EU, in comparison to the US, had always been tilting more towards privacy. In particular, EU had rejected the <a href="/facts/Key_escrow/vfE3jPkC">key escrow</a> idea as early as 1997. <a href="/facts/European_Union_Agency_for_Cybersecurity/1KM7gGMd">European Union Agency for Cybersecurity</a> (ENISA) holds the opinion that the <a href="/facts/Backdoor_(cryptography)/4Vry8CKE">backdoors</a> are not efficient for the legitimate surveillance, yet pose great danger to the general digital security.<a class="footnote-ref" id="fnref:27" href="#fn:27">27</a>

<h3>Five Eyes</h3>
The <a href="/facts/Five_Eyes/7lnSYxYh">Five Eyes</a> (post-<a href="/facts/Brexit/M80B3fIg">Brexit</a>) represent a group of states with similar views one the issues of security and privacy. The group might have enough heft to drive the global agenda on the <a href="/facts/Lawful_interception/343rdrtm">lawful interception</a>. The efforts of this group are not entirely coordinated: for example, the 2019 demand for Facebook not to implement <a href="/facts/End-to-end_encryption/e1MwRzEU">end-to-end encryption</a> was not supported by either Canada or New Zealand, and did not result in a regulation.<a class="footnote-ref" id="fnref:28" href="#fn:28">28</a>

<h3>Russia</h3>
President and government of Russia in 90s has issued a few decrees formally banning uncertified cryptosystems from use by government agencies. Presidential decree of 1995 also attempted to ban individuals from producing and selling cryptography systems without having appropriate license, but it wasn't enforced in any way as it was suspected to be contradictory the <a href="/facts/Russian_constitution_of_1993/rqSMrjB7">Russian Constitution of 1993</a> and wasn't a law per se.<a class="footnote-ref" id="fnref:29" href="#fn:29">29</a><a class="footnote-ref" id="fnref:30" href="#fn:30">30</a><a class="footnote-ref" id="fnref:31" href="#fn:31">31</a><a class="footnote-ref" id="fnref:32" href="#fn:32">32</a> The decree of No.313 issued in 2012 further amended previous ones allowing to produce and distribute products with embedded cryptosystems and requiring no license as such, even though it declares some restrictions.<a class="footnote-ref" id="fnref:33" href="#fn:33">33</a><a class="footnote-ref" id="fnref:34" href="#fn:34">34</a> <a href="/facts/France/CxIeIKM3">France</a> had quite strict regulations in this field, but has relaxed them in recent years.

<h2 id="examples">Examples</h2>

<h3>Strong</h3>
<ul><li><a href="/facts/Pretty_Good_Privacy/4BELG9BW">PGP</a> is generally considered an example of strong cryptography, with versions running under most popular operating systems and on various hardware platforms. The open source standard for PGP operations is <a href="/facts/OpenPGP/4BELG9BW">OpenPGP</a>, and <a href="/facts/GnuPG/EqmGmx7V">GnuPG</a> is an implementation of that standard from the <a href="/facts/Free_Software_Foundation/k0sBmw7y">FSF</a>. However, the IDEA signature key in classical PGP is only 64 bits long, therefore no longer immune to collision attacks. OpenPGP therefore uses the <a href="/facts/SHA-2/P59oPeGq">SHA-2</a> hash function and AES cryptography.</li>
<li>The <a href="/facts/Advanced_Encryption_Standard/HdXGBY2Q">AES</a> algorithm is considered strong after being selected in a <a href="/facts/Advanced_Encryption_Standard_process/UkHpAuEj">lengthy selection process</a> that was open and involved numerous tests.</li>
<li><a href="/facts/Elliptic_curve_cryptography/YbjcXIWk">Elliptic curve cryptography</a> is another system which is based on a graphical geometrical function.</li>
<li>The latest version of <a href="/facts/Transport_Layer_Security/pGy16TnA">TLS</a> protocol (<a href="/facts/Transport_Layer_Security/pGy16TnA">version 1.3</a>), used to secure <a href="/facts/Internet/Xw1rVvJU">Internet</a> transactions, is generally considered strong. Several vulnerabilities exist in previous versions, including demonstrated attacks such as <a href="/facts/POODLE/2pnTrBg6">POODLE</a>. Worse, some cipher-suites are deliberately weakened to use a 40-bit effective key to allow <a href="/facts/Crypto_Wars/sJ5tb5WR">export under pre-1996 U.S. regulations</a>.</li></ul>
<h3>Weak</h3>

Examples that are not considered cryptographically strong include:

<ul><li>The <a href="/facts/Data_Encryption_Standard/STfBjTGb">DES</a>, whose 56-bit keys allow attacks via exhaustive search.</li>
<li>Triple-DES (3DES / EDE3-DES) can be subject of the "SWEET32 Birthday attack"<a class="footnote-ref" id="fnref:35" href="#fn:35">35</a></li>
<li><a href="/facts/Wired_Equivalent_Privacy/LHqkdrCf">Wired Equivalent Privacy</a> which is subject to a number of attacks due to flaws in its design.</li>
<li><a href="/facts/Transport_Layer_Security/pGy16TnA">SSL</a> v2 and v3. TLS 1.0 and TLS 1.1 are also deprecated now [see RFC7525] because of irreversible flaws which are still present by design and because they do not provide elliptical handshake (EC) for ciphers, no modern cryptography, no CCM/GCM ciphermodes. TLS1.x are also announced off by the PCIDSS 3.2 for commercial business/banking implementations on web frontends. Only TLS1.2 and TLS 1.3 are allowed and recommended, modern ciphers, handshakes and ciphermodes must be used exclusively.</li>
<li>The <a href="/facts/MD5/8WIXb9Dq">MD5</a> and <a href="/facts/SHA-1/LDYCV1je">SHA-1</a> hash functions, no longer immune to collision attacks.</li>
<li>The <a href="/facts/RC4/HAR5kL0T">RC4</a> stream cipher.</li>
<li>The 40-bit <a href="/facts/Content_Scramble_System/vzPVMQvk">Content Scramble System</a> used to encrypt most <a href="/facts/DVD-Video/V7pyI58m">DVD-Video</a> discs.</li>
<li>Almost all <a href="/facts/Classical_cipher/uXMQS0tE">classical ciphers</a>.</li>
<li>Most rotary ciphers, such as the <a href="/facts/Enigma_machine/FSMJwbCL">Enigma machine</a>.</li>
<li>DHE/EDHE is guessable/weak when using/re-using known default prime values on the server</li></ul>
<h2 id="notes">Notes</h2>

<h2 id="sources">Sources</h2>
<ul><li>Vagle, Jeffrey L. (2015). <a href="https://www.repository.law.indiana.edu/cgi/viewcontent.cgi?article=11134&context=ilj">"Furtive Encryption: Power, Trusts, and the Constitutional Cost of Collective Surveillance"</a>. <a href="/facts/Indiana_Law_Journal/1PoK9yT3">Indiana Law Journal</a>. 90 (1).</li>
<li>Reinhold, Arnold G. (September 17, 1999). <a href="https://www.cato.org/briefing-paper/strong-cryptography-global-tide-change">Strong Cryptography The Global Tide of Change</a>. Cato Institute Briefing Papers No. 51. <a href="/facts/Cato_Institute/J8RNyySJ">Cato Institute</a>.</li>
<li>Diffie, Whitfield; Landau, Susan (2007). "The export of cryptography in the 20th and the 21st centuries". The History of Information Security. Elsevier. pp. 725–736. <a href="/facts/Doi_(identifier)/muM9Etpq">doi</a>:<a href="https://doi.org/10.1016%2Fb978-044451608-4%2F50027-4">10.1016/b978-044451608-4/50027-4</a>. <a href="/facts/ISBN_(identifier)/15AdSPa9">ISBN</a> 978-0-444-51608-4.</li>
<li>Murphy, Cian C (2020). <a href="https://journals.sagepub.com/doi/10.1177/1473779520980556">"The Crypto-Wars myth: The reality of state access to encrypted communications"</a>. Common Law World Review. 49 (3–4). SAGE Publications: 245–261. <a href="/facts/Doi_(identifier)/muM9Etpq">doi</a>:<a href="https://doi.org/10.1177%2F1473779520980556">10.1177/1473779520980556</a>. <a href="/facts/Hdl_(identifier)/rdebSxmC">hdl</a>:<a href="https://hdl.handle.net/1983%2F3c40a9b4-4a96-4073-b204-2030170b2e63">1983/3c40a9b4-4a96-4073-b204-2030170b2e63</a>. <a href="/facts/ISSN_(identifier)/DPAflDvU">ISSN</a> <a href="https://search.worldcat.org/issn/1473-7795">1473-7795</a>.</li>
<li>Riebe, Thea; Kühn, Philipp; Imperatori, Philipp; Reuter, Christian (2022-02-26). <a href="https://link.springer.com/content/pdf/10.1007/s41125-022-00080-0.pdf?pdf=button">"U.S. Security Policy: The Dual-Use Regulation of Cryptography and its Effects on Surveillance"</a> (PDF). European Journal for Security Research. 7 (1). Springer Science and Business Media LLC: 39–65. <a href="/facts/Doi_(identifier)/muM9Etpq">doi</a>:<a href="https://doi.org/10.1007%2Fs41125-022-00080-0">10.1007/s41125-022-00080-0</a>. <a href="/facts/ISSN_(identifier)/DPAflDvU">ISSN</a> <a href="https://search.worldcat.org/issn/2365-0931">2365-0931</a>.</li>
<li>Feigenbaum, Joan (2019-04-24). <a href="https://doi.org/10.1145%2F3319079">"Encryption and surveillance"</a>. Communications of the ACM. 62 (5). Association for Computing Machinery (ACM): 27–29. <a href="/facts/Doi_(identifier)/muM9Etpq">doi</a>:<a href="https://doi.org/10.1145%2F3319079">10.1145/3319079</a>. <a href="/facts/ISSN_(identifier)/DPAflDvU">ISSN</a> <a href="https://search.worldcat.org/issn/0001-0782">0001-0782</a>.</li>
<li>Schneier, Bruce (1998). <a href="http://www.madchat.fr/crypto/papers/pitfalls.pdf">"Security pitfalls in cryptography"</a> (PDF). Retrieved 27 March 2024.</li></ul>
<h2 id="see-also">See also</h2>
<ul><li><a href="/facts/40-bit_encryption/beKmt3n2">40-bit encryption</a></li>
<li><a href="/facts/Cipher_security_summary/wwXXpEgI">Cipher security summary</a></li>
<li><a href="/facts/Export_of_cryptography/PkJ5Tc0e">Export of cryptography</a></li>
<li><a href="/facts/Comparison_of_cryptography_libraries/TogtUeMk">Comparison of cryptography libraries</a></li>
<li><a href="/facts/FBI%25E2%2580%2593Apple_encryption_dispute/Pq6kXGU6">FBI–Apple encryption dispute</a></li>
<li><a href="/facts/Hash_function_security_summary/lksNR2aq">Hash function security summary</a></li>
<li><a href="/facts/Security_level/z7BMcnjn">Security level</a></li></ul>

<h2 id="references">References</h2>

<ol>
<li id="fn:1">Vagle 2015, p. 121. - Vagle, Jeffrey L. (2015). "Furtive Encryption: Power, Trusts, and the Constitutional Cost of Collective Surveillance". Indiana Law Journal. 90 (1). <a href="https://www.repository.law.indiana.edu/cgi/viewcontent.cgi?article=11134&context=ilj" target="_blank">https://www.repository.law.indiana.edu/cgi/viewcontent.cgi?article=11134&context=ilj</a> <a href="#fnref:1" class="footnote-back-ref">↩</a></li>
<li id="fn:2">Vagle 2015, p. 113. - Vagle, Jeffrey L. (2015). "Furtive Encryption: Power, Trusts, and the Constitutional Cost of Collective Surveillance". Indiana Law Journal. 90 (1). <a href="https://www.repository.law.indiana.edu/cgi/viewcontent.cgi?article=11134&context=ilj" target="_blank">https://www.repository.law.indiana.edu/cgi/viewcontent.cgi?article=11134&context=ilj</a> <a href="#fnref:2" class="footnote-back-ref">↩</a></li>
<li id="fn:3">Levy, Steven (12 July 1994). "Battle of the Clipper Chip". New York Times Magazine. pp. 44–51. <a href="/wiki/New_York_Times_Magazine" target="_blank">/wiki/New_York_Times_Magazine</a> <a href="#fnref:3" class="footnote-back-ref">↩</a></li>
<li id="fn:4">Vagle 2015, p. 113. - Vagle, Jeffrey L. (2015). "Furtive Encryption: Power, Trusts, and the Constitutional Cost of Collective Surveillance". Indiana Law Journal. 90 (1). <a href="https://www.repository.law.indiana.edu/cgi/viewcontent.cgi?article=11134&context=ilj" target="_blank">https://www.repository.law.indiana.edu/cgi/viewcontent.cgi?article=11134&context=ilj</a> <a href="#fnref:4" class="footnote-back-ref">↩</a></li>
<li id="fn:5">"Encryption and Export Administration Regulations (EAR)". bis.doc.gov. Bureau of Industry and Security. Retrieved 24 June 2023. <a href="https://www.bis.doc.gov/index.php/policy-guidance/encryption" target="_blank">https://www.bis.doc.gov/index.php/policy-guidance/encryption</a> <a href="#fnref:5" class="footnote-back-ref">↩</a></li>
<li id="fn:6">Reinhold 1999, p. 3. - Reinhold, Arnold G. (September 17, 1999). Strong Cryptography The Global Tide of Change. Cato Institute Briefing Papers No. 51. Cato Institute. <a href="https://www.cato.org/briefing-paper/strong-cryptography-global-tide-change" target="_blank">https://www.cato.org/briefing-paper/strong-cryptography-global-tide-change</a> <a href="#fnref:6" class="footnote-back-ref">↩</a></li>
<li id="fn:7">Reinhold 1999, p. 3. - Reinhold, Arnold G. (September 17, 1999). Strong Cryptography The Global Tide of Change. Cato Institute Briefing Papers No. 51. Cato Institute. <a href="https://www.cato.org/briefing-paper/strong-cryptography-global-tide-change" target="_blank">https://www.cato.org/briefing-paper/strong-cryptography-global-tide-change</a> <a href="#fnref:7" class="footnote-back-ref">↩</a></li>
<li id="fn:8">Schneier 1998, p. 2. - Schneier, Bruce (1998). "Security pitfalls in cryptography" (PDF). Retrieved 27 March 2024. <a href="http://www.madchat.fr/crypto/papers/pitfalls.pdf" target="_blank">http://www.madchat.fr/crypto/papers/pitfalls.pdf</a> <a href="#fnref:8" class="footnote-back-ref">↩</a></li>
<li id="fn:9">Schneier 1998, p. 3. - Schneier, Bruce (1998). "Security pitfalls in cryptography" (PDF). Retrieved 27 March 2024. <a href="http://www.madchat.fr/crypto/papers/pitfalls.pdf" target="_blank">http://www.madchat.fr/crypto/papers/pitfalls.pdf</a> <a href="#fnref:9" class="footnote-back-ref">↩</a></li>
<li id="fn:10">Schneier 1998, p. 4. - Schneier, Bruce (1998). "Security pitfalls in cryptography" (PDF). Retrieved 27 March 2024. <a href="http://www.madchat.fr/crypto/papers/pitfalls.pdf" target="_blank">http://www.madchat.fr/crypto/papers/pitfalls.pdf</a> <a href="#fnref:10" class="footnote-back-ref">↩</a></li>
<li id="fn:11">Vagle 2015, p. 110. - Vagle, Jeffrey L. (2015). "Furtive Encryption: Power, Trusts, and the Constitutional Cost of Collective Surveillance". Indiana Law Journal. 90 (1). <a href="https://www.repository.law.indiana.edu/cgi/viewcontent.cgi?article=11134&context=ilj" target="_blank">https://www.repository.law.indiana.edu/cgi/viewcontent.cgi?article=11134&context=ilj</a> <a href="#fnref:11" class="footnote-back-ref">↩</a></li>
<li id="fn:12">Diffie & Landau 2007, p. 725. - Diffie, Whitfield; Landau, Susan (2007). "The export of cryptography in the 20th and the 21st centuries". The History of Information Security. Elsevier. pp. 725–736. doi:10.1016/b978-044451608-4/50027-4. ISBN 978-0-444-51608-4. <a href="https://doi.org/10.1016%2Fb978-044451608-4%2F50027-4" target="_blank">https://doi.org/10.1016%2Fb978-044451608-4%2F50027-4</a> <a href="#fnref:12" class="footnote-back-ref">↩</a></li>
<li id="fn:13">Vagle 2015, p. 109. - Vagle, Jeffrey L. (2015). "Furtive Encryption: Power, Trusts, and the Constitutional Cost of Collective Surveillance". Indiana Law Journal. 90 (1). <a href="https://www.repository.law.indiana.edu/cgi/viewcontent.cgi?article=11134&context=ilj" target="_blank">https://www.repository.law.indiana.edu/cgi/viewcontent.cgi?article=11134&context=ilj</a> <a href="#fnref:13" class="footnote-back-ref">↩</a></li>
<li id="fn:14">Vagle 2015, p. 119. - Vagle, Jeffrey L. (2015). "Furtive Encryption: Power, Trusts, and the Constitutional Cost of Collective Surveillance". Indiana Law Journal. 90 (1). <a href="https://www.repository.law.indiana.edu/cgi/viewcontent.cgi?article=11134&context=ilj" target="_blank">https://www.repository.law.indiana.edu/cgi/viewcontent.cgi?article=11134&context=ilj</a> <a href="#fnref:14" class="footnote-back-ref">↩</a></li>
<li id="fn:15">Vagle 2015, p. 119. - Vagle, Jeffrey L. (2015). "Furtive Encryption: Power, Trusts, and the Constitutional Cost of Collective Surveillance". Indiana Law Journal. 90 (1). <a href="https://www.repository.law.indiana.edu/cgi/viewcontent.cgi?article=11134&context=ilj" target="_blank">https://www.repository.law.indiana.edu/cgi/viewcontent.cgi?article=11134&context=ilj</a> <a href="#fnref:15" class="footnote-back-ref">↩</a></li>
<li id="fn:16">Diffie & Landau 2007, p. 725. - Diffie, Whitfield; Landau, Susan (2007). "The export of cryptography in the 20th and the 21st centuries". The History of Information Security. Elsevier. pp. 725–736. doi:10.1016/b978-044451608-4/50027-4. ISBN 978-0-444-51608-4. <a href="https://doi.org/10.1016%2Fb978-044451608-4%2F50027-4" target="_blank">https://doi.org/10.1016%2Fb978-044451608-4%2F50027-4</a> <a href="#fnref:16" class="footnote-back-ref">↩</a></li>
<li id="fn:17">Diffie & Landau 2007, p. 731. - Diffie, Whitfield; Landau, Susan (2007). "The export of cryptography in the 20th and the 21st centuries". The History of Information Security. Elsevier. pp. 725–736. doi:10.1016/b978-044451608-4/50027-4. ISBN 978-0-444-51608-4. <a href="https://doi.org/10.1016%2Fb978-044451608-4%2F50027-4" target="_blank">https://doi.org/10.1016%2Fb978-044451608-4%2F50027-4</a> <a href="#fnref:17" class="footnote-back-ref">↩</a></li>
<li id="fn:18">Path.GetRandomFileName Method (System.IO), Microsoft <a href="http://msdn.microsoft.com/en-us/library/system.io.path.getrandomfilename.aspx" target="_blank">http://msdn.microsoft.com/en-us/library/system.io.path.getrandomfilename.aspx</a> <a href="#fnref:18" class="footnote-back-ref">↩</a></li>
<li id="fn:19">Riebe et al. 2022, p. 42. - Riebe, Thea; Kühn, Philipp; Imperatori, Philipp; Reuter, Christian (2022-02-26). "U.S. Security Policy: The Dual-Use Regulation of Cryptography and its Effects on Surveillance" (PDF). European Journal for Security Research. 7 (1). Springer Science and Business Media LLC: 39–65. doi:10.1007/s41125-022-00080-0. ISSN 2365-0931. <a href="https://link.springer.com/content/pdf/10.1007/s41125-022-00080-0.pdf?pdf=button" target="_blank">https://link.springer.com/content/pdf/10.1007/s41125-022-00080-0.pdf?pdf=button</a> <a href="#fnref:19" class="footnote-back-ref">↩</a></li>
<li id="fn:20">Riebe et al. 2022, p. 58. - Riebe, Thea; Kühn, Philipp; Imperatori, Philipp; Reuter, Christian (2022-02-26). "U.S. Security Policy: The Dual-Use Regulation of Cryptography and its Effects on Surveillance" (PDF). European Journal for Security Research. 7 (1). Springer Science and Business Media LLC: 39–65. doi:10.1007/s41125-022-00080-0. ISSN 2365-0931. <a href="https://link.springer.com/content/pdf/10.1007/s41125-022-00080-0.pdf?pdf=button" target="_blank">https://link.springer.com/content/pdf/10.1007/s41125-022-00080-0.pdf?pdf=button</a> <a href="#fnref:20" class="footnote-back-ref">↩</a></li>
<li id="fn:21">Murphy 2020. - Murphy, Cian C (2020). "The Crypto-Wars myth: The reality of state access to encrypted communications". Common Law World Review. 49 (3–4). SAGE Publications: 245–261. doi:10.1177/1473779520980556. hdl:1983/3c40a9b4-4a96-4073-b204-2030170b2e63. ISSN 1473-7795. <a href="https://journals.sagepub.com/doi/10.1177/1473779520980556" target="_blank">https://journals.sagepub.com/doi/10.1177/1473779520980556</a> <a href="#fnref:21" class="footnote-back-ref">↩</a></li>
<li id="fn:22">Diffie & Landau 2007, p. 726. - Diffie, Whitfield; Landau, Susan (2007). "The export of cryptography in the 20th and the 21st centuries". The History of Information Security. Elsevier. pp. 725–736. doi:10.1016/b978-044451608-4/50027-4. ISBN 978-0-444-51608-4. <a href="https://doi.org/10.1016%2Fb978-044451608-4%2F50027-4" target="_blank">https://doi.org/10.1016%2Fb978-044451608-4%2F50027-4</a> <a href="#fnref:22" class="footnote-back-ref">↩</a></li>
<li id="fn:23">Diffie & Landau 2007, p. 727. - Diffie, Whitfield; Landau, Susan (2007). "The export of cryptography in the 20th and the 21st centuries". The History of Information Security. Elsevier. pp. 725–736. doi:10.1016/b978-044451608-4/50027-4. ISBN 978-0-444-51608-4. <a href="https://doi.org/10.1016%2Fb978-044451608-4%2F50027-4" target="_blank">https://doi.org/10.1016%2Fb978-044451608-4%2F50027-4</a> <a href="#fnref:23" class="footnote-back-ref">↩</a></li>
<li id="fn:24">Diffie & Landau 2007, p. 728. - Diffie, Whitfield; Landau, Susan (2007). "The export of cryptography in the 20th and the 21st centuries". The History of Information Security. Elsevier. pp. 725–736. doi:10.1016/b978-044451608-4/50027-4. ISBN 978-0-444-51608-4. <a href="https://doi.org/10.1016%2Fb978-044451608-4%2F50027-4" target="_blank">https://doi.org/10.1016%2Fb978-044451608-4%2F50027-4</a> <a href="#fnref:24" class="footnote-back-ref">↩</a></li>
<li id="fn:25">Diffie & Landau 2007, p. 728. - Diffie, Whitfield; Landau, Susan (2007). "The export of cryptography in the 20th and the 21st centuries". The History of Information Security. Elsevier. pp. 725–736. doi:10.1016/b978-044451608-4/50027-4. ISBN 978-0-444-51608-4. <a href="https://doi.org/10.1016%2Fb978-044451608-4%2F50027-4" target="_blank">https://doi.org/10.1016%2Fb978-044451608-4%2F50027-4</a> <a href="#fnref:25" class="footnote-back-ref">↩</a></li>
<li id="fn:26">Diffie & Landau 2007, p. 730. - Diffie, Whitfield; Landau, Susan (2007). "The export of cryptography in the 20th and the 21st centuries". The History of Information Security. Elsevier. pp. 725–736. doi:10.1016/b978-044451608-4/50027-4. ISBN 978-0-444-51608-4. <a href="https://doi.org/10.1016%2Fb978-044451608-4%2F50027-4" target="_blank">https://doi.org/10.1016%2Fb978-044451608-4%2F50027-4</a> <a href="#fnref:26" class="footnote-back-ref">↩</a></li>
<li id="fn:27">Riebe et al. 2022, p. 42. - Riebe, Thea; Kühn, Philipp; Imperatori, Philipp; Reuter, Christian (2022-02-26). "U.S. Security Policy: The Dual-Use Regulation of Cryptography and its Effects on Surveillance" (PDF). European Journal for Security Research. 7 (1). Springer Science and Business Media LLC: 39–65. doi:10.1007/s41125-022-00080-0. ISSN 2365-0931. <a href="https://link.springer.com/content/pdf/10.1007/s41125-022-00080-0.pdf?pdf=button" target="_blank">https://link.springer.com/content/pdf/10.1007/s41125-022-00080-0.pdf?pdf=button</a> <a href="#fnref:27" class="footnote-back-ref">↩</a></li>
<li id="fn:28">Murphy 2020. - Murphy, Cian C (2020). "The Crypto-Wars myth: The reality of state access to encrypted communications". Common Law World Review. 49 (3–4). SAGE Publications: 245–261. doi:10.1177/1473779520980556. hdl:1983/3c40a9b4-4a96-4073-b204-2030170b2e63. ISSN 1473-7795. <a href="https://journals.sagepub.com/doi/10.1177/1473779520980556" target="_blank">https://journals.sagepub.com/doi/10.1177/1473779520980556</a> <a href="#fnref:28" class="footnote-back-ref">↩</a></li>
<li id="fn:29">Farber, Dave (1995-04-06). "A ban on cryptography in Russia (fwd) [Next .. djf]". Retrieved 2011-02-14. <a href="http://www.interesting-people.org/archives/interesting-people/199504/msg00018.html" target="_blank">http://www.interesting-people.org/archives/interesting-people/199504/msg00018.html</a> <a href="#fnref:29" class="footnote-back-ref">↩</a></li>
<li id="fn:30">Antipov, Alexander (1970-01-01). "Пресловутый указ №334 о запрете криптографии". www.securitylab.ru (in Russian). Retrieved 2020-09-21. <a href="https://www.securitylab.ru/informer/240707.php" target="_blank">https://www.securitylab.ru/informer/240707.php</a> <a href="#fnref:30" class="footnote-back-ref">↩</a></li>
<li id="fn:31">"Указ Президента Российской Федерации от 03.04.1995 г. № 334". Президент России (in Russian). Retrieved 2020-09-21. <a href="http://kremlin.ru/acts/bank/7701" target="_blank">http://kremlin.ru/acts/bank/7701</a> <a href="#fnref:31" class="footnote-back-ref">↩</a></li>
<li id="fn:32">The sources provided here are in Russian. To alleviate the problem of lack of English-written ones the sources are cited by using official government documents. <a href="#fnref:32" class="footnote-back-ref">↩</a></li>
<li id="fn:33">"Положение о лицензировании деятельности по разработке, производству, распространению шифровальных средств и систем". Российская газета (in Russian). Retrieved 2020-09-21. <a href="https://rg.ru/2012/04/24/shifry-site-dok.html" target="_blank">https://rg.ru/2012/04/24/shifry-site-dok.html</a> <a href="#fnref:33" class="footnote-back-ref">↩</a></li>
<li id="fn:34">"Миф №49 "В России запрещено использовать несертифицированные средства шифрования"". bankir.ru (in Russian). Retrieved 2020-09-21. <a href="http://bankir.ru/publikacii/20090714/mif-49-v-rossii-zaprescheno-ispolzovat-nesertificirovannie-sredstva-shifrovaniya-2228626/" target="_blank">http://bankir.ru/publikacii/20090714/mif-49-v-rossii-zaprescheno-ispolzovat-nesertificirovannie-sredstva-shifrovaniya-2228626/</a> <a href="#fnref:34" class="footnote-back-ref">↩</a></li>
<li id="fn:35">Security Bulletin: Sweet32 vulnerability that impacts Triple DES cipher. IBM Security Bulletin, 2016. <a href="https://www.ibm.com/support/pages/security-bulletin-sweet32-vulnerability-impacts-triple-des-cipher-affects-communications-server-data-center-deployment-communications-server-aix-linux-linux-system-z-and-windows-cve-2016-2183" target="_blank">https://www.ibm.com/support/pages/security-bulletin-sweet32-vulnerability-impacts-triple-des-cipher-affects-communications-server-data-center-deployment-communications-server-aix-linux-linux-system-z-and-windows-cve-2016-2183</a> <a href="#fnref:35" class="footnote-back-ref">↩</a></li>
</ol>

Strong cryptography open-in-new

Strong cryptography