Cryptography & Security: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Jochen (Diskussion | Beiträge) |
Jochen (Diskussion | Beiträge) |
||
| Zeile 2: | Zeile 2: | ||
= OAuth2 = | |||
* [https://oauth.net/2/ Homepage] | * [https://oauth.net/2/ Homepage] | ||
| Zeile 12: | Zeile 12: | ||
= OpenID Connect = | |||
* [http://openid.net/connect/ Homepage] | * [http://openid.net/connect/ Homepage] | ||
| Zeile 25: | Zeile 25: | ||
= Fast Identity Online (FIDO) = | |||
* [https://fidoalliance.org/ FIDO Allianz] | * [https://fidoalliance.org/ FIDO Allianz] | ||
* [https://fidoalliance.org/specifications/download/ Universal Authentication Framework (UAF) / U2F (Universal Second Factor) Specifications] | * [https://fidoalliance.org/specifications/download/ Universal Authentication Framework (UAF) / U2F (Universal Second Factor) Specifications] | ||
= Security Assertion Markup Language 2.0 (SAML 2.0) = | |||
* [https://wiki.oasis-open.org/security/FrontPage Homepage] | * [https://wiki.oasis-open.org/security/FrontPage Homepage] | ||
| Zeile 39: | Zeile 39: | ||
= JSON Web Token et. al. = | |||
* [https://tools.ietf.org/html/rfc7515 RFC 7515: JSON Web Signature (JWS)] | * [https://tools.ietf.org/html/rfc7515 RFC 7515: JSON Web Signature (JWS)] | ||
| Zeile 48: | Zeile 48: | ||
= One Time Passwords = | |||
* [https://tools.ietf.org/html/rfc2289 RFC 2289: A One-Time Password System] | * [https://tools.ietf.org/html/rfc2289 RFC 2289: A One-Time Password System] | ||
* [https://tools.ietf.org/html/rfc4226 RFC 4226: HOTP: An HMAC-Based One-Time Password Algorithm] | * [https://tools.ietf.org/html/rfc4226 RFC 4226: HOTP: An HMAC-Based One-Time Password Algorithm] | ||
| Zeile 56: | Zeile 56: | ||
= Einweg-Hashfunktionen = | |||
* [https://tools.ietf.org/html/rfc1321 RFC 1321: The MD5 Message-Digest Algorithm] | * [https://tools.ietf.org/html/rfc1321 RFC 1321: The MD5 Message-Digest Algorithm] | ||
| Zeile 65: | Zeile 65: | ||
= Protokolle zur Authentifizierung = | |||
* [http://davenport.sourceforge.net/ntlm.html The NTLM Authentication Protocol] [[Media:The NTLM Authentication Protocol and Security Support Provider.pdf|(PDF)]] | * [http://davenport.sourceforge.net/ntlm.html The NTLM Authentication Protocol] [[Media:The NTLM Authentication Protocol and Security Support Provider.pdf|(PDF)]] | ||
| Zeile 72: | Zeile 72: | ||
= Symmetrische Verschlüsselung = | |||
* [http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf FIPS PUB 46-3: Data Encryption Standard (DES), National Institute of Standards and Technology, October 25, 1999] | * [http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf FIPS PUB 46-3: Data Encryption Standard (DES), National Institute of Standards and Technology, October 25, 1999] | ||
| Zeile 78: | Zeile 78: | ||
= Public-Key Cryptography Standards (PKCS) - RSA Laboratories = | |||
* [https://tools.ietf.org/html/rfc3447 PKCS #1: RSA Cryptography Specifications Version 2.1 (RFC 2313)] | * [https://tools.ietf.org/html/rfc3447 PKCS #1: RSA Cryptography Specifications Version 2.1 (RFC 2313)] | ||
| Zeile 95: | Zeile 95: | ||
= Generic Security Service API (GSS-API) = | |||
* [https://tools.ietf.org/html/rfc2743 RFC 2743: Generic Security Service Application Program Interface Version 2, Update 1] | * [https://tools.ietf.org/html/rfc2743 RFC 2743: Generic Security Service Application Program Interface Version 2, Update 1] | ||
| Zeile 104: | Zeile 104: | ||
= Pretty Good Privacy (PGP) = | |||
* [https://tools.ietf.org/html/rfc4880 RFC 4880: OpenPGP Message Format] | * [https://tools.ietf.org/html/rfc4880 RFC 4880: OpenPGP Message Format] | ||
| Zeile 110: | Zeile 110: | ||
= Secure / Multipurpose Internet Mail Extensions (S/MIME) = | |||
* [https://tools.ietf.org/html/rfc1847 RFC 1847: Security Multiparts for MIME: Multipart/Signed and Multipart/Encrypted] | * [https://tools.ietf.org/html/rfc1847 RFC 1847: Security Multiparts for MIME: Multipart/Signed and Multipart/Encrypted] | ||
| Zeile 116: | Zeile 116: | ||
= X.509 Public Key Infrastructure = | |||
* [https://tools.ietf.org/html/rfc4158 RFC 4158: Internet X.509 Public Key Infrastructure: Certification Path Building] | * [https://tools.ietf.org/html/rfc4158 RFC 4158: Internet X.509 Public Key Infrastructure: Certification Path Building] | ||
| Zeile 123: | Zeile 123: | ||
== Misc | = Transport Layer Security (TLS) = | ||
* [https://tools.ietf.org/html/rfc5246 RFC 5246: The Transport Layer Security (TLS) Protocol Version 1.2] | |||
= Misc = | |||
* [https://tools.ietf.org/html/rfc4648 RFC 4648: The Base16, Base32, and Base64 Data Encodings] | * [https://tools.ietf.org/html/rfc4648 RFC 4648: The Base16, Base32, and Base64 Data Encodings] | ||
* [https://tools.ietf.org/html/rfc4422 RFC 4422: Simple Authentication and Security Layer (SASL)] | * [https://tools.ietf.org/html/rfc4422 RFC 4422: Simple Authentication and Security Layer (SASL)] | ||
Version vom 2. Februar 2018, 17:16 Uhr
OAuth2
- Homepage
- RFC 6749: The OAuth 2.0 Authorization Framework
- RFC 6750: The OAuth 2.0 Authorization Framework: Bearer Token Usage
- RFC 6819: OAuth 2.0 Threat Model and Security Considerations
- Google OAuth 2.0 Playground
- Using OAuth 2.0 to Access Google APIs
OpenID Connect
- Homepage
- OpenID Connect Core 1.0 incorporating errata set 1
- OpenID Connect Discovery 1.0 incorporating errata set 1
- OpenID Connect Dynamic Client Registration 1.0 incorporating errata set 1
- OAuth 2.0 Multiple Response Type Encoding Practices
- OAuth 2.0 Form Post Response Mode
- OpenID Connect Session Management 1.0 - draft 27
- OpenID Connect Front-Channel Logout 1.0 - draft 01
- OpenID Connect Back-Channel Logout 1.0 - draft 03
Fast Identity Online (FIDO)
- FIDO Allianz
- Universal Authentication Framework (UAF) / U2F (Universal Second Factor) Specifications
Security Assertion Markup Language 2.0 (SAML 2.0)
JSON Web Token et. al.
- RFC 7515: JSON Web Signature (JWS)
- RFC 7516: JSON Web Encryption (JWE)
- RFC 7517: JSON Web Key (JWK)
- RFC 7518: JSON Web Algorithms (JWA)
- RFC 7519: JSON Web Token (JWT)
One Time Passwords
- RFC 2289: A One-Time Password System
- RFC 4226: HOTP: An HMAC-Based One-Time Password Algorithm
- RFC 4793: The EAP Protected One-Time Password Protocol (EAP-POTP)
- RFC 6238: TOTP: Time-Based One-Time Password Algorithm
- RFC 6560: One-Time Password (OTP) Pre-Authentication
Einweg-Hashfunktionen
- RFC 1321: The MD5 Message-Digest Algorithm
- RFC 2104: HMAC: Keyed-Hashing for Message Authentication
- RFC 6151: Updated Security Considerations for the MD5 Message-Digest and the HMAC-MD5 Algorithms
- RFC 6234: US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)
- FIPS PUB 180-4: Secure Hash Standard (SHS)
Protokolle zur Authentifizierung
- The NTLM Authentication Protocol (PDF)
- RFC 4120: The Kerberos Network Authentication Service (V5)
- RFC 4120: The Kerberos Version 5 Generic Security Service Application Program Interface (GSS-API) Mechanism: Version 2
Symmetrische Verschlüsselung
- FIPS PUB 46-3: Data Encryption Standard (DES), National Institute of Standards and Technology, October 25, 1999
- FIPS PUB 197: Advanced Encryption Standard (AES), National Institute of Standards and Technology, November 26, 2001
Public-Key Cryptography Standards (PKCS) - RSA Laboratories
- PKCS #1: RSA Cryptography Specifications Version 2.1 (RFC 2313)
- PKCS #1: RSA Cryptography Specifications Version 2.2 (RFC draft-moriarty-pkcs1-03)
- PKCS #3: Diffie-Hellman Key Agreement Standard, Version 1.4
- PKCS #5: Password-Based Cryptography Standard, Version 2.0 (RFC 2898)
- PKCS #5: Password-Based Cryptography Standard, Version 2.1 (RFC draft-moriarty-pkcs5-v2dot1-04)
- PKCS #6: Extended-Certificate Syntax Standard, Version 1.5
- PKCS #7: Cryptographic Message Syntax Standard, Version 1.5 (2315)
- PKCS #8: Private-Key Information Syntax Standard, Version 1.2 (RFC 5208)
- PKCS #8: EncryptedPrivateKeyInfo Media Type (RFC draft-seantek-pkcs8-encrypted-01)
- PKCS #9: Selected Object Classes and Attribute Types Version 2.0 (RFC 2985)
- PKCS #10: Certification Request Syntax Specification Version 1.7 (RFC 2986)
- PKCS #11: URI Scheme (RFC 7512)
- PKCS #12: Personal Information Exchange Syntax Version 1.1 (RFC 7292)
Generic Security Service API (GSS-API)
- RFC 2743: Generic Security Service Application Program Interface Version 2, Update 1
- RFC 5554: Clarifications and Extensions to the Generic Security Service Application Program Interface (GSS-API) for the Use of Channel Bindings
- RFC 2479: Independent Data Unit Protection Generic Security Service Application Program Interface (IDUP-GSS-API)
- RFC 2744: Generic Security Service API Version 2 : C-bindings
- RFC 5653: Generic Security Service API Version 2: Java Bindings Update
Pretty Good Privacy (PGP)
Secure / Multipurpose Internet Mail Extensions (S/MIME)
- RFC 1847: Security Multiparts for MIME: Multipart/Signed and Multipart/Encrypted
- RFC 5751: Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 - Message Specification
X.509 Public Key Infrastructure
- RFC 4158: Internet X.509 Public Key Infrastructure: Certification Path Building
- RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
- RFC 6818: Updates to the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
Transport Layer Security (TLS)