Friday, 14 July 2017

Cryptography - Glossary

Cryptography is a massive subject and there is tons of stuff on the Internet. However, I'd love a little notebook of terms. So here I will begin my own personal list. I'll use HTML anchors to each entry for extras URL granularity.

AD CS abbr. Active Directory Certificate Services, provides customizable services for creating and managing public key certificates used in software security systems employing public key technologies.

AES abbr. Advanced Encryption Standard, also referenced as Rijndael .

affine cipher n. a type of monoalphabetic substitution cipher. Each letter is enciphered with the function (ax + b) mod 26, where b is the magnitude of the shift.

alphabet n. a collection of symbols, also referred to as characters.

ANSI abbr. American National Standards Institute is a private non-profit organization that oversees the development of voluntary consensus standards for products, services, processes, systems, and personnel in the United States.

assymetric adj. describes cryptosystems where the encryption key differs from decryption key.

BF abbr. Blowfish, is a symmetric block cipher. (USA)

bijection n. In mathematics, a bijection, bijective function or one-to-one correspondence is a function between the elements of two sets, where each element of one set is paired with exactly one element of the other set, and each element of the other set is paired with exactly one element of the first set. There are no unpaired elements.

bit n. a character 0 or 1 of the binary alphabet.

block cipher n. a cipher which acts on the plaintext in blocks of symbols.

CA abbr. certification authority.

Camellia n. Camellia (cipher), is a symmetric key block cipher.

Cast n. CAST-128, is a symmetric key block cipher.

CBC abbr. cipher block chaining is a mode of operation for a block cipher.

certification authority n. a certificate authority or certification authority (CA) is an entity that issues digital certificates.

Caesar cipher n. a translation cipher for which b=3, used by Julius Caesar.

CFB abbr. Ciphertext Feedback is a mode of operation for a block cipher.

character n. an element of an alphabet.

cipher n. 1. a map from a space of plaintext to a space of ciphertext.
               2. a pair of algorithms, one for encryption and one for decryption.

ciphertext n. the disguised message.

CMVP abbr. cryptographic module validation program.

CMS abbr. cryptographic message syntax is the IETF's standard for cryptographically protected messages.

CNG abbr. Windows Cryptography API: Next Generation (CNG) replaces CryptoAPI 1.0 as the recommended Windows API cryptographic suite.

coprime adj. No common factors other than 1. Also called "relatively prime" or "mutually prime".

CRL abbr. certificate revocation list.

cryptanalysis n. the science (complementary to cryptography) concerned with the methods to defeat cryptographic techniques.

cryptographic hash function n. a special class of hash function that has certain properties which make it suitable for use in cryptography.

cryptographic nonce n. In cryptography, a nonce is an arbitrary number that may only be used once.

cryptography n. the study of mathematical techniques for all aspects of information security.

cryptology n. the study of cryptography and cryptanaylsis.

CSP abbr.Cryptographic Service Providers

CTR abbr. Counter-mode encryption, a block cipher mode of operation that uses incrementing IV counter for the key stream source.

cryptosystem n.
1. a suite of cryptographic algorithms needed to implement a particular security service, most commonly for achieving confidentiality (encryption).
2. (Mathematics) can formally be defined by a collection of sets, "plaintext space","ciphertext space","key space","set of encryption functions","set of decryption functions". See Cryptosystem.

decipher v.tr. to convert ciphertext into plaintext.

decode v.tr. to convert the encoded message back to its original alphabet and original form.

DRBG abbr. Deterministic Random Bit Generators

DES abbr. Data Encryption Standard is a symmetric-key block cipher published by the NIST.

digital certificate n. A digital certificate uses public-key cryptography to sign data and to verify the integrity of the certificate itself. Public key cryptography is a system based on pairs of keys called public key and private key.

DH abbr. Diffie Hellman.

DSA abbr. Digital Signature Algorithm.

ECB abbr. Electronic Code Book is a mode of operation for a block cipher.

ECC abbr. elliptic curve cryptography.

ECDH abbr. elliptic curve Diffie–Hellman , an ECC algorithm endorsed by NIST for key exchange.

ECDSA abbr. Elliptic Curve Digital Signature Algorithm , an ECC algorithm endorsed by NIST for digital signature.

EDE abbr. encrypt decrypt encrypt.

EFS abbr. Encrypting File System on Microsoft Windows is a feature introduced in version 3.0 of NTFS[1] that provides filesystem-level encryption.

elliptic curve cryptography n. is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. ECC requires smaller keys compared to non-ECC cryptography (based on plain Galois fields) to provide equivalent security.

encipher v.tr. to convert plaintext into ciphertext.

encode v.tr. to convert a message into a representation in a standard alphabet, such as to the alphabet {A, . . . , Z} or to numerical alphabet.

encryption n. the process of disguising a message so as to hide the information it contains; this process can include both encoding and enciphering .

FIPS abbr. Federal Information Processing Standard.

FIPS 140-2 Publication 140-2, (FIPS PUB 140-2),[1][2] is a U.S. government computer security standard used to approve cryptographic modules. The title is Security Requirements for Cryptographic Modules.

GCM abbr. Galois Counter Mode is an efficient and performant mode of operation for symmetric key cryptographic block ciphers.

GMAC abbr. Galois Message Authentication Code, see GCM.

GCD n. greatest common divisor.

hash function n. any function that can be used to map data of arbitrary size to data of fixed size.

HMAC n. the Keyed-Hash Message Authentication Code (HMAC)

IDEA n. International Data Encryption Algorithm is a symmetric-key block cipher

IETF abbr. Internet Engineering Task Force.

injection n. (Mathematics) a one-to-one mapping.

injective adj. (Mathematics) of the nature of or relating to an injection or one-to-one mapping. See Injective function.

IPSec abbr. Internet Protocol security (IPSec) is a framework of open standards for helping to ensure private, secure communications over Internet Protocol (IP) networks through the use of cryptographic security services.

IV abbr. Initialization vector, also call "salt","nonce" (number used once), used to ensure uniqueness of the key stream.

KAT abbr. Known Answer Test.

Kerboros n. is a computer network authentication protocol that builds on symmetric key cryptography and optionally may use public-key cryptography during certain phases of authentication.

keystream n. a stream of random or pseudorandom characters that are combined with a plaintext message to produce an encrypted message (the ciphertext).

MAC abbr. Message Authentication Code sometimes known as a tag, is a short piece of information used to authenticate a message—in other words, to confirm that the message came from the stated sender (its authenticity) and has not been changed.

message digest n. a cryptographic hash function containing a string of digits created by a one-way hashing formula.

MD5 abbr. a message digest. MD5 is considered (by some) essentially "cryptographically broken and unsuitable for further use".

MIC abbr. Message Integrity Code, substitute for MAC and sometimes message digest.

NIST abbr. National Institute of Standards and Technology (USA)

NSA abbr. National Security Agency. (USA)

OAEP abbr. Optimal asymmetric encryption padding is a padding scheme often used together with RSA encryption.

OCSP abbr. Online Certificate Status Protocol

OFB abbr. output feedback is a mode of operation for a block cipher.

OpenSSL OpenSSL is a general purpose cryptography library that provides an open source implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols.

Passphrase n. A passphrase is a sequence of words or other text used to control access to a computer system, program or data. A passphrase is similar to a password in usage, but is generally longer for added security.

PEM abbr. Privacy-enhanced Electronic Mail. PEM is a de facto file format for storing and sending cryptography keys, certificates, and other data, based on a set of 1993 IETF standards defining "privacy-enhanced mail.".

permute v. submit to a process of alteration, rearrangement, or permutation.

PKCS abbr. Public-Key Cryptography Standards

PKI abbr. Public Key Infrastructure (PKI) is a set of roles, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption.

plaintext n. the message to be transmitted or stored.

post-quantum cryptography n. refers to cryptographic algorithms (usually public-key algorithms) that are thought to be secure against an attack by a quantum computer.

protocol n. an algorithm, defined by a sequence of steps, precisely specifying the actions of multiple parties in order to achieve an objective.

public key n. A public key is created in public key encryption cryptography that uses asymmetric-key encryption algorithms. Public keys are used to convert a message into an unreadable format. Decryption is carried out using a different, but matching, private key. Public and private keys are paired to enable secure communication.

RC2 n. RC2 (from Ron's Code) is a symmetric-key block cipher.

Rijndael n. Portmanteau of Belgian cryptographers Vincent Rijmen and Joan Daemen and a synonym for AES.

RIPEMD abbr. RACE Integrity Primitives Evaluation Message Digest.

RSA abbr. RSA is one of the first practical public-key cryptosystems and is widely used for secure data transmission. RSA is made of the initial letters of the surnames of Ron Rivest, Adi Shamir, and Leonard Adleman.

Salt n. In cryptography, a salt is random data that is used as an additional input to a one-way function that "hashes" a password or passphrase. Salts are closely related to the concept of nonce. The primary function of salts is to defend against dictionary attacks or against its hashed equivalent, a pre-computed rainbow table attack.

SEED abbr. SEED is a block cipher developed by South Korea.

SHA abbr. secure hash algorithm (SHA) .

S/MIME abbr. Secure/Multipurpose Internet Mail Extensions (S/MIME).

SSL abbr. SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral.

symmetric adj. describes cryptosystems where the encryption key is the same as the decryption key.

stream cipher n. a cipher which acts on the plaintext one symbol at a time.

string n. a finite sequence of characters in some alphabet.

substitution cipher n. a stream cipher which acts on the plaintext by making a substitution of the characters with elements of a new alphabet or by a permutation of the characters in the plaintext alphabet.

suite B n. is a set of cryptographic algorithms promulgated by the National Security Agency as part of its Cryptographic Modernization Program.

TLS abbr. TLS (Transport Layer Security) is a successor to Secure Sockets Layer protocol, or SSL. TLS provides secure communications on the Internet for such things as e-mail, Internet faxing, and other data transfers. There are slight differences between SSL 3.0 and TLS 1.0, but the protocol remains substantially the same.

TPM abbr. Trusted Platform Module is an international standard for a secure cryptoprocessor.

translation cipher n. an affine cipher for which a=1.

transposition cipher n. a block cipher which acts on the plaintext by permuting the positions of the characters in the plaintext.

Triple DES n. a symmetric-key block cipher, which applies the Data Encryption Standard (DES) cipher algorithm three times to each data block.

TRNG abbr. True Random Number Generator, based on a pure source of entropy ("noise").

X.509 abbr. X.509 is a standard that defines the format of public key certificates.




Links


Introduction to Cryptography

Handbook of Applied Cryptography (HAC)

Maths is fun - injective-surjective-bijective

RSA Laboritories : WHAT IS EXHAUSTIVE KEY SEARCH?

Data Encryption Standard

OpenSSL Cookbook Ivan Ristić Free Chapters

NIST Digital Signatures

Basic Blockchain Programming - keys as property

CodeGuru: Windows Cryptography API: Next Generation (CNG)

Windows Dev Center: Cryptography

Windows Dev Center: Cryptography API: Next Generation

MSDN: .NET Framework: System.Security.Cryptography

TechTarget SearchSecurity

How to choose an AES encryption mode (CBC ECB CTR OCB CFB)?

crackstation.net


No comments:

Post a Comment