representative
contact me
We like GuardianEdge's very friendly management interface.
Oliver Rebollido, Network Engineer, Fenwick & West LLP, Mountain View, California.
A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z
A
Advanced Encryption Standard (AES)
A NIST-approved encryption standard based on the Rijndael algorithm. AES was chosen as the new encryption standard in October 2000 as a replacement for DES (Data Encryption Standard).
See also: algorithm, block cipher, Data Encryption Standard (DES), Rijndael algorithm
Algorithm (cryptographic)
In mathematics and computer science, an algorithm is a procedure or set instructions for accomplishing a specific task. Algorithms provide the mathematical foundation for encryption and hash functions.
See also: encryption, hash function
Asymmetric encryption
Type of encryption in which an encryption key (the public key) is used to encrypt a message, and another encryption key (the private key) is used to decrypt the message.
See also: hash function, private key, public key, symmetric encryption
B
Block cipher
In cryptography, a block cipher or pseudorandom function (PRF) is a symmetric key cipher that operates on fixed-length groups of bits (usually 64 or 128 bits), termed blocks, with an unvarying transformation. Block ciphers contrast with stream ciphers, which operate on individual digits one at a time.
See also: cipher, stream cipher, symmetric encryption
Blowfish
A 64-bit block symmetric key algorithm consisting of key expansion and data encryption. A fast, simple, and compact algorithm in the public domain developed by Bruce Schneier.
See also: algorithm, cipher, symmetric encryption
Brute force
A cryptanalysis technique that exhaustively tests all known possibilities in consecutive order.
C
Cipher
An algorithm designed for performing encryption and decryption. MD5 and SHA1 are examples of commonly used ciphers.
See also: algorithm, ciphertext, decryption, encryption
Ciphertext
Text that has been scrambled through the use of a cipher. Decryption of ciphertext requires an encryption key
See also: cipher, decryption, encryption key.
Cleartext
See definition for: plaintext.
Cryptanalysis
The study of methods for obtaining the meaning of encrypted information without access to the appropriate encryption key. In non-technical language, cryptanalysis is the practice of breaking or cracking an encryption code. Considered the opposite of cryptography.
See also: cryptography, encryption key
Cryptographic token
A hardware security module issued to authorized users for the purpose of authentication. Tokens can store cryptographic keys, biometric data and other data elements. Some cryptographic tokens connect directly to a computer through an input/output port such as USB; others display a code which users must enter (along with a PIN) to gain access to a computer system. Cryptographic tokens are often used in combination with passwords for multifactor authentication.
Cryptographic Token Interface (PKCS#11)
An application programming interface (API) that defines a generic system interface for cryptographic tokens. PKCS#11 is one of many Public Key Cryptography Standards (PKCS) devised and published by RSA laboratories.
See also: cryptographic token, hardware security module
Cryptography
A field of mathematics and computer science concerned with information security and related issues, particularly encryption and authentication.
See also: authentication, encryption
D
Data Encryption Standard (DES)
A 64-bit block cipher, symmetric algorithm also known as Data Encryption Algorithm (DEA) by ANSI and DEA-1 by ISO. Widely used for over 20 years; adopted in 1976 as FIPS 46. Replaced by AES.
See also: Advanced Encryption Standard (AES), algorithm
Decryption
The process of unscrambling encrypted information so that it becomes legible again. The recipient’s private key is used for decryption.
Diffie-Hellman
The first public encryption key algorithm, invented in 1976, using discrete logarithms in a finite field. Allows two users to exchange a secret key over an insecure medium without any prior secrets.
Digital fingerprint
See definition for: hash function
E
ECC
See definition for: Elliptic Curve Cryptosystem (ECC)
EFS
See definition for: Encrypting File System
Elliptic Curve Cryptosystem (ECC)
Variants of the Diffie-Hellman family of public key algorithms, these operate on other sets than the integers and give smaller keys faster execution.
See also: Diffie-Hellman, public key
Encrypting File System (EFS)
A technology used in Windows 2000 and later versions that enables users to encrypt files and folders on NTFS volumes. EFS protects the confidentiality of data by ensuring that only the original user has access to them.
Encryption
The process of obscuring information to make it unreadable without special knowledge.
Encryption key
A digital code used in combination with a cipher to encrypt or decrypt data.
F
Full-disk encryption
A method of encrypting electronic data that involves scrambling an entire physical volume (partition) on a hard drive disk. Also known as full-volume encryption.
G
H
Hash function
A hash function is an algorithm that takes a string (or message) of any length as input and produces a fixed-length string as output, Hash functions are used in cryptography for authentication and message integrity. Hash functions are sometimes known as “message digests” or “digital fingerprints”. MD5 and SHA-1 are currently the two most commonly used hash functions.
See also: algorithm, Message-Digest algorithm 5 (MD5), Secure Hash Algorithm 1 (SHA-1)
I
International Data Encryption Standard (IDEA)
A 64-bit block symmetric cipher using 128-bit keys based on mixing operations from different algebraic groups. Considered one of the strongest algorithms.
See also: cipher, symmetric encryption
J
K
Key
See definition for: encryption key
Key escrow
A key recovery mechanism that works by storing copies of encryption keys in a separate, often centralized, location.
See also: encryption key
Key length
The number of data bits in an encryption key (e.g., 128-bit), Longer keys generally provide stronger security.
See also: encryption key
Key management
The process and procedure for safely storing and distributing accurate cryptographic keys; the overall process of generating and distributing cryptographic key to authorized recipients in a secure manner.
See also: encryption key
Key recovery
A mechanism for retrieving cryptographic keys with the ultimate intent of decrypting ciphertext with them.
See also: encryption key
L
M
MD5
See definition for: Message digest algorithm 5 (MD5)
Message digest algorithm 5 (MD5)
A widely-used cryptographic hash function with a 128-bit hash value.
See also: hash function
N
O
P
PKCS#11
See definition for: Cryptographic Token Interface
Plaintext
Normal, legible, unencrypted, unsigned text.
See also: ciphertext
Private key
In asymmetric encryption, the private key is one of two keys in a keypair. The user keeps the private key secret and typically uses it to digitally sign data, or to decrypt data that has been encrypted with the corresponding public key.
See also: asymmetric encryption, digital signature, public key
Pseudorandom function
See definition for: block cipher
Public key
In asymmetric encryption, the public key is one of two keys in a keypair. The user releases this key to the public, who can use it to encrypt messages to be sent to the user and to verify the user's digital signature. Compare with private key.
See also: asymmetric encryption, private key, Public Key Infrastructure (PKI)
Public key encryption
See definition for: asymmetric encryption
Q
R
Random number
An important aspect to cryptography, and a necessary element in generating a unique key that is unpredictable to an attacker. True random numbers are usually derived from natural sources and usually involve the use of special hardware.
Rijndael algorithm
A block cipher designed by Joan Daemen and Vincent Rijmen that has 16-byte blocks and can operate with 128-, 192- or 256-bit keys. Chosen as the new Advanced Encryption Standard (AES), considered to be both faster and smaller than comparable algorithms.
See also: Advanced Encryption Standard (AES), algorithm, block cipher
S
Secret key
Either the “private key” in public key (asymmetric) algorithms or the “session key” in symmetric algorithms.
See also: asymmetric encryption, encryption key, private key, symmetric encryption
Secure Hash Algorithm (SHA-1)
A cryptographic algorithm developed by the National Security Agency (NSA) and used for a variety of security applications and protocols, including TLS, SSL, SSH, S/MIME, and IPSec.
SHA-1
See definition for: Secure Hash Algorithm (SHA-1)
Single-key encryption
See definition for: symmetric encryption
Stream cipher
A symmetric cipher in which the plaintext strings are encrypted one bit (or byte) at a time, and in which the transformation of successive digits varies during the encryption.
See also: block cipher, cipher, symmetric encryption
Substitution cipher
A cipher in which the characters of a plaintext string are substituted with other characters to form the cipher text.
See also: cipher, ciphertext
Symmetric encryption
Also known as conventional, secret-key, and single-key algorithms; the encryption and decryption key are either the same or can be calculated from one another. Block ciphers and stream ciphers are both used for symmetric encryption.
See also: asymmetric encryption, block cipher, cipher, stream cipher
T
Token
See definition for: cryptographic token
TripleDES
An encryption configuration in which the Data Encryption Standard (DES) algorithm is used three times with three different keys. Also known as 3DES.
See also: Data Encryption Standard (DES)
Twofish
A new 256-bit block cipher, symmetric algorithm. Twofish was one of five algorithms the U.S. National Institute of Standards and Technology (NIST) considered for the Advanced Encryption Standard (AES).
See also: algorithm, Advanced Encryption Standard (AES), cipher
