Hello Everyone , Today this part of the cryptography contain the most of the terms that will be used frequently in the upcoming tutorials so, for your ease I have made this Glossary or dictionary whatever you might say . Do refer this as a guide.
A5:The encryption algorithm used for GSM telephones. These telephones are mainly sold in Europe.
AES :Advanced Encryption Standard. A block cipher that was chosen through a competition of the world’s greatest cryptographers. It is approved for government use by NIST and is assumed to be good for the next 20 years before a replacement needs to be found. Also known as Rijndael (rine-doll) for the two people who created the algorithm.
Algorithm :A set of mathematical step-by-step rules, or a recipe, for the encryption and decryption of data.
ANSI :American National Standards Institute. An organization that evaluates and publishes standards for various industries, including the computer technology industry.
ANSI X9.17 :The standard for the exchanging (or sharing) of the key for the DES algorithm.
Application Encryption :A program that uses an algorithm to encrypt data. PGP is an example of an application that has encryption built-in.
Asymmetric Algorithm :An algorithm that produces two keys; a public key and a private key. The public key is shared with others and the private key is kept safe by the owner. The term “asymmetric” has to do with the fact that there are two different keys — it does not mean that the algorithm is lopsided.
Authentication :The process of making sure that a person is really who he says he is, or that a computer is really the computer it’s supposed to be. It’s like being asked for your driver’s license before you can cash a check. Computers use encrypted keys or encrypted communications to exchange proof of identity.
Back Door :Usually a design flaw in software that allows unauthorized access into a system by those who know the secret.
Block Cipher :An algorithm that encrypts data and cuts the data into small chunks and encrypts the
chunks one after another. The “chunk” is a block of data and the algorithm decides how large those chunks are. This term was not invented by Lucy in the “Peanuts” comic. (You blockhead, Charlie Brown!)
Blowfish :A symmetric block cipher invented by Bruce Schneier. Publicly available on the Internet.
Browser :Your Web browser such as Internet Explorer, Mozilla, Netscape, or Opera. All browsers now have the capability to exchange data with another computer via an encrypted link. Although this term is also applied to shoppers who are not actively purchasing goods in a particular shop, that has nothing to do with cryptography.
Brute Force Attack :It’s like trying to break into a building by all possible hard attack methods: picking the locks, breaking the windows, breaking down the doors with a sledge hammer, or using bombs. In cryptography, a brute force attack is used when the attacker knows nothing about the encryption. He will start with easy guesses first and then build up to sophisticated methods. Brute force attacks in cryptography usually entail using lots of computers that try to guess each portion of the key or the encrypted message.
CAST :A block cipher developed by Carlisle Adams and Stafford Tavares (CAST) and patented by Entrust. It is available for public use.
CERT :Computer Emergency Response Team. A special team that has been formed to deal with computer emergencies of all sorts. Some companies form their own teams and other companies rely upon commercial CERTs. There is also a central CERT at Carnegie Mellon University in Pennsylvania. That CERT sends out alerts and information about new computer attacks and fixes.
Certificate :(See Digital Certificate.)
Certificate Authority (CA) :A company or a specially built computer within a company that generates and controls Digital Certificates and the accompanying keys. This is also referred to sometimes as a “trusted third party” because it is supposed to be an unbiased yet powerful authority.
CHAP :Challenge Handshake Authentication Protocol. Largely used in Microsoft products, CHAP is a two-way password authentication scheme.
Checksum :A numeric value assigned to data to be used as an indicator of change made to the data. An algorithm changes the data into numbers, goes through a number of computations, and then assigns a single, long number as the checksum. If the checksum of the data you receive is not the same checksum as the person who sent it, then something got changed in transit. Also known as a “fingerprint,” checksums are used to check the integrity of data. Checksum is also what many people do with their checking accounts at the end of the month.
CIAC :Computer Incident Advisory Capability (pronounced “sigh-ack”). This is an organization formed by the Department of Energy to track and report on computer security problems.
Cipher :The word cipher is very often confused with the word “code.” A cipher is closer to an algorithm. It does not know the “semantics” of the text or data it is converting; as far as a cipher is concerned, it’s just a blender of sorts. It’s the part of the algorithm that replaces one letter with another character. (Also see Code.)
Cipher Block Chaining :Also known by cryptographers as CBC, this is like “shuffling” the encrypted blocks of data with one another to come up with different ciphertext. Using cipher block chaining makes it much harder for someone to try to break an algorithm.
Ciphertext :The encrypted form of data. Ciphertext does not have to be text, it can be any form of data including pictures and music.
Client :Usually a desktop computer or a laptop. This is opposed to “servers.” Servers provide data, services, and resources to the client computers. Just think of clients as customers in a restaurant and the servers as waiters, and you’ll get the meaning. Client can also refer to a software program that runs on a desktop computer or a laptop. This type of program is normally used when the server is sending a special type of information that can’t be understood by other programs.
Code :A code is just a set of rules to represent meaningful information in another way — this doesn’t necessarily imply secrecy. A code does deal with symantics and can tell the difference between a letter and a number. Morse code and programming code are two good examples.
Cracking :An action to try to break the security of a computer system, software program, algorithm, encrypted data, and so on. For instance, attackers will try to crack the key to encrypted data so they can decrypt it and see what it says. This has nothing to do with the eating of Maryland crabs, contrary to popular belief.
Cryptanalysis :The examination of encrypted data to try to discover how the data was encrypted. Cryptanalysts will try to find the key or some plaintext in the encrypted data so they can unlock it. In a way, this is similar to “cracking,” but it is usually done by well-meaning folks employed by the NSA. (And, yes, because they are in Maryland, many do eat crabs.)
Cryptography/Crypto :The art or science of finding ways to hide or change data. The main goal of cryptography is to maintain secrecy – it’s a way to transform plain data (pictures, music, text, software, and so on) from a recognizable form to an unrecognizable form and back again. Cryptography is also the technical field of creating methods of changing data into an unrecognizable form and then reversing the process to make it recognizable again.
DES :Data Encryption Standard. A popular symmetric key algorithm that was created in 1975. It is usually replaced now with 3DES, which is much stronger than the original algorithm.
Diffie-Hellman :An algorithm created by Whitfield Diffie, Martin Hellman, and Ralph Merkle to solve the problem of how to share a secret over an unsecured line without compromising the secret. This became the basis for public/private key exchange.
Digital Certificate :A computer file that contains information about a person or a computer, along with a public encryption key. Digital Certificates have a standard format for the information contained so it can be used in many different encryption programs. A Digital Certificate is issued by a Certificate Authority. The Digital Authority usually has strict regulations about who or what may receive a Digital Certificate. Identities are usually verified by the Certificate Authority, which implies a greater degree of trust.
Digital Signature :A checksum created by an algorithm, combined with a person’s public key, that is based on a block of data and the person’s private key. The result is a character-based string that is included with the data when it is sent. If the data has been changed en route, it will be reflected in a changed digital signature. A digital signature is used to guarantee that the data was sent by the person who claims to have sent it. In one sense it can be considered a type of notary stamp to prove authenticity.
Digital Signature Standard :This is also referred to as DSS and is the algorithm used to create digital signatures. DSS was developed by the NSA and approved by NIST.
ECC :Elliptical Curve Cryptosystem. A relatively new and unique form of encryption that uses mathematical curves over defined fields to create a public/private key pair.
Encipher/Encrypt :Changing plain data (plaintext) into an unreadable or unrecognizable form (ciphertext).
Exclusive Or :(See XOR.)
Export Control :Laws and regulations to prevent products or technologies from being exported from the United States when exportation of that information is not in the best interest of the country. The United States considers cryptography to be munition and therefore controls the export of some encryption methods and products.
FIPS :Federal Information Processing Standard. Rules and regulations adopted by the federal government for computer systems, computer security, and the implementation of cryptography.
FORTEZZA :A PCMCIA card that contains the SKIPJACK encryption algorithm. This is mainly used by government agencies and some law enforcement agencies to encrypt e-mail. This term is often confused with foccacia, which is actually a type of Italian bread and has nothing to do with cryptography.
GOST :A symmetric block algorithm developed in the former Soviet Union.
HASH :A type of checksum that produced a fixed string of characters from a section of data that is used as a “fingerprint” of the data. If the data has not been changed, you will always get the same hash; if it has changed by only one character, the hash will not be the same as the original.
IDEA :The International Data Encryption Algorithm was developed in Switzerland and is one of the algorithms that is used in PGP.
IETF :The Internet Engineering Task Force is a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet. It is open to any interested individual.
IKE :This stands for Internet Key Exchange and is used by the protocol IPsec (secure IP) for key management.
IP :Internet Protocol carries individual data packets on a network. It allows the packets to be routed through multiple networks until it reaches its destination.
Ipsec :A network security protocol that uses encryption to protect data as it is moving through the network.
ISAKMP :Internet Security Association Key Management Protocol was the basis for IKE and is still used in many networking environments. ISAKMP defines payloads for exchanging key generation and authentication data.
KDC :Stands for Key Distribution Center and is the basis of the Kerberos authentication system. It is a device or computer that allows two computers to encrypt the traffic flowing on the network between them. Not to be confused with KFC, which is fine to eat on a 4th of July picnic.
KEK :A Key Encryption Key is used to encrypt other keys such as session keys or data keys. A KEK does not encrypt any of the data itself, it just sets up the environment so that encryption can begin.
Kerberos :An authentication protocol, developed at MIT, that uses session keys. Available commercially and in the public domain.
Key :The data created by an algorithm that causes a cipher to begin the encryption and decryption process. Keys are associated with the algorithm that was used to create it.
Key Escrow :The storing of copies of encryption keys so they can be used if the original key is lost or corrupted. This is very difficult to do securely.
Key Fingerprint :A unique string of characters that is used to authenticate a key. This is done by creating a hash of the key. Usually used by PGP users to verify that the parties are using the correct keys for encrypting and decrypting communications.
Key Length :The size of a key represented in bits. The larger the number of bits, the stronger the key is.
Key Management :The process and procedures uses to safely store and distribute keys. It also makes sure that keys are sent out in a secure manner so they won’t be compromised.
Key Pair :A set of keys created by an asymmetric algorithm: the public key and the private key.
Key Recovery :A method of hiding parts of keys in different places so a key can be reassembled if the original key is lost or corrupted. Key recovery usually involves the use of multiple storage locations and multiple passphrases to complete the recovery process.
Key Splitting :A security measure that splits a key up amongst a number of people so no one person on his own can use the key. All members of the group must participate in order for the key to be used.
Keyring :A program or file that holds a set of keys.
LDAP :Lightweight Directory Access Protocol. A protocol used in databases to allow simple search and access operations for data that is usually hard to index — phone numbers, addresses, and now used for encryption keys.
MAC :Message Authentication Code. A one-way hash that uses a single key. The key is used to verify the hash.
MD2 :Message Digest #2. Developed by Ron Rivest, it’s a 128-bit one-way hash.
MD4 :Message Digest #4. Another one-way hash developed by Ron Rivest, but later found to be very weak. It was replaced with MD5.
MD5 :Message Digest #5 is an algorithm used to create a hash.
NIST :National Institute of Standards and Technologies is a government agency that establishes national standards.
Non-Repudiation :A process that, once completed, makes it extremely difficult for someone to deny that they were involved in the process. It’s a method of ensuring that someone sent a file or encrypted a file without “reasonable doubt” that they did so.
NSA :The National Security Agency is an intelligence agency responsible for intercepting communications and developing crypto systems for the security of national secrets. This agency employs the largest number of cryptographers in the world.
Oakley :A protocol for a session key exchange that is a hybrid of the Diffie-Hellman scheme.
