AES Advanced Encryption Standard. The standard block cipher algorithm designated by the NIST for symmetric key cryptography (FIPS PUB 197). It is also known as Rijndael code.
ASCII American Standard Code for Information Interchange. The code generally used by most computer systems to translate characters into binary numbers.
Block Cipher A symmetric cipher which encrypt fixed-length groups of bits into fixed length group of bits. The message is broken up into substrings (called blocks) of a fixed length and encrypted block by block. The integer is called the block-length. NIST recognizes only 3 types of block ciphers AES, Triple-DES and Skipjack.
Block Coding Any encoding function that encodes a block of words instead of one word at a time.
BSC Binary Symmetric Channel. A communication channel transporting the binary symbols (0, 1) for which the probabilities p of receiving a 1 when 0 is transmitted is equal to the probability of receiving 0 when 1 is transmitted the same error.
Certificate An electronic file it contains both an identity and a public key, Anybody can create a certificate, however for the certificate to have any degree of trust and avoid man in the middle attack it has to be signed by a third, trusted party called the Certification Authority (CA). Typically the CA issues and signs the certificate, binding the identity and the public key of the user. Certificates issued by CAs are widely used as a means of authentication over the Internet because anybody in possession of the Certification Authority’s public key can verify the signature on the certificate
Certification Authority (CA) The trusted party that signs and distribute certificates. This party guarantees that upon creating the digital signature it has verified the identity of the public key owner (e.g. by checking ID, address, etc) and verified that this public key owner has the corresponding private key. The public key of the CA can be signed
Cryptanalysis The art and science of deciphering encrypted messages.
CRC Cyclic Redundancy Check. A widely used error detection code.
DES Data Encryption Standard. The standard block cipher algorithm adopted by NIST for symmetric key cryptography in the late 70’s. It has been superseded by AES.
Digital Signature A protocol by which the recipient of a message can verify that the sender of the message is in possession of the private key corresponding to a given public key and that the message itself has not been tampered with. Digital signatures should be used in conjunction with certificates to avoid the possibility of impersonation.
DSS Digital Signature System. A protocol used to electronically sign documents.
ECC Elliptic Curve Cryptography. A public key cryptographic system based on the mathematical properties of elliptic curves.
ENIGMA The generic name given to a family of mechanical-rotor based ciphering devices utilized by the German forces during World War II.
Entropy A measure of the amount of uncertainty. Entropy is directly related to the number of a priori possible outcomes of a given event. For example, the entropy of a random binary string of length is .
FIPS Federal Information Processing Standards. The collective name for a series of standards related to information processing issued by NIST.
GPG GNU Privacy Guard. Open source, freeware version of PGP.
GSM Global System for Mobile telecommunications. The international standard for satellite phones.
Hacker Originally the terms was used for creative programmers who program in an unorthodox way but it is now used to described those who use their technical skills to gain illegal
access into computer networks to steal or vandalize information. A good hacker must have cryptanalytic skills.
Hamming Distance The number of characters in which two strings (words) differ, measured with the metric of the corresponding alphabet.
Hash Function A function that output a shorter version or digest of an input message. For cryptographic applications the hash function must be one-way (the input cannot be easily derived from the output) and has collisions-free (low probability that two different inputs will give the same output).
Kerberos A trusted server-based protocol that provides authentication and key exchange for symmetric encryption systems. It is the logical equivalent of PKI. Windows 2000 operative system authentication is based on Kerberos.
Key Reconciliation A protocol by which two communicating entities obtain the same secret string after exchanging information over a public network.
LFSR Linear Feed-back Shift Register. A pseudo-random sequence generator based on a recurrence relation.
McElliece Cryptosystem A public key cryptosystem based on linear error correcting codes.
Memoryless Source (or Channel) A source of symbols for which the probabilities of output a given symbol does not depend on any of the previously output symbols.
NIST National Institute of Standards and Technologies. The United
States’ federal agency that develops and promotes measurement, standards and technology.
NSA National Security Agency. The United States’ intelligence agency
responsible for the security and cryptanalysis of electronic communications. It grew from a small US Navy task group in the World War II to be the largest employer of cryptographers in the
One-time pad A perfectly secure symmetric key encryption system that uses a random, secret key of the same length of the message to transmit.
PGP Pretty Good Privacy. Data and message encryption computer software developed by Phil Zimmermann on the basis of standard algorithms and public key encryption.
PKI Public Key Infrastructure. A Public Key directory database, often associated with key-pair generation functions, that provides authentication over medium to large networks.
Private Key The element of an asymmetric-key system key-pair that is kept secret by each user. This part of the key-pair is used for decryption.
Public Key The element of an asymmetric-key system key-pair that is shared with other users. This part of the key-pair is used by senders to encrypt a message.
Quantum cryptography A form of cryptography that employs quantum properties of photons to exchange a random key over a public channel with perfect secrecy.
QKD Quantum Key Distribution. A system to generate and distribute symmetric encryption keys using a quantum channel.
Root Certificate X.509 certificates are predicated on a hierarchy of CA and end user certificates. The signer’s public key can be used to verify a signature on data and, as this public key is linked to the owner’s identity by a certificate, the link itself can be verified by verifying the certificate’s signature. This is done using the public key of the issuing CA, which is included in the CA certificate, one layer up in the hierarchy. This CA certificate will itself be signed by a CA another layer up in the hierarchy. At the top of the ladder there is the root certificate, that is self signed, and that has to be trusted for its own sake. Root certificates are included within web browsers upon release.
RSA A public-key cryptosystem patented by Rivest, Shamir, and Adleman in 1976. It is based on the computational difficulty of factoring large composite numbers. It the most widely implemented of the public key algorithms, included in applications such as PGP and SSL.
Shannon bit The amount of information gained (or entropy removed) upon learning the answer to a question whose two possible answers were equally likely, a priori.
SSL Secure Socket Layer. A widespread protocol used mainly for authentication of Internet transactions.
Symmetric-Key Encryption An encryption system in which both parties use the same secret key to encrypt and decrypt messages.
TCP/IP Transmission Control Protocol/Internet Protocol. Protocols used for the transmission of information within networks of computers. TCP/IP have became the de facto standard for all networks connected to the Internet.
Triple-DES Symmetric key encryption system based on the successive application of three DES ciphers having different keys. It is one of the 3 NIST approved block ciphers and described in NIST special publication SP800-67.
VOIP Voice Over IP. Any of the protocols used to digitize and pack a voice channel signal to be sent over a TCP/IP link.
WEP Wired Equivalent Privacy. IEEE protocol used for data encryption of wireless LANs. This protocol has been broken and should not be used for sensitive applications
WPA Wi-fi Protected Access. The current, and fairly secure, data encryption protocol for wireless LANs.
X.509 Certificate A certificate that conforms to RFC3280 rules for certificate revocation. It is the format widely for digital certificates on the Internet.