Test 3 NEED
session keys
Limited-use symmetric keys for temporary communications during an online session.
plaintext or cleartext
The original unencrypted message, or a message that as been successfully decrypted.
Secure electronic transactions (SET)
a protocol developed by credit card companies to protect against electronic payment fraud
message digest
a value representing the application of a hash algorithm on a message that is transmitted with the message so it can be compared with the recipient's locally calculated hash of the same message. If both hashes are identical after transmission, the message has arrived without modification. Also known as a hash value.
Diffie-Hellman key exchange
A hybrid cryptosystem that facilitates exchanging private keys using public-key encryption.
Secure Sockets Layer (SSL)
A security protocol developed by Netscape to use public-key encryption to secure a channel over the internet.
Privacy Enhanced Mail (PEM)
A standard proposed by the Internet Engineering Task Force (IETF) that uses 3DES symmetric key encryption and RSA for key exchanges and digital signatures.
Template cipher
is not strictly an encryption cipher, but more of an example of stegonography.
Steganography
the process of hiding messages; for example, hiding a message within the digital encoding of a picture or graphic so that it is almost impossible to detect that the hidden message even exists.
steganography
the process of hiding messages; for example, hiding a message within the digital encoding of a picture or graphic so that it is almost impossible to detect that the hidden message even exists.
cryptography
the process of making and using codes to secure information
cryptanalysis
the process of obtaining the plain text message from a ciphertext message without knowing the keys used to perform the encryption
Block Cipher
An encryption method that involves dividing the plaintext into blocks or sets of bits and then converting the plaintext to ciphertext one block at a time.
Public Key Infrastructure (PKI)
An integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services that enables users to communicate securely through the use of digital certificates.
Registration Authority (RA)
In PKI, a third party that operates under the trusted collaboration of the certificate authority and handles day-to-day certification functions.
digital certificates
Public-key container files that allow PKI system components and end users to validate a public key and identify its owner.
nonrepudiation
The process of reversing public-key encryption to verify that a message was sent by the sender and thus cannot be refuted.
ciphertext or cryptogram:
The unintelligible encrypted or encoded message resulting from an encryption.
WPA
Wifi protected access, has a key size of 128 bits. It uses dynamic keys created and shared by an authentication server.
WEP
Wired Equivalent Privacy, an encryption algorithm used to protect data on Wi-Fi Networks, used RC4 cipher stream to encrypt each packet using a 64-bit key.
WPA2
better WPA with AES based encryption
digital signatures
encrypted message components that can be mathematically proven as authentic
Message Authentication Code (MAC)
A key-dependent, one-way hash function that allows only specific recipients (symmetric key holders) to access the message digest.
Encapsulating Security Payload (ESP)
In IPSec, a protocol that provides secrecy fo the contents of network communications as well as system-to-system authentication and data integrity verification
transport mode
In IPSec, an encryption method in which only a packet's IP data is encrypted, not the IP headers themselves; this method allows intermediate nodes to read the source and destination addresses.
tunnel mode
In IPSec, an encryption method in which the entire IP packet is encrypted and inserted as the payload in another IP packet. This requires other systems at the beginning and end of the tunnel to act as proxies to send and receive the encrypted packets and then transmit the packets to their ultimate destination.
Certificate Revocation List (CRL)
In PKI, a published list of revoked or terminated digital certificates.
Digital Signature Standard (DSS)
The NIST standard for digital signature algorithm usage by federal information systems. DSS is based on a variant of the EIGamal signature scheme.
IP Security (IPsec)
The primary and now dominant cryptographic authentication and encryption product of the IETF's IP Protocol Security Working Group. A framework for security development within the TCP/IP family of protocol standards, IPSec provides application support for all uses within TCP/IP, including virtual private networks.
asymmetric encryption
a crypographic method that incorporates mathematical operations involving both a public key and a private key to encipher or decipher a message. Either key can be used to encrypt a message, bu the other key is required to decrypt it.
symmetric encryption
a cryptographic method in which the same algorithm and secret key are used both to encipher and decipher the message
permutation cipher/transposition cipher
a cryptographic operation that involves simply rearranging the values within a block based on an established pattern.
vernam cipher
a cryptographic technique developed at AT&T and known as the "one-time pad," this cypher uses a set of characters for encryption operations and only one time and then discards it.
exclusive OR operation (OXR)
a function within Boolean algebra used as an encryption function in which two bits are compared. If the two bits are identical, the result is binary 0, otherwise , the result is a binary 1.
secret key
a key that can be used in symmetric encryption both to encipher and decipher the message
Secure Multipurpose Internet Mail Extensions (S/MIME)
a security protocol that builds on the encoding format of the Multipurpose internet Mail Extensions(MIME) protocol and uses digital signatures based on public key cryptosystems to secure e-mail.
link encryption
a series of encryption and decryption between a number of systems, wherein each system in a network decrypts the message sent to it and then reencrypts the message using different keys and sends it to the next neighbor. This process continues until the message reaches the final destination.
Secure Hash Standard (SHS)
a standard issued by the National Institute of Standards and Technology (NIST) that specifies secure algorithms, such as SHA-1, for computing a condensed representation of a message or data file.
Polyalphabetic substitution
a substitution cipher that incorporates two or more alphabets in the encryption process
monoalphabetic substitution
a substitution cipher that only incorporates a single alphabet in the encryption process
vigenere cipher
an advanced type of substitution cipher that uses a simple polyalphabetic code
substitution cipher
an encryption method in which one value is substituted for another
Bit stream cipher
an encryption method that involves converting plaintext into blocks or sets of bits and then converting the plaintext to ciphertext one block at a time
Secure HTTP (S-HTTP)
an extended version of Hypertext Transfer Protocol that provides for the encryption of protected Web pages transmitted via the Internet between a client and server
application header (AH) protocol
in IPSec, a protocol that provides system-to-system authentication and data integrity verification, but does not provide secrecy for the content of a network communication
Certificate Authority (CA)
in PKI, a third party that manages users' digital certificates.
Book Cipher
in a book cipher the ciphertext consists of a list of codes representing the page number , line number, and word number of the plaintext word.
hash functions
mathematical algorithms that generate a message summary or digest (sometimes called a fingerprint) to confirm message identity and integrity
hash algorithms
public functions that create a hash value, also known as a message digest, by converting variable-length messages into a single fixed-length value
work factor
the amount of effort( usually expressed in units of time) required to perform cryptanaliysis on an encoded message
advanced encryption standard (AES)
the current federal standard for the encryption of data, as specified by NIST. AES is based on the Rijndael algorithm, which was developed by Vincent Rijmen and Joan Daemen
Keyspace
the entire range of values that can be used to construct an individual key
cryptology
the field of science that encompasses cryptography and cryptanalysis.
Key or cryptovariable:
the information used in conjunction with the algorithm to create the ciphertext from the plaintext; it can be a series of bits used in a mathematical algorithm or the knowledge of how to manipulate the plaintext. Sometimes called a cryptovariable.
algorithm
the mathematical formula or method use to convert an unencrypted message into an encrypted message. This is sometimes refers to the programs that enable the cryptographic processes
decryption
the process of converting an encoded or enciphered message (ciphertext) back to its original readable form(plaintext). Also referred to as deciphering.
encryption
the process of converting an original message (plaintext) into a form that cannot be used by unathorisized individuals (ciphertext). Also referred to as enciphering.
code
the process of converting components( words or phases) of an unencrypted message into encrypted components.
Running key cipher
the sender provides an encrypted message with a short sequence of numbers that indicate that the page, line and word number from a predetermined book to be used as a key or indicator block.
cipher
when used as a verb, the transformation of the individual components(characters, bytes, or bits) of an unencrypted message into encrypted components or vice versa( see decipher and encipher); when used as a noun, the process of encryption or the algorithm used in encryption, and a term synonymous with cryptosystem.