Chapter 5

Diffie-Hellman Ephemeral (DHE)

A Diffie-Hellman key exchange that uses different keys.

Elliptic Curve Diffie-Hellman (ECDH)

A Diffie-Hellman key exchange that uses elliptic curve cryptography instead of prime numbers in its computation.

Blowfish

A block cipher that operates on 64-bit blocks and can have a key length from 32 to 448 bits.

Trusted Platform Module (TPM)

A chip on the motherboard of the computer that provides cryptographic services.

block cipher

A cipher that manipulates an entire block of plain text at one time.

Pretty Good Privacy (PGP)

A commercial product that is commonly used to encrypt files and messages.

Message Digest (MD)

A common hash algorithm with several different versions.

sponge function

A cryptographic function that applies a process on the input that has been padded with additional characters until all characters are used.

Twofish

A derivation of the Blowfish algorithm that is considered to be strong.

RACE Integrity Primitives Evaluation Message Digest (RIPEMD)

A hash algorithm that uses two different and independent parallel chains of computation and then combines the result at the end of the process.

Hashed Message Authentication Code (HMAC)

A hash function that is applied to both the key and the message.

Diffie-Hellman (DH)

A key exchange that requires all parties to agree upon a large prime number and related integer so that the same key can be separately created.

key

A mathematical value entered into a cryptographic algorithm to produce encrypted data.

Hardware Security Module (HSM)

A secure cryptographic processor.

Secure Hash Algorithm (SHA)

A secure hash algorithm that creates more secure hash values than Message Digest (MD) algorithms.

Data Encryption Standard (DES)

A symmetric block cipher that uses a 56-bit key and encrypts data in 64-bit blocks.

Advanced Encryption Standard (AES)

A symmetric cipher that was approved by the NIST in late 2000 as a replacement for DES.

Triple Data Encryption Standard (3DES)

A symmetric cipher that was designed to replace DES.

ephemeral key

A temporary key that is used only once before it is discarded.

quantum cryptography

A type of asymmetric cryptography that attempts to use the unusual and unique behavior of microscopic objects to enable users to securely develop and share keys.

RC4

An RC stream cipher that will accept keys up to 128 bits in length.

hash

An algorithm that creates a unique digital fingerprint.

stream cipher

An algorithm that takes one character and replaces it with one character.

elliptic curve cryptography (ECC)

An algorithm that uses elliptic curves instead of prime numbers to compute keys.

private key

An asymmetric encryption key that does have to be protected.

public key

An asymmetric encryption key that does not have to be protected.

digital signature

An electronic verification of the sender.

plaintext

Cleartext data that is to be encrypted and decrypted by a cryptographic algorithm.

one-time pad (OTP)

Combining plaintext with a random key to create ciphertext that cannot be broken mathematically.

private key cryptography

Cryptographic algorithms that use a single key to encrypt and decrypt a message.

whole disk encryption

Cryptography that can be applied to entire disks.

asymmetric cryptographic algorithm

Cryptography that uses two mathematically related keys.

public key cryptography

Cryptography that uses two mathematically related keys.

ciphertext

Data that has been encrypted.

symmetric cryptographic algorithm

Encryption that uses a single key to encrypt and decrypt a message.

out-of-band

Exchanging secure information outside the normal communication channels.

in-band

Exchanging secure information within normal communication channels.

GNU Privacy Guard (GPG)

Free and open-source software that is commonly used to encrypt and decrypt data.

steganography

Hiding the existence of data within another type of file.

algorithm

Procedures based on a mathematical formula used to encrypt and decrypt the data.

perfect forward secrecy

Public key systems that generate random public keys that are different for each session.

Message Digest 5 (MD5)

The current version of MD.

RSA

The most common asymmetric cryptography algorithm.

decryption

The process of changing ciphertext into plaintext.

encryption

The process of changing plaintext into ciphertext.

non-repudiation

The process of proving that a user performed an action.

key exchange

The process of sending and receiving secure cryptographic keys.

cryptography

The science of transforming information into a secure form so that unauthorized persons cannot access it.

digest

The unique digital fingerprint created by a one-way hash algorithm.

cleartext

Unencrypted data.