Glossary for Internet Cryptography

[Cover]
Basic Glossary from Internet Cryptography

by Richard E. Smith
ISBN 0-201-92480-3, Addison Wesley, 1997

Internet Cryptography Home Page

Index: A | B | C | D | E | F | H | I | K | L | M | N | O | P | R | S | T | V | W | X

active attack: An attack in which the attacker must create or modify information.
Advanced Research Projects Agency (ARPA): Agency of the U. S. Department of Defense that promotes exploratory research in areas that carry long term promise for military applications. ARPA funded the major packet switching experiments in the United States that led to the Internet, particularly the ARPANET.
algorithm: Procedure; a crypto algorithm defines a particular procedure for encrypting or decrypting data. Specific algorithms include DES, IDEA, RC4, SKIPJACK.
American National Standards Institute (ANSI): Organization that endorses and publishes standards for various industries.
annual solar limit: Refers to the total amount of energy produced by the sun in a year. It is possible to calculate a worst case upper limit for the number of keys that can be tested with that amount of energy: 2^192 keys. This suggests that a secret key containing 192 bits is impractical to crack using brute force methods.
ANSI X9.17: ANSI standard for secret key exchange using the DES algorithm.
anti-replay: Security feature that detects when a message on the network has been received more than once. This applies stronger restrictions on duplicate packets than are enforced by typical networking protocols that don't anticipate messages being replayed maliciously.
application encryption: Cryptographic functions built into the communications protocols for a specific application, like e-mail. Examples include PEM, PGP, and SHTTP.
application software: Software that provides a service to a user, as opposed to lower level software that makes useful services possible.
ARPANET: A pioneering wide area, packet switched computer network developed by ARPA. The ARPANET was the original backbone for the modern Internet, and many of its protocols were adapted to work on the Internet, including those for e-mail, FTP, and remote terminal connections.
asymmetric algorithm: A crypto algorithm that uses different keys for encryption and decryption, most often a public key algorithm.
authentication: The process of verifying that a particular name really belongs to a particular entity. For example, a server will authenticate Alice to ensure that the person at the other end of the network connection isn't Henry the Forger instead.
Authentication Header (AH): IPSEC header used to verify that the contents of a packet haven't been modified in transit. The latest IPSEC implementations include anti-replay features in the AH, and typically include AH features in the ESP.
authenticity: The ability to ensure that the given information was in fact produced by the entity whose name it carries and that it was not forged or modified.
autokey: Block cipher mode in which the cipher is used to generate the key stream. Also called output feedback (OFB) mode.

Bailey the Switcher: Attacks network traffic by modifying the contents of other peoples' messages.
block cipher: Cipher that encrypts data in blocks of a fixed size. DES, IDEA, and SKIPJACK are block ciphers.
browser: Client application software for accessing data on the World Wide Web.
brute force cracking: The process of trying to recover a crypto key by trying all reasonable possibilities.
bucket brigade: Attack against public key exchange in which the attacker substitutes their own public key for the requested public key. Also called Man-in-Middle attack.
bypass: Flaw in a security device that allows messages to go around the security mechanisms. Crypto bypass refers to flaws that allow plaintext to leak out.

CAPSTONE: Integrated circuit containing crypto functions for e-mail applications using the SKIPJACK cipher and the Escrowed Encryption Standard. It failed to find a customer base and is no longer manufactured.
certificate, public key: Specially formatted block of data that contains a public key and the name of its owner. The certificate carries the digital signature of a certification authority to authenticate it.
certification authority: Trusted entity that signs public key certificates.
checksum: Numeric value used to verify the integrity of a block of data. The value is computed using a checksum procedure. A crypto checksum incorporates secret information in the checksum procedure so that it can't be reproduced by third parties that don't know the secret information.
cipher: Procedure that transforms data between plaintext and ciphertext; a crypto algorithm.
cipher block chaining (CBC): Block cipher mode that combines the previous block of ciphertext with the current block of plaintext before encrypting it. Very widely used.
cipher feedback (CFB): Block cipher mode that feeds previously encrypted ciphertext through the block cipher to generate the key that encrypts the next block of ciphertext. Also called CTAK.
ciphertext: Data that has been encrypted with a cipher, as opposed to plaintext.
ciphertext autokey (CTAK): Block cipher mode that feeds previously encrypted ciphertext through the block cipher to generate the key that encrypts the next block of ciphertext. Also called CFB.
client: A computing entity in a network that seeks service from other entities on the network. Client software generally resides on personal workstations and is used to contact network servers to retrieve information and perform other activities.
CLIPPER: Integrated circuit containing crypto functions for voice and telephone using the SKIPJACK cipher and the Escrowed Encryption Standard. It failed to find a customer base and is no longer manufactured.
Computer Emergency Response Team (CERT): Organization that collects and distributes information on computer security incidents and software problems relating to publicly used networks like the Internet.
Computer Incident Advisory Capability (CIAC): Organization established by the Department of Energy to track and report on computer security relevant events and situations.
confidentiality: The ability to ensure that information is not disclosed to people who aren't explicitly intended to receive it.
Consulting Committee, International Telephone and Telegraph (CCITT): International standards committee for telephone communications systems.
cracking: The process of overcoming a security measure. Cracking a key means an attempt to recover the key's value; cracking some ciphertext means an attempt to recover the corresponding plaintext.
critical application: Computing application where an attacker could cause incredibly serious damage, including loss of life.
cryptanalysis: Process of trying to recover crypto keys or plaintext associated with a crypto system.
cryptography; crypto: Mechanisms to protect information by applying transformations to it that are hard to reverse without some secret knowledge.
cryptoperiod: Amount of time a particular key is used; some times refers to the amount of data encrypted with it.
cut and paste attack: Attack in which a forgery is assembled from pieces of valid messages to yield a message that will be decrypted more or less correctly.

Data Encryption Standard (DES): Block cipher that is widely used in commercial systems. It is a Federal FIPS standard so it is deemed acceptable by many financial institutions. However, its key length (56 bits) makes it vulnerable to attack by well funded adversaries.
data key: Crypto key that encrypts data as opposed to a key that encrypts other keys. Also called a session key.
data link: The portion of a system of computers that transfers data between them, including wiring, hardware, interfaces, and device driver software.
decipher; decrypt; decode: Convert ciphertext back into plaintext.
Defense Message System (DMS): System being developed by the U. S. Department of Defense to provide secure e-mail services for critical applications.
device driver: Software component that controls a peripheral device. For data link devices, it manages the process of sending and receiving data across the data link.
device driver interface: Standard interface used by a host's software to communicate with peripheral devices, including data link devices.
differential cryptanalysis: Technique for attacking a cipher by feeding it chosen plaintext and watching for patterns in the ciphertext.
Diffie-Hellman (DH): Public key crypto algorithm that generates a shared secret between two entities after they publicly share some randomly generated data.
digital signature: Data value generated by a public key algorithm based on the contents of a block of data and a private key, yielding an individualized crypto checksum.
Digital Signature Standard (DSS): Digital signature algorithm developed by the NSA and endorsed by NIST.
domain name: The textual name assigned to a host on the Internet. The Domain Name Service (DNS) protocol translates between domain names and numerical IP addresses.

electronic codebook (ECB): Block cipher mode that consists of simply applying the cipher to blocks of data in sequence, one block at a time.
electronic mail (e-mail): Application protocol for sending messages between users on a network. Messages may be queued, stored, relayed, or delayed and still eventually be delivered to the intended recipients.
Encapsulating Security Payload (ESP): IPSEC header that encrypts the contents of an IP packet. The most recent implementations of IPSEC may also provide authentication and anti-replay protection of the AH to the packets.
encipher; encrypt; encode: Convert plaintext to ciphertext.
entering wedge: Weakness in a crypto system or other security system that gives an attacker a way to break down some of the system's protections.
Escrowed Encryption Standard (EES): Standard developed by NSA and published by NIST for crypto systems that allows law enforcement and other authorized agencies to tap the encrypted communications by providing a method to recover the crypto keys being used. This standard is not used in any currently avaliable systems or products.
exclusive or: Computational operation on bits that adds the two bits together and discards the carry. This is the basis of the Vernam cipher and key splitting.
executable contents: Data whose contents represent an executable computer program that is capable of modifying persistent data on a host computer.
export control: Laws and regulations intended to prevent products from being exported when not in the government's interest. Typically, munitions are placed under export control.

Federal Information Processing Standard (FIPS): Standards published by NIST that the U. S. government's computer systems should comply with.
File Transfer Protocol (FTP): Internet application and network protocol for transferring files between host computers.
firewall: A device installed at the point where network connections enter a site that applies rules to control the type of networking traffic that flows in and out. Most commercial firewalls are built to handle Internet protocols.
forgery: Data item whose contents misleads the recipient to believe the item and its contents were produced by someone other than the actual author.
FORTEZZA: PC card (formerly called PCMCIA cards) containing the SKIPJACK encryption algorithm and providing crypto services needed to support e-mail applications.

hash: Improved checksum in which it is hard for someone to construct a data block that generates a predetermined checksum or hash value.
headers: Formatted information attached to the front of data sent through a computer network. The headers contain information used to correctly deliver and process the data being sent.
Henry the Forger: Attacker that generates completely forged network messages to try to fool victims.
high risk application: Computer application in which the enterprise operating it can suffer a significant loss through a computer security incident.
hijacking: Attack in which the attacker takes over a live connection between two entities so that the attacker can masquerade as one of the entities.
host: Computer system residing on an network and capable of independently communicating with other systems on the network.
host address: The address used by others on the network to communicate with a particular host.
Hypertext Markup Language (HTML): Textual format used for pages on the World Wide Web.
Hypertext Transfer Protocol (HTTP): Application protocol used to carry requests and replies on the World Wide Web.

in line encryptor: Product that applies encryption automatically to all data passing along a data link.
information security (INFOSEC): Technical security measures that involve communications security, cryptography, and computer security.
integrity: The ability to ensure that information is not modified except by people who are explicitly intended to modify it.
International Data Encryption Algorithm (IDEA): Block cipher developed in Switzerland and used in PGP.
International Standards Organization (ISO): International organization that published a large number of networking standards (the OSI protocols), most of which are incompatible with the Internet protocols. Protocols originally developed by the CCITT are generally ISO protocols.
internet; Internet: Computer network that uses the internet protocol family. When capitalized, it refers to the single, well known, globally connected network using those protocols.
Internet Address and Numbering Authority (IANA): Administrative organization that assigns host addresses and other numeric constants used in the Internet protocols.
Internet Engineering Task Force (IETF): Technical organization that establishes and maintains Internet protocol standards.

Internet Key Exchange (IKE): Key management protocol IPSEC based on ISAKMP and tailored for typical Internet applications.
Internet Protocol (IP): Protocol that carries individual packets between hosts, and allows packets to be automatically routed through multiple networks if the destination host isn't on the same network as the originating host.
Internet Security Association Key Management Protocol (ISAKMP): Key management application protocol for IPSEC that has been endorsed by the IETF as a required part of any complete IPSEC implementation.
intranet: A private network, usually within an organization, that uses the Internet protocols but is not connected directly to the global Internet.
IP address: Host address used in IP packets.
IP Security Protocol (IPSEC): Network crypto protocol for protecting IP packets.

key: Information that causes a cipher to encrypt or decrypt information in a distinctive way. Individual keys are usually associated with individual entities, or at most a pair of entities.
key distribution center (KDC): A device that provides secret keys to allow pairs of hosts to encrypt traffic directly between themselves. This is the basis of the Kerberos system.
key encrypting key (KEK): Crypto key used to encrypt session or data keys, and never used to encrypt the data itself.
key escrow: Mechanism for storing copies of crypto keys so that third parties can recover them if necessary to read information encrypted by others.
key recovery: Mechanism for determining the key used to encrypt some data, possibly through the use of an escrowed key.

least privilege: Feature of a system in which operations are granted the fewest permissions possible in order to perform their tasks.
lightweight crypto: Set of crypto capabilities that is as strong as possible but still sufficiently weak to qualify for favorable treatment under U. S. export regulations.
link encryption: Crypto services applied to data as it travels on data links.
local area network (LAN): Network that consists of a single type of data link and can reside entirely within a physically protected area.
low risk application: Computer applications that, if penetrated or disrupted, would not cause a serious loss for an enterprise.

Man in Middle (MIM): Attack against public key exchange in which the attacker substitutes their own public key for the requested public key. Also called a bucket brigade attack.
mandatory protection: Security mechanism in a computer that unconditionally blocks particular types of activities. For example, most multiuser systems have a "user mode" that unconditionally blocks users from directly accessing shared peripherals. In networking applications, a small number of vendors use mandatory protection to prevent attacks on Internet servers from penetrating other portions of the host system.
masquerade: Attack in which an entity takes on the identity of a different entity without authorization.
medium risk application: Computer application in which a disruption or other security problem could cause losses to the enterprise, and some such losses are an acceptable cost of doing business.
medium strength crypto: Set of crypto capabilities that may qualify for favorable export treatment by the U. S. government if the vendor is actively developing crypto products that contain key escrow features. The typical medium strength algorithm is DES with 56 bit keys.
message: Information sent from one entity to another on the network. A single message may be divided into several packets for delivery to the destination and then reassembled by the receiving host.
Message Digest #5 (MD5): One way hash algorithm that is widely used in crypto applications.
Message Security Protocol (MSP): E-mail crypto protocol developed as part of the SDNS program and being used in the Defense Message System.
mode: One of several ways to apply a block cipher to a data stream. Typical modes include CBC, CFB, and OFB.
modulus: In public key crypto, this refers to part of the public key.
munition: Anything that is useful in warfare. Crypto systems are munitions according to U. S. law. This is the rationale behind export controls on crypto systems.

National Computer Security Center (NCSC): U. S. government organization that evaluates computing equipment for high security applications.
National Institute of Standards and Technology (NIST): Agency of the U. S. government that establishes national standards.
National Security Agency (NSA): Agency of the U. S. government responsible for intercepting foreign communications for intelligence reasons and for developing crypto systems to protect U. S. government communications.
network encryption: Crypto services applied to information above the data link level but below the application software level. This allows crypto protections to use existing networking services and existing application software transparently.
network protocol stack: Software package that provides general purpose networking services to application software, independent of the particular type of data link being used.
nonce: Random value sent in a communications protocol exchange, often used to detect replay attacks.

one time pad: Vernam cipher in which one bit of new, purely random key is used for every bit of data being encrypted.
one time password: Password that can only be used once; usually produced by special password generating software or by a hardware token.
one way hash: Hash function for which it is extremely difficult to construct two blocks of data that yield exactly the same hash result. Ideally, it should require a brute force search to find two data blocks that yield the same result.
Open System Interconnection (OSI): Family of communications protocols and related abstract model (the "OSI reference model") developed by the ISO, most of which are incompatible with the Internet protocols.
output feedback (OFB): Block cipher mode in which the cipher is used to generate the key stream. Also called autokey mode.

packet: A block of data carried by a network. When one host sends a message to another, the message is broken into one or more packets, which are individually sent across the network.
packet switching: Network technology in which data is transmitted in packets. The traditional alternative was to establish a connection between source and destination and to transmit data as a sequence of bits. Packets travel from source to destination along whatever route is immediately available, and different packets in the same message might take different paths.
passive attack: Attack in which data is observed but not modified. This is the type of attack performed by Peeping Tom.
password; passcode: Secret data item that is used to authenticate an entity. Passwords are often words that an individual is supposed to memorize; the system authenticates the person on the assumption that the password is only known by the person it belongs to.
password sniffing: Attack in which someone examines data traffic that includes secret passwords in order to recover the passwords, presumably to use them later in masquerades.
PC card; PCMCIA card: A small, standard plug-in peripheral card often used in laptops as well as workstation computer systems. Modems are often packaged in PC cards. They are also used to hold crypto facilities and to safely store keying material.
Peeping Tom: Attacker whose attacks are based on examining network data traffic: password sniffing, for example.
perimeter: Physical boundary between inside and outside. Security measures rely on being able to trust individuals within a perimeter at least to some degree.
physical network address: Host address on a data link.
plaintext: Data that has not been encrypted, or data that was decrypted from ciphertext.
Play-it-again Sam: Attacker whose attacks are based on intercepting legitimate messages and transmitting them over again in order to trick the system or its users somehow.
port number: Number carried in internet transport protocols to identify which service or program is supposed to receive an incoming packet. Certain port numbers are permanently assigned to particular protocols by the IANA. For example, e-mail generally uses port 25 and Web services traditionally use port 80.
Post Office Protocol (POP): Internet protocol for retrieving e-mail from a server host.
Pretty Good Privacy (PGP): E-mail crypto protocol that uses RSA and IDEA, implemented in software package widely distributed on the Internet.
Privacy Enhanced Mail (PEM): E-mail crypto protocol published by the IETF and provided in some commercial products. It has essentially been superceded by PGP, MSP, and S/MIME.
private key: Key used in public key crypto that belongs to an individual entity and must be kept secret.
programmed attack: Attack on a computer device or protocol that can be embodied in a computer program. Such attacks can be used by attackers with limited expertise.
protocol suite: A collection of communications protocols that work together to provide useful services. There are two widely known protocol suites: the Internet protocols and the ISO/OSI protocols.
proxy: Facility that indirectly provides some service. Proxy crypto applies crypto services to network traffic without individual hosts having to support the services themselves. Firewall proxies provide access to Internet services that are on the other side of the firewall while controlling access to services in either direction.
pseudo random number generator (PRNG): Procedure that generates a sequence of numerical values that appear random. Cryptographic PRNGs strive to generate sequences that are almost impossible to predict. Most PRNGs in commercial software are statistical PRNGs that strive to produce randomly distributed data whose sequence may in fact be somewhat predictable.
public key: Key used in public key crypto that belongs to an individual entity and is distributed publicly. Others can use the public key to encrypt data that only the key's owner can decrypt.
public key algorithm: A cipher that uses a pair of keys, a public key and private key, for encryption and decryption. Also called an asymmetric algorithm.
Public Key Cryptography Standards (PKCS): Standards published by RSA Data Security that describe how to use public key crypto in a reliable, secure, and interoperable fashion.

random number: A number whose value can not be predicted. Truly random numbers are often generated by physical events that are believed to occur randomly.
red/black separation: Design concept for crypto systems that keeps the portions of the system that handle plaintext rigidly separate from portions that handle ciphertext. Portions that handle both are vigorously minimized and then very carefully implemented.
replay: Attack that attempts to trick the system by retransmitting a legitimate message. Some protocols include anti-replay mechanisms to detect and reject such attacks.
reusable password: Password that can be used over and over, as opposed to a one time password. Most passwords used today are reusable passwords.
rewrite: Attack that modifies an encrypted message's contents without decrypting it first.
Rivest Cipher #2 (RC2): Block cipher sold by RSA Data Security, Inc. RC2 used with a 40 bit crypto key was treated as lightweight crypto under older U. S. crypto export rules.
Rivest Cipher #4 (RC4): Stream cipher that is widely used in commercial products. RC4 with a 40 bit key provides exportable lightweight crypto in typical Web browsers.
Rivest, Shamir, Adelman (RSA): Public key crypto system that can encrypt or decrypt data and also apply or verify a digital signature.
RSA Data Security, Inc. (RSADSI): The company primarily responsible for selling and licensing public key crypto for commercial purposes.
router: Device that carries IP packets between a pair of networks when the packets' destination host is either on the receiving network or nearer to the receiving network. Routers are dedicated to this task and rarely provide other services.
routing host: A host that routes IP packets between networks as well as providing other services.

secret key: Crypto key that is used in a secret key ("symmetric") algorithm. The secrecy of encrypted data depends solely on the secrecy of the secret key.
secret key algorithm: Crypto algorithm that uses the same key to encrypt data and to decrypt data. Also called a "symmetric" algorithm.
Secure Hypertext Transfer Protocol (SHTTP): Extension to HTTP to apply crypto services to Web data and transactions.
Secure Multipart Internet Message Extensions (S/MIME): Proposed protocol for embedding crypto protected messages in Internet e-mail.
Secure Sockets Layer (SSL): Crypto protocol applied to data at the socket interface. Often bundled with applications, and widely used to protect World Wide Web traffic.
seed, random: A random data value used when generating a random sequence of data values with a PRNG.
server: The entity in a networking relationship that provides service to clients and other entities on the network. Server software generally resides on hosts with constant, well known network addresses so that clients can reliably contact them. Servers provide information and perform other activities in response to client requests.
session key: Crypto key intended to encrypt data for a limited period of time, typically only for a single communications session between a pair of entities. Once the session is over, the key will be discarded and a new one established when a new session takes place. Also called a data key.
shim: A software component inserted at a well known interface between two other software components. "Shim" versions of IPSEC are often implemented at the device driver interface, below the host's TCP/IP network protocol stack.
Simple Key Interchange Protocol (SKIP): Protocol that establishes session keys to use with IPSEC protocol headers. SKIP data is carried in packet headers and travel in every IPSEC protected packet.
Simple Mail Transfer Protocol (SMTP): Internet protocol for transmitting e-mail between e-mail servers.
SKIPJACK: Block cipher developed by NSA and provided in the CAPSTONE, CLIPPER, and FORTEZZA devices.
snake oil: Derogatory term applied to a product whose developers describe it with misleading, inconsistent, or incorrect technical statements.
sniffing: Attack that collects information from network messages by making copies of their contents. Password sniffing is the most widely publicized example.
socket interface: The software interface between a host's network protocol stack and applications programs that use the network.
splitting: Dividing a crypto key into two separate keys so that an attacker can not reconstruct the actual crypto key even if one of the split keys is intercepted.
stream cipher: Cipher that operates on a continuous data stream instead of processing a block of data at a time.
strong crypto: Crypto facilities that exceed the standards for lightweight or medium strength crypto and therefore face significant restrictions under U. S. export rules.
symmetric algorithm: Crypto algorithm that uses the same crypto key for encrypting and decrypting. Also called a "secret key" algorithm.

TCP/IP: Common acronym for the protocols packaged in a network protocol stack for the Internet protocols.
Telnet: Internet protocol that supports remote terminal connections.
token, authentication: Hardware device that generates a one time password to authenticate its owner. Also sometimes applied to software programs that generate one time passwords.
token, e-mail: Data item in the header of an encrypted e-mail message that holds an encrypted copy of the secret key used to encrypt the message. The token is usually encrypted with the recipient's public key so that only the recipient can decrypt it.
Transmission Control Protocol (TCP): Internet protocol that provides a reliable connection between a server and a client.
transport encryption: Crypto services applied to information above the network level but below the application software level. This allows crypto protections to be applied to an existing application protocol and also use the existing network protocol stack and underlying networking services. Transport encryption is typically packaged with the application that it is protecting.
transport mode: ESP mode that encrypts the data contents of a packet and leaves the original IP addresses in plaintext.
triple DES (3DES): Cipher that applies the DES cipher three times with either two or three different DES keys.
Trojan horse: Program with secret functions in it that surreptitiously access information without the operator's knowledge, usually to circumvent security protections.
tunnel mode: ESP mode that encrypts an entire IP packet including the IP header.

VENONA: U. S. military project to cryptanalyze Soviet one time pad ciphertext from the 1940s.
Vernam cipher: Cipher developed for encrypting teletype traffic by computing the exclusive or of the data bits and the key bits. This is a common approach for constructing stream ciphers.
virtual private network (VPN): Private network built atop a public network. Hosts within the private network use encryption to talk to other hosts; the encryption excludes hosts from outside the private network even if they are on the public network.
virus: Small program that attaches itself to a legitimate program. When the legitimate program runs, the virus copies itself onto other legitimate programs in a form of reproduction.

wide area network (WAN): A network that connects host computers and sites across a wide geographical area.
work factor: The amount of work an attacker must perform to overcome security measures.
World Wide Web (WWW): International information network using HTTP and HTML residing on Internet host computers.
worm: Computer program that copies itself into other host computers across a network. In 1988 the Internet Worm infected several thousand hosts.

X.400: E-mail protocol developed by the CCITT and endorsed by the ISO as part of the OSI protocol family.
X.500: Specification of the directory service required to support X.400 e-mail.
X.509: Public key certificate specification developed as part of the X.500 directory specification, and often used in public key systems.

Richard E. Smith, smith@smat.us
Web design assistance by Anne Chenette
Last update: 7/25/2002

Copyright © 1997-2002, Richard E. Smith
Some material Copyright 1997, Addison Wesley Longman. All Rights Reserved

Basic Glossary from Internet Cryptography

Internet Cryptography Home Page