Skip to content

Basic Cryptography

  • AES
    Advanced Encryption Standard (AES) is a U.S. government encryption standard supported by the National Institute of Standards and Technology (NIST). A cryptographic cipher that uses a block length of 128 bits and key lengths of 128, 192, or 256 bits (PC Magazine, 2019).

  • Authentication
    Verifying the integrity of a transmitted message. Also, verifying the identity of a user logging into a network. Passwords, digital certificates, smart cards, and biometrics can be used to prove the identity of the client to the network. Passwords and digital certificates can also be used to identify the network to the client (PC Magazine, 2019).

  • Block Level Data
    Reading and writing a disk at the physical level. The disk controller in every computer and server reads and writes the disks at this level (PC Magazine, 2019).

  • Brute Force
    The systematic, exhaustive testing of all possible methods that can be used to break a security system. For example, in cryptanalysis, trying all possible keys in the key space to decrypt a ciphertext (PC Magazine, 2019).

  • Chosen Plaintext Attack
    Cryptanalysts can choose arbitrary plaintext data to be encrypted, and then they receive the corresponding ciphertext. They try to acquire the secret encryption key, or alternatively to create an algorithm, that would allow them to decrypt any ciphertext messages encrypted using this key (Kowalczyk, 2019).

  • Collision Resistance
    The process of resolving issues with hash functions that result in the same output.

  • Cryptographic Modes
    The methods and forms of cryptography. This includes public and private key encryption and all the hash functions associated with the cryptography.

  • Data Integrity
    The quality of correctness, completeness, wholeness, soundness, and compliance with the intention of the creators of the data. It is achieved by preventing accidental or deliberate but unauthorized insertion, modification, or destruction of data in a database (PC Magazine, 2019).

  • Data Protection
    An umbrella term for various procedures that ensure information is secure and available only to authorized users (PC Magazine, 2019).

  • DES
    A NIST-standard cryptographic cipher that uses a 56-bit key. Adopted by NIST in 1977, it was replaced by AES in 2001 as the official standard (PC Magazine, 2019).

  • Differential Cryptanalysis Attack
    The process of using the differences in inputted information to determine what the output is going to be. This attack is usually performed on block ciphers.

  • Diffie-Hellman
    In this method, both sides use a common number, and both sides use a different random number as a power to raise the common number. The results are then sent to each other. The receiving party raises the received number to the same random power used before, and the results are the same on both sides (PC Magazine, 2019).

  • Digital Certificate
    The digital equivalent of an ID card used in conjunction with a public key encryption system (PC Magazine, 2019).

  • Digital Signature
    The electronic equivalent of a person's physical signature. It is also a guarantee that information has not been modified, as if it were protected by a tamper-proof seal that is broken if the contents are altered (PC Magazine, 2019).

  • DSA
    The algorithm used in the Digital Signature Standard (DSS) by the U.S. government. Not as widely used as RSA (PC Magazine, 2019).

  • ECC
    A public key cryptography method that provides fast decryption and digital signature processing. It uses points on an elliptic curve to derive a 163-bit public key that is equivalent in strength to a 1024-bit RSA key. The public key is created by agreeing on a standard generator point in an elliptic curve group (elliptic curve mathematics is a branch of number theory) and multiplying that point by a random number (the private key). Although the starting point and public key are known, it is extremely difficult to backtrack and derive the private key (PC Magazine, 2019).

  • ElGamal
    A form of asymmetric encryption that uses encryption for digital signatures. Uses discrete logarithms in its formulas (PC Magazine, 2019).

  • FIPS 140 Series
    This standard specifies the security requirements that are to be satisfied by a cryptographic module utilized within a security system, protecting unclassified information within computer and telecommunication systems (PC Magazine, 2019).

  • Hash Function
    An algorithm that turns a variable amount of text into a small, fixed-length value (PC Magazine, 2019).

  • Key Management (Creation, Exchange/Distribution)
    The creation, distribution, and maintenance of a secret key. It determines how secret keys are generated and made available to both parties; for example, public key systems are widely used for such an exchange (PC Magazine, 2019).

  • Known Plaintext Attack
    The attacker has access to the ciphertext and its corresponding plaintext. The goal is to guess the secret key (or a number of secret keys) or to develop an algorithm that would allow him or her to decrypt any further messages (Kowalczyk, 2019).

  • Linear Cryptanalysis Attack
    The process of analyzing the relationships between parity bits of plaintext. It uses the straightforward inputted information to determine what the output is going to be. This attack is usually performed on block ciphers.

  • MD4
    A broken hash function developed by Ronald Rivest for 32-bit computers. This outdated method was used to create message digests for digital signatures (PC Magazine, 2019).

  • MD5
    A popular cryptographic hash function developed by Ronald Rivest (the "R" in RSA), which is used to create a message digest for digital signatures (PC Magazine, 2019).

  • Non-Repudiation
    To be unable to reject the validity of a document (unable to prove it is counterfeit). The term is the opposite of "repudiate," which means to reject the validity of something. Digital signatures and certificates provide non-repudiation because they guarantee the authenticity of a document or message. As a result, the sending parties cannot deny that they sent it (they cannot repudiate it) (PC Magazine, 2019).

  • Public Key Cryptography
    An encryption method that uses a two-part key: one private, the other public. To send an encrypted message to someone, the recipient's public key is used, which can be published anywhere or sent openly via email. When the message arrives, the recipient uses his or her private key, which is always kept secret (PC Magazine, 2019).

  • Public Key Infrastructure
    A public key infrastructure (PKI) is a framework for creating a secure method for exchanging information based on public key cryptography. The foundation of a PKI is the certificate authority (CA), which issues digital certificates that authenticate the identity of organizations and individuals over a public system such as the internet (PC Magazine, 2019).

  • RSA
    In the RSA method, data is encrypted by using the recipient's public key, which can be decrypted only by the recipient's private key. This method encrypts the secret DES key so that it can be transmitted over the network, but it encrypts and decrypts the actual message using the much faster DES algorithm (PC Magazine, 2019).

  • SHA-1
    A family of popular cryptographic hash algorithms used to create digital signatures. Similar to the MD4 and MD5 algorithms developed by Ronald Rivest, but slightly slower and more secure (PC Magazine, 2019).

  • SHA-2
    Extension of SHA-1 to include hash lengths of 256 and 512 (PC Magazine, 2019).

  • SHA-3
    Released by NIST in 2015. Supports the same hash lengths as SHA-2, but uses a different cryptographic method based on the Keccak algorithm (PC Magazine, 2019).

  • Streaming Data
    Data that is transmitted and processed in a continuous flow, such as digital audio and video (PC Magazine, 2019).

  • Symmetric Cryptography
    An encryption method that uses the same secret key to encrypt and decrypt messages. The problem with this method is transmitting the secret key to a legitimate person who needs it (PC Magazine, 2019).

  • Twofish
    A 128-bit block cipher by Counterpane Labs, published in 1998. It was one of the five Advanced Encryption Standard (AES) finalists, and was not selected as AES (Schneier, 2019).

Resources

Computer Security Resource Center. (2019). National Institute of Standards and Technology. Retrieved from https://csrc.nist.gov/csrc/media/publications/fips/140/1/archive/1994-01-11/documents/fips1401.pdf

Kowalczyk, C. (2019). Crypto-IT. Retrieved from http://www.crypto-it.net/eng/attacks/

PC Magazine. (2019). Encyclopedia. Retrieved from https://www.pcmag.com/encyclopedia

Schneier, B. (n.d). Schneier on Security. Retrieved from https://www.schneier.com/academic/twofish/