The URLs listed below all point to
the various features in this series on cryptography.
| AES | The Advanced Encryption Standard, intended to replace DES. The winner of the competition organized by NIST is
Rijndael. |
| |
| Algorithm | The model of the rules by which a task, such as encryption or decryption, is carried out. |
| Asymmetric cryptography | A recently developed form of cryptography involving two keys, mathematically linked such that
one key is used for encrypting plain text, which can then only be decrypted using the corresponding other key; known also as
public key cryptography. |
| Authentication | The process of verifying identity, authorization and so on, so that something can be trusted. |
| Biometrics | The science of using unique physical characteristics to establish identity. |
| Birthday attack | A particular form of brute-force attack named for the fact that in a group of 23 people, the probability of
two or more sharing the same birthday is greater than 1 / 2. |
| Blind signature scheme | A method allowing digital signing of documents without the contents being known to the signer.
Block A sequence of bits of fixed length. |
| Block cipher | A type of symmetric cipher that breaks down the plain text into blocks, encrypting these in turn. |
| Brute force attack | A process whereby up to every possible value is tried until a match
is found (Also known as an exhaustive search). |
| CBC | Cipher Block Chaining; a process whereby a plain text block is XORed with the previous cipher text block before
being encrypted. |
| Certifying authority (CA) | An organization or individual who creates digital certificates; also known as certificate
authority. |
| CFM | Cipher Feedback Mode, a block cipher mode whereby it's implemented as a self-synchronizing stream cipher. |
| Cipher | An encryption-decryption algorithm. |
| Cipher text | Data that has been encrypted. |
| Clear text | See plain text. |
| Collision | The situation where two different texts return the same hash value from the same algorithm. |
| Covert channel | A communications medium that is hidden or is seemingly not used for transferring data. |
| Cracker | A person or computer program that attempts to defeat computer security measures, including cryptography. |
| CRL | Certificate Revocation List; a list of certificates that have been revoked and so are no longer valid. |
| Cryptanalysis | The process whereby an attempt is made to break cryptography whether by analysis or some other means. |
| Cryptosystem | A cipher together with all possible plain texts, cipher texts, and keys. |
| Dictionary attack | A form of brute force attack, possibly modified selectively by probability, whereby words or phrases are
tried in sequence. |
| Digital certificate | An electronic document authenticated by a trusted public key and providing confidence that the public
key specified is correctly associated with the identified individual or organization and has not been compromised; often
known simply as a "certificate." |
| Data Encryption Standard (DES) | The formal description of the Data Encryption Algorithm, developed by IBM and
adopted by the U.S. Government as a formal standard in 1977. |
| Decryption | The process of transforming cipher text into plain text. |
| Diffie-Hellman | The first public-key algorithm, published in 1976, and named after the authors. |
| Digital cash | Electronic representation of cash, typically presented in mixed-value "coins" capable of being used
anonymously. |
| Digital envelope | A mechanism for enclosing cipher text and its associated session key in an encrypted form protected by
another key, typically, but not necessarily, a private key. |
| Digital signature | A process of linking a document mathematically to a particular private key; note that this is not the same as
linking a document so signed to a particular individual. |
| Digital timestamp | A process of linking mathematically a document to a particular date and time. |
| Electronic money | See Digital cash. |
| Encryption | The process of transforming plain text into cipher text. |
| Entropy | In mathematics, a measurement of the amount of uncertainty or randomness. |
| Exhaustive search | See brute force attack. |
| Factor | Any number that divides an integer; for example, the factors of 15 are 5 and 3. |
| Factoring | Here the process of breaking down a large integer formed of two prime numbers into those primes. |
| Hacker | A person, often of considerable experience, with skills in writing and modifying software, particularly in arcane
areas; used erroneously as a synonym for cracker (qv). |
| Hash function | A function designed to give a fixed-length output (typically 128 or 160 bits in cryptography) from text input
of variable and arbitrary length. |
| IETF | Initialism of the Internet Engineering Task Force, a body responsible for many of the Internet standards. |
| IPSec | The IETF's security additions specifications providing for authentication, integrity, and privacy services at the IP
datagram layer. |
| ISO | Acronym of the International Standards Organisation, the function of which is given by its name. |
| Kerberos | A trusted third-party authentication protocol associated with key delivery mechanisms; developed at MIT. |
| Key | The general name used for a string of bits which, when used with a cipher, determines the relationship between given plain text
and associated cipher text. |
| Key escrow | The process whereby a third party holds a key in trust against some agreed-upon eventuality. |
| Key length | A measure of the number of bits in a given key; note that although increasing the key length gives added security,
it's not appropriate to compare the lengths used with one cipher with those in another and, in general, that key lengths in
symmetric ciphers do not equate directly with key lengths in asymmetric ciphers. |
| Key pair | In asymmetric cryptography, the public and private keys together. |
| Key recovery | A feature designed to allow messages to be recovered even if a key has been lost. This might involve key
escrow, back doors into a system, or other methods. |
| MAC | Acronym for Message Authentication Code. |
| Message digest | A (virtually) unique value associated with a given message, typically generated by applying a specialized
hash function. |
| MIME | Multipurpose Internet Mail Extensions, an Internet mail standard that offers a way to exchange text in multiple
languages using different character sets. |
| Modular arithmetic | A form of arithmetic whereby integers leaving the same remainder when divided by the modulus are
considered equal. |
| Modulus | An integer used for division in modular arithmetic. |
| NIST | Acronym for the U.S. agency, the National Institute of Standards and Technology, charged with, among other things, producing cryptography
standards. |
| NSA | The initialism of yet another U.S. government agency, the National Security Agency, which busies itself checking out
foreign electronic and other communications. |
| Number theory | The area of mathematics involved with investigating the properties of numbers and their relationships. |
| One time pad | Also known as the Vernam cipher and considered unbreakable although not easy to manage; the key consists
of a random selection of bits exactly as long as the message itself and with which it is XORed. |
| Password | A string of printable characters intended to be used as a key of some sort in controlling access to files or systems.
A passphrase is, as the name suggests, similar but longer, and consists of several words. |
| Plain text | Data before encryption. |
| Prime number | Any integer greater than 1 that is divisible only by 1 and itself; 2, 3, and 5 are prime numbers, 4 is not. |
| Private key | The secret key in an asymmetric system. It's used for the encryption process when creating digital signatures
and for the decryption process when viewing received messages. |
| PRNG | Pseudo-Random Number Generator, a mechanism used in a computer system to create, in as non-deterministic a
manner as possible, a seed value from which a pseudo-random number will be derived. |
| Public key | The widely publicized component of an asymmetric key pair. It's used in contrary manner to the private key. |
| Public key cryptography | See asymmetric cryptography. |
| Random number | A number that is produced quite independently of its generating criteria. It's extremely difficult to have
a computer generate a truly random number and so pseudo-random numbers, which are made as non-deterministic as
possible, are used. |
| Repudiation | The denying that some action was performed; hence "non-repudiation" is used as a property of systems that can
show unequivocally that some action was indeed carried out as purported. |
| Revocation | The cancellation of the validity of a certificate. |
| RFC | Request For Comment, an IETF document used as a means for disseminating information and consulting with users. |
| RSA algorithm | A widely-used asymmetric cryptosystem based on a factoring problem. The initialism derives from the
names of the developers, Ron Rivest, Adi Shamir, and Leonard Adelman. |
| Secure channel | A means of conveying information from one source to another such that it's protected from third party
access. |
| S-HTTP | Secure Hypertext Transfer Protocol. |
| S/MIME | Secure MIME. |
| SSH | Secure Shell, an IETF-proposed protocol for securing the transport layer. |
| SSL | Secure Socket Layer, a protocol developed by Netscape to provide secure communication during an Internet session. |
| Secret key | In symmetric cryptography systems, a single key that is used for both encryption and decryption. |
| Secret sharing | Typically applied to keys, whereby a key is split in such a way that a minimum number of pieces taken from
the total possible need to be combined to provide access; for example, access might be given by combining at least five of
eight elements. |
| Session key | Key generated for use during a single session of encryption and subsequently discarded; this will typically be a
secret key. |
| SET | Secure Electronic Transmission, a standard developed principally by the VISA and MasterCard consortia and intended
to provide security in the area of bank card information interchange. |
| SMTP | Simple Mail Transfer Protocol, widely used for sending e-mail. |
| Smartcard | A small device, typically plastic and of the size of a credit card, which has a computer chip used for storing and
processing small amounts of information. |
| Stream cipher | A secret key algorithm that processes a stream of bits one bit at a time. |
| Substitution cipher | A generally simple mechanism whereby plain text characters are replaced with other characters to form
the cipher text. |
| S/WAN | Secure Wide Area Network, an initiative intended to support VPNs. |
| Symmetric cryptography | The providing of encryption/decryption facilities depending on the use of the same secret key for
each. |
| Symmetric key | An alternative name for secret key. |
| Transposition cipher | Another generally simple mechanism whereby the plain text characters remain unchanged but their
order is transposed in some way. |
| TLS | Transport Layer Security, an IETF draft similar to SSL and intended to provide communications privacy over the
Internet. |
| Vernam cipher | See one time pad. |
| VPN | Virtual Private Network, a means of allowing secure network use between remote systems but across a public network
such as the Internet. |
| WAP | Wireless Access Protocol. |
| Weak key | One of a number of keys that may produce regularities in cipher text, or may otherwise offer poor security, so
allowing relatively easy breaking of the encryption. |
| WTLS | Wireless Transport Layer Security, the security layer protocol in the WAP architecture. |
| XOR | An abbreviation for exclusive XOR, a logical operation returning true if two values compared are different and
returning false if they're the same. Used in bitwise operations 1 XOR 0 or 0 XOR 1 gives 1 and 1 XOR 1 or 0 XOR 0 gives
0. |
A wide range of books on cryptography is available from bookshops, libraries
which haven't been reduced through misguided management policies and lack of
funds to stocking only meretricious junk, and from various online sources. The
following book titles are a few that are particularly useful but there are many
more. Journals such as
Scientific American, Wired
and others also
publish useful articles on aspects of cryptography.
