click below
click below
Normal Size Small Size show me how
Security+ Crypto
Security+ Flash Cards - Cryptography Terms
Term | Definition | Explanation |
---|---|---|
3DES | Triple Digital Encryption Standard | |
AES | Advanced Encryption Standard | |
AES256 | Advanced Encryption Standard 256-bit | |
CA | Certificate Authority | |
CBC | Cipher Block Chaining | |
CCMP | Counter-mode CBC-MAC Protocol | Counter-mode Cipher Block Chaining Message Authentication Code Protocol - Used with WPA2. Cryptographic encapsulation method that is more secure than WEP and TKIP of WPA. |
CFB | Cipher Feedback | "CFB is a close relative of CBC, and makes a block cipher into a self-synchronizing stream cipher. Operation is very similar; in particular, CFB decryption is almost identical to CBC encryption performed in reverse:" |
CRL | Certificate Revocation List | |
CSR | Certificate Signing Request | A CSR is a request submitted to a CA for a digital certificate. |
CTM | Counter-Mode | |
CTR Mode | Counter Mode | Counter mode is a block cipher mode that works similar to a stream cipher. |
DES | Digital Encryption Standard | |
DHE (1) | Diffie-Hellman Ephemeral | Diffie-Hellman Ephemeral uses temporary public keys. |
DSA | Digital Signature Algorithm | |
ECB | Electronic Code Book | |
ECC | Elliptic Curve Cryptography | |
ECDHE | Elliptic Curve Diffie-Hellman Ephemeral | "Variant of Diffie-Hellman Ephemeral (DHE) that uses elliptic curve cryptography, which uses less computational power." |
ECDSA | Elliptic Curve Digital Signature Algorithm | |
GCM | Galois Counter Mode | GCM is a mode of operation for symmetric-key cryptographic block ciphers that has been widely adopted because of its efficiency and performance. |
GPG | GNU Privacy Guard | "GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also known as PGP). GnuPG allows you to encrypt and sign your data and communications; it features a versatile key management system, along with access modules for all kinds of public key directories." |
HMAC | Hashed Message Authentication Code | |
IDEA | International Data Encryption Algorithm | |
IKE | Internet Key Exchange | |
IV | Initialization Vector | |
MAC (3) | Message Authentication Code | |
MD5 | Message Digest 5 | |
OCSP | Online Certificate Status Protocol | OCSP is used to determine the state of an identified certificate. The OCSP client and the OCSP responder exchange information about whether a certificate is valid or revoked. |
PKCS #12 | Public Key Cryptography Standards #12 | "Defines a file format commonly used to store private keys with accompanying public key certificates, protected with a password-based symmetric key. -- .p12 and .pfx are file extensions" |
PBKDF2 | Password-based Key Derivation Function 2 | "PBKDF2 applies a pseudorandom function to the input password along with a salt and repeats the process to produce a derived key, which can be used as a cryptographic key in subsequent operations. a/k/a key stretching" |
PFS | Perfect Forward Secrecy | |
PFX | Personal Information Exchange | "Binary format to store a server certificate, intermediate certificates and private key in one file. Used to import and export certs and private keys. -- .p12 and .pfx are filename extensions." |
PGP | Pretty Good Privacy | |
PKI | Public Key Infrastructure | |
POODLE | Padding Oracle On Downgrade Legacy Encryption | POODLE is a man-in-the-middle exploit found in 2014 which takes advantage of Internet and security software clients' backward compatibility to SSL 3.0. |
RA (1) | Recovery Agent | A Recovery Agent is someone who is permitted to decrypt another user's data in case of emergency. |
RA (2) | Registration Authority | A Registration Authority authenticates the entity making the request for a digital certificate. Sometimes called a subordinate CA. |
RC4 | Rivest Cipher version 4 | |
RIPEMD | RACE Integrity Primitives Evaluation Message Digest | RACE = Research and development in Advanced Communications technologies in Europe |
RSA | "Rivest, Shamir and Adelman" | |
SHA | Secure Hashing Algorithm | |
TKIP | Temporal Key Integrity Protocol | |
XOR | Exclusive Or | |
PKCS | Public Key Cryptography Standards | "Public-key cryptography standards devised and published by RSA Security LLC, starting in the early 1990s." |