Term | Definition |
Advanced Encryption Standard (AES) | A symmetric cipher that was approved by the NIST in late 2000 as a replacement for DES. |
Algorithm | Procedures based on a mathematical formula used to encrypt and decrypt the data. |
Asymmetric cryptographic algorithm | Cryptography that uses two mathematically related keys. |
Block cipher | A cipher that manipulates an entire block of plaintext at one time. |
Blowfish | A block cipher that operates on 64-bit blocks and can have a key length from 32 to 448 bits. |
Ciphertext | Data that has been encrypted. |
Cleartext | Unencrypted data. |
Cryptography | The science of transforming information into a secure form so that unauthorized persons cannot access it. |
Data Encryption Standard (DES) | A symmetric block cipher that uses a 56-bit key and encrypts data in 64-bit blocks. |
Decryption | The process of changing ciphertext into plaintext. |
Diffie-Hellman (DH) | A key exchange that requires all parties to agree upon a large prime number and related integer so that the same key can be separately created. |
Diffie-Hellman Ephemeral (DHE) | A Diffie-Hellman key exchange that uses different keys. |
Digest | The unique digital fingerprint created by a one-way hash algorithm. |
Digital signature | An electronic verification of the sender. |
Elliptic curve cryptography (ECC) | An algorithm that uses elliptic curves instead of prime numbers to compute keys. |
Elliptic Curve Diffie-Hellman (ECDH) | A Diffie-Hellman key exchange that uses elliptic curve cryptography instead of prime numbers in its computation. |
Encryption | The process of changing plaintext into ciphertext. |
Ephemeral key | A temporary key that is used only once before it is discarded. |
GNU Privacy Guard (GPG) | Free and open-source software that is commonly used to encrypt and decrypt data. |
Hardware Security Module (HSM) | A secure cryptographic processor. |
Hash | An algorithm that creates a unique digital fingerprint. |
Hashed Message Authentication Code (HMAC) | A hash function that is applied to both the key and the message. |
In-band | Exchanging secure information within normal communication channels. |
Key | A mathematical value entered into a cryptographic algorithm to produce encrypted data. |
Key exchange | The process of sending and receiving secure cryptographic keys. |
Message Digest (MD) | A common hash algorithm with several different versions. |
Message Digest 5 (MD5) | The current version of MD. |
Non-repudiation | The process Of proving that a user performed an action. |
One-time pad (OTP) | Combining plaintext with a random key to create cipher text that cannot be broken mathematically. |
Out-of-band | Exchanging secure information outside the normal communication channels. |
Perfect forward secrecy | Public key systems that generate random public keys that are different for each session. |
Plaintext | Cleartext data that is to be encrypted and decrypted by a cryptographic algorithm. |
Pretty Good Privacy (PGP) | A commercial product that is commonly used to encrypt files and messages. |
Private key | An asymmetric encryption key that does have to be protected. |
Private key cryptography | Cryptographic algorithms that use a single key to encrypt and decrypt a message. |
Public key | An asymmetric encryption key that does not have to be protected. |
Public key cryptography | Cryptography that uses two mathematically related keys. |
Quantum cryptography | A type of asymmetric cryptography that attempts to use the unusual and unique behavior of microscopic objects to enable users to securely develop ,and share keys. |
RACE Integrity Primitives Evaluation Message Digest (RIPEMD) | A hash algorithm that uses two different and independent parallel chains of computation and then combines the result at the end of the process. |
RC4 | An RC stream cipher that will accept keys up to 128 bits in length. |
RSA | The most common asymmetric cryptography algorithm. |
Secure Hash Algorithm (SHA) | A secure hash algorithm that creates more secure hash values than Message Digest (MD) algorithms. |
Sponge function | A cryptographic function that applies a process on the input that has been padded with additional characters until all characters are used. |
Steganography | Hiding the existence of data within another type of file. |
Stream cipher | An algorithm that takes one character and replaces it with one character. |
Symmetric cryptographic algorithm | Encryption that uses a single key to encrypt and decrypt a message. |
Triple Data Encryption Standard (3DES) | A symmetric cipher that was designed to replace DES. |
Trusted Platform Module (TPM) | A chip on the motherboard of the computer that provides cryptographic services. |
Twofish | A derivation of the Blowfish algorithm that is considered to be strong. |
Whole disk | encryption Cryptography that can be applied to entire disks. |