Inhalt:
Glossar
A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | X-Y-Z
A |
|
|
AES |
Advanced Encryption Standard. Symmetric encryption algorithm specified by NIST in FIPS 197. As the result of a public evaluation, AES was declared the official encryption standard in the year 2001. It was developed by the Belgian cryptographers Vincent Rijmen and Joan Daemen under the name Rijndael. AES can be operated with keys of 128, 192 or 256 bits. See also: |
|
Asymmetric encryption |
Also called Public Key Cryptography. The basic principle of asymmetric encryption is that the sender and the recipient of an encrypted message each possess one part of a key pair. Messages are encrypted with the public key of the recipient. Only the legitimate recipient can decrypt this message using his unique private key, the other part of the key pair. Asymmetric encryption techniques are also used for producing digital signatures. See also: |
|
Authentication |
The term authentication is used to describe a procedure used by the participants of a communication in order to prove to each other that their participation is legitimate. An example for an authentication process is the password dialog when logging on to a computer. The term authentication also refers to a method for proving the identity of the originator of a certain set of data. An example for this is the digital signature of data. |
C |
|
|
CA |
Certification Authority. Within a PKI, the CA is responsible for issuing digital certificates. See also: |
|
Certificate |
Digital proof that a certain public key (see asymmetric encryption) belongs to a specified entity, e.g. a person or organization. Certificates are usually issued by a trusted third party, a so-called certification authority (CA). |
|
CRL |
Certificate Revocation List. Blacklist with the serial numbers of revoked certificates. A CRL is usually generated by a CA and then published. It refers to certificates issued by this CA. |
D |
|
|
Data Leakage Prevention |
Collective term for a combination of techniques for the prevention of unwanted data leakage. Among the techniques for Data Leakage Prevention are for example encryption, content filtering, mobile device control, control of the data flow out of the network and logging techniques for the access to sensitive data. |
|
Digital signature |
In general, the term digital signature is used to describe any electronic identification of the originator of data which can be associated with the generated set of data itself. In the narrower sense, the term digital signature is more often used for the result of an asymmetric encryption performed on the hash value of the data set to be signed by using the private key of the signing person and afterwards attached to the signed data set. Digital signatures in the narrower sense are used for the authentication of data as well as for the protection against unauthorized manipulation (data integrity assurance). See also: |
F |
|
|
FIPS |
Federal Information Processing Standards. Series of publications edited by NIST which US industrial norms concerning information processing and information security are specified. Further information can be found on the internet at http://www.csrc.nist.gov/publications/fips/ |
H |
|
|
Hash Algorithm |
A hash algorithm resp. a hash function maps blocks of data of arbitrary length to blocks of a fixed length. The result of a hash algorithm using a cryptographic hash function is also called a digital fingerprint or a message digest. |
K |
|
|
Key length |
In encryption technology, the bit length of a cryptographic key indicates the size of the so-called key space. The key space of an encryption algorithm with key length n consists of 2n cryptographic keys. The general rule is that the larger the selected key length for a certain algorithm is, the more secure the encrypted data are. At the same time, the complexity of the encryption algorithm increases with the key length, and therefore also the time and processor power required. |
N |
|
|
NIST |
National Institute for Standards and Technology. US American institute responsible for defining industrial standards, comparable to the German DIN institute. |
P |
|
|
PKI |
Public Key Infrastructure. Collective term for all organizational and technical means necessary to use methods of public key cryptography in a trustworthy manner. Basic element of any PKI is the so-called Certification Authority (CA digital certificates in order to prove that a certain public key belongs to the entity that claims the ownership. See also: |
|
PKCS |
Public Key Cryptography Standard. Series of publications edited by RSA Labs in which standards for the usage of asymmetric cryptography techniques are specified. The series is available on the Internet at http://www.rsasecurity.com/rsalabs/ |
R |
|
|
RSA |
Asymmetric encryption algorithm named after its inventors Ron Rivest, Adi Shamir and Leonard Adleman. Its security is based upon the complexity of the mathematical problem of factoring large numbers into their prime components. See also: |
S |
|
|
Session Key |
A session key is a cryptographic key which is either only valid for the time of the current (online) transmission or which is used only for a single encryption, as used in file encryption. |
|
SHA-1 |
Secure Hash Algorithm. Hash algorithm standardized by NIST for producing cryptographically strong digital fingerprints. SHA-1 has an output length of 160 bits. |
|
Symmetric encryption |
Symmetric encryption is based on the presumption that sender and recipient of an encrypted message have access to the same secret key. This key is used for encryption and decryption likewise. The security of such an algorithm relies mainly on the nondisclosure of the secret key. See also: |
X-Y-Z |
|
|
X.509 |
Standardized format for digital certificates specified in RFC 3280 (formerly RFC 2459). |