Glossary¶
- AEAD
Authenticated Encryption with Associated Data
- AEAD mode
Class of block cipher mode of operation that provides authenticated encryption, as well as authenticating some unencrypted associated data
- AES
Advanced Encryption Standard
- AKE
authenticated key exchange
- ARX
add, rotate, XOR
- asymmetric-key algorithm
- asymmetric-key encryption
- BEAST
Browser Exploit Against SSL/TLS
- block cipher
Symmetric encryption algorithm that encrypts and decrypts blocks of fixed size
- Carter-Wegman MAC
Reusable message authentication code scheme built from a one-time MAC. Combines benefits of performance and ease of use
- CBC
cipher block chaining
- CBC mode
Cipher block chaining mode; common mode of operation where the previous ciphertext block is XORed with the plaintext block during encryption. Takes an initialization vector, which assumes the role of the “block before the first block”
- CDN
content distribution network
- cross-site request forgery
Kind of attack where a malicious website tricks the browser into making requests to another website. Can be prevented by properly authenticating requests instead of relying on ambient authority such as session cookies
- CSPRNG
cryptographically secure pseudorandom number generator
- CSRF
- CTR mode
Counter mode; a nonce combined with a counter produces a sequence of inputs to the block cipher; the resulting ciphertext blocks are the keystream
- DES
Data Encryption Standard
- ECB mode
Electronic code book mode; mode of operation where plaintext is separated into blocks that are encrypted separately under the same key. The default mode in many cryptographic libraries, despite many security issues
- encryption oracle
An oracle that will encrypt some data
- FIPS
Federal Information Processing Standards
- GCM
Galois Counter Mode
- GCM mode
Galois counter mode; AEAD mode combining CTR mode with a Carter-Wegman MAC
- GMAC
message authentication code part of GCM mode used separately
- HKDF
HMAC-based (Extract-and-Expand) Key Derivation Function
- HMAC
Hash-based Message Authentication Code
- HSTS
HTTP Strict Transport Security
- initialization vector
Data used to initialize some algorithms such as CBC mode. Generally not required to be secret, but required to be unpredictable. Compare nonce, salt
- IV
- KDF
key derivation function
- key agreement
See key exchange
- key exchange
The process of exchanging keys across an insecure medium using a particular cryptographic protocol. Typically designed to be secure against eavesdroppers. Also known as key agreement
- keyspace
The set of all possible keys
- MAC
message authentication code
- message authentication code
Small piece of information used to verify authenticity and integrity of a message. Often called a tag
- MITM
man-in-the-middle
- mode of operation
- modes of operation
Generic construction that encrypts and decrypts streams, built from a block cipher
- nonce
Number used once. Used in many cryptographic protocols. Generally does not have to be secret or unpredictable, but does have to be unique. Compare initialization vector, salt
- OCB
offset codebook
- OCB mode
Offset codebook mode; high-performance AEAD mode, unfortunately encumbered by patents
- one-time MAC
message authentication code that can only be used securely for a single message. Main benefit is increased performance over re-usable MAC
- oracle
A “black box” that will perform some computation for you
- OTR
off-the-record
- OTR messaging
Off-the-record messaging, messaging protocol that intends to mimic the properties of a real-live private conversation. Piggy-backs onto existing instant messaging protocols
- PRF
pseudorandom function
- PRNG
pseudorandom number generator
- PRP
pseudorandom permutation
- public-key algorithm
Algorithm that uses a pair of two related but distinct keys. Also known as asymmetric-key algorithm. Examples include public-key encryption and most key exchange protocols
- public-key encryption
Encryption using a pair of distinct keys for encryption and decryption. Also known as asymmetric-key encryption. Contrast with secret-key encryption
- RSA
Rivest Shamir Adleman
- salt
Random data that is added to a cryptographic primitive (usually a one-way function such as a cryptographic hash function or a key derivation function) Customizes such functions to produce different outputs (provided the salt is different). Can be used to prevent e.g. dictionary attacks. Typically does not have to be secret, but secrecy may improve security properties of the system. Compare nonce, initialization vector
- secret-key encryption
Encryption that uses the same key for both encryption and decryption. Also known as symmetric-key encryption. Contrast with public-key encryption
- SMP
socialist millionaire protocol
- stream cipher
Symmetric encryption algorithm that encrypts streams of arbitrary size
- substitution-permutation network
Generic design for block ciphers where the block is enciphered by repeated substitutions and permutations
- symmetric-key encryption