| - | |
| -Security Classification - | --Internal - | -
| -Document Reference - | --SGL.GT0128.56 - | -
| -Status - | --Draftversion - | -
| -Version - | --0.1 - | -
| -Team/Department - | --Security Team - | -
| -Author - | --William Bamberg - | -
| -Owner - | --Security Team - | -
| - | |
| -Asymmetric Cryptography - | -
-A form of cryptography in which the 'key' is generated as a key pair: if one key is used for encryption
-only the other can be used to decrypt, and vice versa.
- -Using asymmetric cryptography, the problem of key distribution becomes one of authentication; i.e. how to make sure -that a given key really does belong to the entity that claims to own it. - |
-
| -Attribute Certificate - | --A digitally signed data structure including at least an identifier for an individual entity -and a set of attributes, whose function is to bind the entity with the attributes, usually for the -purpose of authorisation. - | -
| -Authentication - | --Usually used to refer to a property of a communication; that the receiver of a message is able to ascertain its origin, -so an attacker cannot successfully impersonate the sender. - | -
| -Block Cipher - | --A class of symmetric algorithm in which several bits of the input data -are encrypted at once in a fixed-size block. -The cipher and its mode of operation define the block size: -the plaintext is split up into appropriately-sized blocks and each block is fed into the cipher. - | -
| -CA Certificate - | --A certificate held by a CA: the key pair associated with it is used for -signing certificates issued by that CA. May or may not be self-signed. - | -
| -Certificate - | --For our purposes, this is the same thing as a -public key certificate - | -
| Certification Authority (CA) - | -
-An organization which perform the following functions in a hierachical PKI:
-
A CA will always have a root certificate-signing key pair, which must be authenticated to End Entities via -out of band channels. This key pair is not logically certified by anything, but it is usually distributed inside -a self-signed certificate to afford some degree of tamper evidency. - However, CAs do not have to use their root key pair to issue certificates directly to End Entities. For organizational -reasons and to reduce the exposure of keys, a CA may have a single root signing key pair, which it uses to certify a -set of subordinate key pairs, which in turn are used to certify End Entities. Also, CAs may certify the -signing keys of other CAs by issuing cross certificates, which enable interoperation -between two distinct PKIs. - |
-
| -Ciphertext - | --The output of an encryption operation, or -the input to a decryption operation. - | -
| -Client Authentication - | --In a secure client-server protocol such as TLS, the process in which the client -authenticates itself to the server, so the server knows who it's talking to. - | -
| -Client/User/End Entity Certificate - | --A certificate issued by a CA to an -end entity (for example the user of a WID) who may use it -to demonstrate their ownership of the key pair associated with it - | -
| -Cross Certificate - | --A certificate issued by a CA which certificates another -CA's root certificate. This is way of uniting two distinct certification hierarchies. - | -
| -Decryption - | --The process of turning encrypted data (called ciphertext) into the original information (called plaintext) -using a cryptographic algorithm parameterised with a key. - | -
| -Digital Signature - | -
-A structure linking some data and a private key. A digital signature may be generated by the application of a
-private key to some piece of data. The original data
-may be reconstructed by applying the corresponding public key, demonstrating that the signature could only have been generated by
-someone with access to the private key.
- Digital signatures have two primary uses: to demonstrate someone's identity by signing some challenge, as in -client authentication in TLS, in which the client -signs a hash of the messages that have been exchanged, and more strongly, for someone to demonstrate their -acceptance of some human-processable information (e.g. 'Please withdraw £10 000 from my bank account') as in the -WMLScript Crypto API SignText function. - |
-
| -Digital Signature Algorithm (DSA) - | --NIST-approved asymmetric algorithm. It can only be used for generating and -verifying digital signatures, not for encryption. - | -
| -Elliptic Curve Cryptography (ECC) - | --Elliptical curve cryptography (ECC) is an asymmetric algorithm - based on elliptic curve theory that can be used to create faster, smaller, and more efficient cryptographic keys. -Because ECC helps to establish equivalent security with lower computing power and battery resource usage, -it is becoming widely used for mobile applications. - | -
| -Encryption - | --The process of turning meaningful data (called plaintext) into meaningless gibberish (called ciphertext) -using a cryptographic algorithm parameterised with a key. - | -
| -End Entity - | --A leaf node in a certification hierarchy: any entity in a PKI -which has a certificate, but is not allowed to issue its own certificates. - | -
| -Hash - | --Hash algorithms take a variable-length input and produce a fixed length output known as a digest, or hash, of the input. -For cryptographic purposes they need to be one-way functions: -it should not be possible to deduce the input from the digest, or even any part of the input. - Also, it should be hard to find collisions: that is, two different inputs which produce the same output. - | -
| -HMAC - | --Keyed-Hashing for Message Authentication. A mechanism for message authentication using cryptographic -hashes. It can be used with any iterative cryptographic -hash function, e.g., MD5, SHA-1, in combination with a secret shared key. -The cryptographic strength of HMAC depends on the properties of the underlying hash function. - | -
| -ICC - | --Integrated Circuit Card: removable card with at least data storage and sometimes processing - | -
| -IPSec - | --A standard providing secrecy and authentication at the network or -packet-processing layer of network communication. Earlier security approaches have inserted security at the -application layer of the communications model. IPsec will be especially useful for implementing virtual -private networks and for remote user access through dial-up connection to private networks. IPSec is mandatory in IPv6. - | -
| -MD2 - | --Legacy hash algorithm. Considered insecure. - | -
| -MD5 - | --Legacy hash algorithm. Considered vulnerable. - | -
| -Message Digest Algorithm - | --Same thing as a hash algorithm. - | -
| -Nonrepudiation - | --The process by which it is assured that an entity making a declaration cannot subsequently deny having made it: -so I can't claim that I never wrote that cheque. - | -
| -Online Certificate Status Protocol (OCSP) - | --A protocol enabling a relying party to check that a -certificate has not been revoked. In this protocol the OCSP client -asks the OCSP server about the status of one or more certificates, and receives a -digitally signed response. - | -
| -Out Of Band - | -
-A channel of communication which is distinct from the channel which we are using cryptography to try to secure,
-and which is secure on its own terms; that is, its security is not dependent on the cryptography we are using.
- A common example of an out of band channel is a motorcycle courier. - |
-
| -Padding - | --The process of adding bytes to the input to a block cipher so that the input matches the -block size. - | -
| -Plaintext - | --The output of an decryption operation, or -the input to a encryption operation. - | -
| -Pretty Good Privacy (PGP) - | --A very widely-used encryption and digital signing -program. - | -
| -Private Key - | --In the context of public key cryptography, the private half of the key pair. - | -
| -Public Key - | --In the context of public key cryptography, the public half of the key pair. - | -
| -Public Key Certificate - | --A digitally signed structure including at least an identifier for an -individual entity and a public key, whose function is to bind the entity with the key. - | -
| -Public Key Cryptography - | --A common application of asymmetric cryptography in which one half of the key pair is -kept secrect (the private key) and the other half is published -(the public key. - | -
| -Public Key Infrastructure - | -
-
- A way of modelling real-world trust relationships which enables users of public key cryptography -to have confidence in the ownership of -the public keys they are using. - -A PKI consists of: -
The TTP uses its signing key pair to create certificates for other entities, which relying parties can use to authenticate these -other entities. - We can classify PKIs according to whether they are hierachical or flat. In hierachical PKIs, such as the one defined in the PKIX -set of standards, there is a distinction between users of the PKI such as End Entities and -Relying Parties, and entities responsible for issuing and distributing certificates such as -CAs and RAs. In a flat PKI such as the -web of trust underpinning PGP, there are no entities whose -sole role is to issue certificates; instead users of the PKI certify each other. - |
-
| -Registration Authority - | --An organization responsible for registering new certificate users in a -PKI, e.g. by gathering and verifying information which identifies the -certificate applicant. - | -
| -Revocation - | --The term used for asserting that a certificate is no longer valid: for example, because the private key -associated with it has been compromised. - | -
| -Relying Party - | --An entity who relies on the authenticity of a public key. - | -
| -Root Certificate - | --The certificate of a trusted third party. -A certificate directly trusted by a relying party: that is, trust in it is not -established by cryptographic means, but trust in it is the prerequisite for establishing trust in the entity -which the relying party is trying to authenticate. -Trust in a root certificate must be established through out of band means. A root certificate may or may not be self signed. - | -
| -Secrecy - | --This means that access to information is controlled: for example, it means that two entities -(e.g. people, machines, processes) are able to communicate with one another without any other entities -being able to access the information communicated, or that an entity may store some information and be -assured that only this entity will be able to access it. - | -
| -Secure Hash Algorithm 1(SHA-1) - | --A widely used hash algorithm, producing a 160-bit digest. - | -
| -Secure Sockets Layer (SSL) - | --Precursor to TLS. SSL has been through three versions: -the first two are considered insecure, and the third is almost identical to TLS. - | -
| -Server Authentication - | --In a secure client-server protocol such as TLS, the process in which the server -authenticates itself to the client, so the client knows who it's talking to. - | -
| -SignText - | --A function defined in the WMLScript Crypto API which provides application-level -Authentication and Nonrepudiation for transactions. - | -
| -Stream Cipher - | --A class of symmetric algorithm which is initialised with a key, -then outputs a stream of pseudorandom bits. -This 'keystream' is typically XOR-ed with the plaintext to generate the ciphertext. -So they encrypt a bit of plaintext at a time. - | -
| -Symmetric Cryptography - | -
-A form of cryptography in which the same key is used for encryption and decryption
- -Symmetric cryptography is fast, but suffers from the problem of how to distribute the key privately. -Asymmetric cryptography is an attempt to alleviate the key -distribution problem, by reducing the requirement for the distributed key from one of privacy to one of -authentication. - |
-
| -Transport Layer Security (TLS) - | -
-A client-server security protocol providing secrecy and optionally authentication, and
-running over TCP/IP.
- In this protocol a client connects to a server; the two then perform a handshake in which they exchange a -symmetric key by using asymmetric cryptography, -which is then used to encrypt their communications, providing the secrecy element. - Without the authentication element secrecy is not very useful; although only client and server can understand the data -exchanged, the client doesn't know who the server is or vice versa. TLS provides the capability for -server authentication, in which the client establishes who the server is, and -client authentication in which the server establishes who the client is. - |
-
| -Trusted Third Party (TTP) - | -
-An entity whose public key is known to a relying party due to its having been
-received via out of band means, and which is trusted to issue
-public key certificates for other entities not directly known to the relying party.
- A CA is a type of TTP. - |
-
| -Web of Trust - | --The set of social relationships between users of PGP that enables them to sign each others' keys, -essentially providing a PKI for this technology. - | -
| -WMLScript Crypto API - | --A WAP Forum standard which defines cryptographic functions in WML, the scripting language used in WAP. -It defines a function for creating signed objects called SignText - | -
| -WTLS - | --A client-server security protocol providing secrecy and optionally authentication, -running at the transport layer of the WAP stack. WTLS is closely modelled on TLS, -and defines its own lightweight certificate format. - | -
| -X.509 Certificate - | --A widely used type of public key certificates, part of the -now largely moribund X.500 series of standards. - | -