| + | |
| +Security Classification + | ++Internal + | +
| +Document Reference + | ++SGL.GT0128.56 + | +
| +Status + | ++Draftversion + | +
| +Version + | ++0.1 + | +
| +Team/Department + | ++Security Team + | +
| +Author + | ++William Bamberg + | +
| +Owner + | ++Security Team + | +
| + | |
| +Asymmetric Cryptography + | +
+A form of cryptography in which the 'key' is generated as a key pair: if one key is used for encryption
+only the other can be used to decrypt, and vice versa.
+ +Using asymmetric cryptography, the problem of key distribution becomes one of authentication; i.e. how to make sure +that a given key really does belong to the entity that claims to own it. + |
+
| +Attribute Certificate + | ++A digitally signed data structure including at least an identifier for an individual entity +and a set of attributes, whose function is to bind the entity with the attributes, usually for the +purpose of authorisation. + | +
| +Authentication + | ++Usually used to refer to a property of a communication; that the receiver of a message is able to ascertain its origin, +so an attacker cannot successfully impersonate the sender. + | +
| +Block Cipher + | ++A class of symmetric algorithm in which several bits of the input data +are encrypted at once in a fixed-size block. +The cipher and its mode of operation define the block size: +the plaintext is split up into appropriately-sized blocks and each block is fed into the cipher. + | +
| +CA Certificate + | ++A certificate held by a CA: the key pair associated with it is used for +signing certificates issued by that CA. May or may not be self-signed. + | +
| +Certificate + | ++For our purposes, this is the same thing as a +public key certificate + | +
| Certification Authority (CA) + | +
+An organization which perform the following functions in a hierachical PKI:
+
A CA will always have a root certificate-signing key pair, which must be authenticated to End Entities via +out of band channels. This key pair is not logically certified by anything, but it is usually distributed inside +a self-signed certificate to afford some degree of tamper evidency. + However, CAs do not have to use their root key pair to issue certificates directly to End Entities. For organizational +reasons and to reduce the exposure of keys, a CA may have a single root signing key pair, which it uses to certify a +set of subordinate key pairs, which in turn are used to certify End Entities. Also, CAs may certify the +signing keys of other CAs by issuing cross certificates, which enable interoperation +between two distinct PKIs. + |
+
| +Ciphertext + | ++The output of an encryption operation, or +the input to a decryption operation. + | +
| +Client Authentication + | ++In a secure client-server protocol such as TLS, the process in which the client +authenticates itself to the server, so the server knows who it's talking to. + | +
| +Client/User/End Entity Certificate + | ++A certificate issued by a CA to an +end entity (for example the user of a WID) who may use it +to demonstrate their ownership of the key pair associated with it + | +
| +Cross Certificate + | ++A certificate issued by a CA which certificates another +CA's root certificate. This is way of uniting two distinct certification hierarchies. + | +
| +Decryption + | ++The process of turning encrypted data (called ciphertext) into the original information (called plaintext) +using a cryptographic algorithm parameterised with a key. + | +
| +Digital Signature + | +
+A structure linking some data and a private key. A digital signature may be generated by the application of a
+private key to some piece of data. The original data
+may be reconstructed by applying the corresponding public key, demonstrating that the signature could only have been generated by
+someone with access to the private key.
+ Digital signatures have two primary uses: to demonstrate someone's identity by signing some challenge, as in +client authentication in TLS, in which the client +signs a hash of the messages that have been exchanged, and more strongly, for someone to demonstrate their +acceptance of some human-processable information (e.g. 'Please withdraw £10 000 from my bank account') as in the +WMLScript Crypto API SignText function. + |
+
| +Digital Signature Algorithm (DSA) + | ++NIST-approved asymmetric algorithm. It can only be used for generating and +verifying digital signatures, not for encryption. + | +
| +Elliptic Curve Cryptography (ECC) + | ++Elliptical curve cryptography (ECC) is an asymmetric algorithm + based on elliptic curve theory that can be used to create faster, smaller, and more efficient cryptographic keys. +Because ECC helps to establish equivalent security with lower computing power and battery resource usage, +it is becoming widely used for mobile applications. + | +
| +Encryption + | ++The process of turning meaningful data (called plaintext) into meaningless gibberish (called ciphertext) +using a cryptographic algorithm parameterised with a key. + | +
| +End Entity + | ++A leaf node in a certification hierarchy: any entity in a PKI +which has a certificate, but is not allowed to issue its own certificates. + | +
| +Hash + | ++Hash algorithms take a variable-length input and produce a fixed length output known as a digest, or hash, of the input. +For cryptographic purposes they need to be one-way functions: +it should not be possible to deduce the input from the digest, or even any part of the input. + Also, it should be hard to find collisions: that is, two different inputs which produce the same output. + | +
| +HMAC + | ++Keyed-Hashing for Message Authentication. A mechanism for message authentication using cryptographic +hashes. It can be used with any iterative cryptographic +hash function, e.g., MD5, SHA-1, in combination with a secret shared key. +The cryptographic strength of HMAC depends on the properties of the underlying hash function. + | +
| +ICC + | ++Integrated Circuit Card: removable card with at least data storage and sometimes processing + | +
| +IPSec + | ++A standard providing secrecy and authentication at the network or +packet-processing layer of network communication. Earlier security approaches have inserted security at the +application layer of the communications model. IPsec will be especially useful for implementing virtual +private networks and for remote user access through dial-up connection to private networks. IPSec is mandatory in IPv6. + | +
| +MD2 + | ++Legacy hash algorithm. Considered insecure. + | +
| +MD5 + | ++Legacy hash algorithm. Considered vulnerable. + | +
| +Message Digest Algorithm + | ++Same thing as a hash algorithm. + | +
| +Nonrepudiation + | ++The process by which it is assured that an entity making a declaration cannot subsequently deny having made it: +so I can't claim that I never wrote that cheque. + | +
| +Online Certificate Status Protocol (OCSP) + | ++A protocol enabling a relying party to check that a +certificate has not been revoked. In this protocol the OCSP client +asks the OCSP server about the status of one or more certificates, and receives a +digitally signed response. + | +
| +Out Of Band + | +
+A channel of communication which is distinct from the channel which we are using cryptography to try to secure,
+and which is secure on its own terms; that is, its security is not dependent on the cryptography we are using.
+ A common example of an out of band channel is a motorcycle courier. + |
+
| +Padding + | ++The process of adding bytes to the input to a block cipher so that the input matches the +block size. + | +
| +Plaintext + | ++The output of an decryption operation, or +the input to a encryption operation. + | +
| +Pretty Good Privacy (PGP) + | ++A very widely-used encryption and digital signing +program. + | +
| +Private Key + | ++In the context of public key cryptography, the private half of the key pair. + | +
| +Public Key + | ++In the context of public key cryptography, the public half of the key pair. + | +
| +Public Key Certificate + | ++A digitally signed structure including at least an identifier for an +individual entity and a public key, whose function is to bind the entity with the key. + | +
| +Public Key Cryptography + | ++A common application of asymmetric cryptography in which one half of the key pair is +kept secrect (the private key) and the other half is published +(the public key. + | +
| +Public Key Infrastructure + | +
+
+ A way of modelling real-world trust relationships which enables users of public key cryptography +to have confidence in the ownership of +the public keys they are using. + +A PKI consists of: +
The TTP uses its signing key pair to create certificates for other entities, which relying parties can use to authenticate these +other entities. + We can classify PKIs according to whether they are hierachical or flat. In hierachical PKIs, such as the one defined in the PKIX +set of standards, there is a distinction between users of the PKI such as End Entities and +Relying Parties, and entities responsible for issuing and distributing certificates such as +CAs and RAs. In a flat PKI such as the +web of trust underpinning PGP, there are no entities whose +sole role is to issue certificates; instead users of the PKI certify each other. + |
+
| +Registration Authority + | ++An organization responsible for registering new certificate users in a +PKI, e.g. by gathering and verifying information which identifies the +certificate applicant. + | +
| +Revocation + | ++The term used for asserting that a certificate is no longer valid: for example, because the private key +associated with it has been compromised. + | +
| +Relying Party + | ++An entity who relies on the authenticity of a public key. + | +
| +Root Certificate + | ++The certificate of a trusted third party. +A certificate directly trusted by a relying party: that is, trust in it is not +established by cryptographic means, but trust in it is the prerequisite for establishing trust in the entity +which the relying party is trying to authenticate. +Trust in a root certificate must be established through out of band means. A root certificate may or may not be self signed. + | +
| +Secrecy + | ++This means that access to information is controlled: for example, it means that two entities +(e.g. people, machines, processes) are able to communicate with one another without any other entities +being able to access the information communicated, or that an entity may store some information and be +assured that only this entity will be able to access it. + | +
| +Secure Hash Algorithm 1(SHA-1) + | ++A widely used hash algorithm, producing a 160-bit digest. + | +
| +Secure Sockets Layer (SSL) + | ++Precursor to TLS. SSL has been through three versions: +the first two are considered insecure, and the third is almost identical to TLS. + | +
| +Server Authentication + | ++In a secure client-server protocol such as TLS, the process in which the server +authenticates itself to the client, so the client knows who it's talking to. + | +
| +SignText + | ++A function defined in the WMLScript Crypto API which provides application-level +Authentication and Nonrepudiation for transactions. + | +
| +Stream Cipher + | ++A class of symmetric algorithm which is initialised with a key, +then outputs a stream of pseudorandom bits. +This 'keystream' is typically XOR-ed with the plaintext to generate the ciphertext. +So they encrypt a bit of plaintext at a time. + | +
| +Symmetric Cryptography + | +
+A form of cryptography in which the same key is used for encryption and decryption
+ +Symmetric cryptography is fast, but suffers from the problem of how to distribute the key privately. +Asymmetric cryptography is an attempt to alleviate the key +distribution problem, by reducing the requirement for the distributed key from one of privacy to one of +authentication. + |
+
| +Transport Layer Security (TLS) + | +
+A client-server security protocol providing secrecy and optionally authentication, and
+running over TCP/IP.
+ In this protocol a client connects to a server; the two then perform a handshake in which they exchange a +symmetric key by using asymmetric cryptography, +which is then used to encrypt their communications, providing the secrecy element. + Without the authentication element secrecy is not very useful; although only client and server can understand the data +exchanged, the client doesn't know who the server is or vice versa. TLS provides the capability for +server authentication, in which the client establishes who the server is, and +client authentication in which the server establishes who the client is. + |
+
| +Trusted Third Party (TTP) + | +
+An entity whose public key is known to a relying party due to its having been
+received via out of band means, and which is trusted to issue
+public key certificates for other entities not directly known to the relying party.
+ A CA is a type of TTP. + |
+
| +Web of Trust + | ++The set of social relationships between users of PGP that enables them to sign each others' keys, +essentially providing a PKI for this technology. + | +
| +WMLScript Crypto API + | ++A WAP Forum standard which defines cryptographic functions in WML, the scripting language used in WAP. +It defines a function for creating signed objects called SignText + | +
| +WTLS + | ++A client-server security protocol providing secrecy and optionally authentication, +running at the transport layer of the WAP stack. WTLS is closely modelled on TLS, +and defines its own lightweight certificate format. + | +
| +X.509 Certificate + | ++A widely used type of public key certificates, part of the +now largely moribund X.500 series of standards. + | +