SSL/TLS Terms and Acronyms (Including Some General Cryptography Definitions)

3

3DES

Triple-DES (Triple-Data Encryption Standard--DES repeated three times).

3DES-EDE

Triple-DES Encrypt-Decrypt-Encrypt. The most popular version of 3DES

a

ACL

Access Control List

AES

Advanced Encryption Standard

AH

Authentication Header

ANSI

American National Standards Institute

API

Application Program Interface

ASN.1

Abstract Syntax Notation 1. Designed as part of the International Telecommunications Union's Open Standards Interconnect (OSI) effort as a description language for the OSI protocols. See also BER and DER

AVA

Attribute-Value Assertion. An attribute-value pair.

b

BER

Basic Encoding Rules. A set of ASN.1 encoding rules that allows several ways of encoding any given piece of data.

BIO

Basic Input/Output. Used by OpenSSL "to provide a layer of abstraction for I/O. As long as your object meets the BIO interface, it doesn't matter what the underlying I/O device is." --Rescorla, p. 261

Blowfish

Block cipher designed by Bruce Schneier, "intended for implementation on large microprocessors>"

BXA

Bureau of Export Administration

c

CA

Certificate Authority. Certification Authority

Caesar Cipher

A rotation cipher where each letter is replaced by the character three to the right modulo 26.

CAST5

Carlisle Adams and Stafford Tavares 5. Block cipher named after its creators.

CBC

Cipher Block Chaining. A symmetric encryption technique used with block ciphers in which the encryption of each plaintext block depends on the ciphertext of the previous block.

CBC-MAC

Cipher Block Chaining Message Authentication Code

CDMF

Commercial Data Masking Facility

CEK

Content Encryption Key

Cert

Certificate

Certificate

Someone's public key, signed by a trusted third party. An X.509 certificate object

CESG

Communications-Electronics Security Group

Cipher

The type of encryption used (for a connection)

CMS

Cryptographic Messaging Syntax

CN

Common Name. Typically the most specific (?) component of a Distinguished Name (DN). In certificates for specific hosts, the CN is generally the fully qualified host name.

CRAM-MD5

Challenge Response Authentication Mechanism-Message Digest 5

CRC

Cyclic Redundancy Check

CRL

Certificate Revocation List. (Pronounced "krill")

CSR

Certificate Signing Request

d

DER

Distinguished Encoding Rules. A process for unambiguously converting an object specified in ASN.1 into binary values for storage or transmission on a network. Format is similar to C structs, except that type definitions are "backwards": the name is first, followed by the data type. See also BER.

DES

Data Encryption Standard. A symmetric encryption algorithm designed by IBM in the 1970s and published as a U.S. standard by the National Institutes of Sciences and Technology. A block cipher operating on 56-bit blocks.

DH

Diffie-Hellman. A key exchange algorithm published in 1976 by Whitfield Diffie and Martin Hellman.

DHCP

Dynamic Host Configuration Protocol.

DN

Distinguished Name (X.500). A hierarchically structured name capable of providing a unique name for every entity in a network. Some common components of a DN are Country (C=), Organization (O=), Organizational Unit (OU=) and Common Name (CN=).

DNS

Domain Name System

dNSName

One form of subjectAltName extension (in X.509 version 3) that is used to represent a domain name.

DNSSEC

DNS Security

DSA

Digital Signature Algorithm. A public-key (assymetric) algorithm that can be used for digital signatures (but not for encryption). Published as a U.S. standard by the National Institutes of Sciences and Technology.

DSL

Digital Subscriber Line

DSS

Digital Signature Standard

DSS1

Digital Signature Standard 1. OpenSSL treats DSS1 as a synonym of SHA1. As an option fo OpenSSL's dgst command, you must refer to SHA1 as -dss1; elsewhere in OpenSSL, use sha1.

e

EC

Elliptic Curve. "EC ciphers replace the prime integer field of DH and DSS with a field composed of points on an elliptic curve." --E. Rescorla, p. 103.

ECB

Electronic Code Book

EDE

Encrypt-Decrypt-Encrypt

EDH

Ephemeral Diffie-Hellman. A Diffie-Hellman key exchange in which the parameters are created for a single session.

Explicit Diffie-Hellman. A DH key exchange in which some of the parameters are establisned in advance.

EEE

Encrypt-Encrypt-Encrypt

EGADS

Entropy Gathering and Distribution System

EGD

Entropy Gathering Daemon

ephemeral

Lasting for a brief time.

ERSA

Ephemeral RSA. A variant of RSA that allows communication between an exportable client and a domestic server with a permanent strong key.

ESP

Encapsulating Security Payload

EVP API

Envelope Application Program Interface. OpenSSL's EVP API is an interface to every symmetric encryption algorithm supported by OpenSSL.

f

FIPS

Federal Information Processing Standard

Fortezza

A PC card (with PCM-CIA form factor) designed by the U.S. government. Originally designed to provide strong cryptography while allowing the NSA to intercept communications.

FTP

File Transfer Protocol.

FTPS

FTP over SSL; Secure FTP.

g

GMT

Greenwich Mean Time. The prime meridian goes through Greenwich, England. The world's time zones are described as negative or positive offsets from GMT. The same as (the more current) UTC.

h

HMAC

Hashed Message Authentication Code. (Hashed MAC.) A standardized approach to using hash algorithms to create message authentication codes. HMAC is generally a pair of nested digests: the first is a digest the key and the data; the second is a digest of the key and the output of the first digest.

HTML

Hypertext Markup Language

HTTP

Hypertext Transfer Protocol

HTTPS

HTTP Secure. The first public implementation of HTTP over SSL, released in version 2 of Netscape Navigator in 1995. Finally documented in RFC 2818. Different from SHTTP.

i

IANA

Internet Assigned Numbers Authority

ICMP

Internet Control Message Protocol

IDEA

International Data Encryption Algorithm. Symmetric block cipher with 128-bit keys and 64-bit blocks.

IE

Internet Explorer

IESG

Internet Engineering Steering Group. Authorizes documents to become RFCs.

IETF

Internet Engineering Task Force.

IIS

Internet Information Server

IKE

Internet Key Exchange

IMAP

Internet Mail Access Protocol

IP

Internet Protocol

IPsec

Internet Protocol Security

ISAKMP

Internet Security Association and Key Management Protocol

ISO

Internet Standards Organization

ISP

Internet Service Provider

ITU

International Telecommunications Union

IV

Initialization Vector. A block of random data used as the initial chaining value for the first iteration of Cypher Block Chaining (CBC).

j

JCA

Java Cryptography Architecture.

JDK

Java Development Kit

JNI

Java Native Interface

k

KDF

Key Derivation Function

KEA

Key Exchange Algorithm. A variant of DH used by Fortezza cards.

KEK

Key Encryption Key

Key

The private key. (Often refers to the private part of the whole certificate.)

KRB5

Kerberos version 5. A symmetric-key based authentication system developed at MIT.

l

LDAP

Lightweight Directory Access Protocol

LEAF

Law Enforcement Access Field

m

MAC

Message Authentication Code. A key-dependent one-way hash function. (Only someone with knowledge of the secret key can verify the hash value.)

MD4

Message Digest 4. A one-way hash function designed by Ron Rivest.

MD5

Message Digest 5. A one-way hash function designed by Ron Rivest. A stronger version of MD4.

MDC2

Message Digest Cipher 2, sometimes called Meyer-Schilling. Developed at IBM

Message Digest

A function that outputs a fixed-length string from input of arbitrary length. Synonym: hash function.

MITM

Man in the Middle. An attack in which the attacker sits between two hosts that are trying to communicate and intercepts all of the messages.

MOSS

MIME Object Security Services

MSS

Maximum Segment Size (Ethernet)

n

Nagle Algorithm

A TCP algorithm designed to reduce tinygrams by delaying the sending of new data (and continuing to accumulate additional data in the write buffer) until previously send data has been acknowledged. The algorithm also delays sending ACKs (acknowledgements) trying to piggyback it on a data segment that it will (soon) send out. Nagle's algorithm can cause SSL to perform badly.

NAT

Network Address Translation

NIST

National Institute of Standards and Technology. (Previously known as the National Bureau of Standards [NBS].)

NNTP

Network News Transfer Protocol.

NNTPS

NNTP over SSL.

Nonce

A random number sometimes sent with a certificate during a handshake to discourage replay attacks.

NSA

National Security Agency

o

OCSP

Online Certificate Status Protocol

OID

Object Identifier

OpenSSL

An Open Source library that implements the SSL and TLS protocols.

OSI

Open Standards Interconnect. An effort of the International Telecommunications Union.

p

PCMCIA

Personal Computer Memory Card International Association. Also called PC Card.

PCT

Private Communications Technology. Microsoft's enhancement of SSLv2, published in October 1995.

PEM

Privacy Enhanced Mail

PFS

Perfect Forward Secrecy. Used to describe a condition where, even if a server's private authentication key is known by an attacker, the attacker cannot attack any session already established and shut down.

PFX

A key storage standard designed by Microsoft. Now known as PKCS #12.

PGP

Pretty Good Privacy

PIN

Personal Identification Number

PKC

Public Key Cryptography. The same as asymetric cryptography, where encryption and decryption use different keys--one of them public, the other private.

PKCS

Public-Key Cryptography Standards. RSA Data Security, Inc.'s attempt to provide an industry standard interface for public-key cryptography.

PKCS7

Public-Key Cryptography Standard #7

PKCS10

Public-Key Cryptography Standard #10

PKI

Public Key Infrastructure

PKIX

Public Key Infrastructure. Part of the name of the IETF Public Key Infrastructure working group

PPP

Point-to-Point Protocol

Pre-Master Secret

A value computed by the client during the ClientKeyExchange. It is a random value (generated on the client), encrypted under the server's public key, then transmitted to the server.

PRF

Pseudo-Random Function

PRNG

Pseudo-Random Number Generator

q

QOP

Quality of Protection

r

RA

Registration Authority

RC2

Ron's Code 2, or (officially) Rivest Cipher 2. A popular variable-key-size encryption algorithm designed by Ron Rivest for RSA Data Security, Inc.

RC4

Ron's Code 4, Rivest Cipher 4. A symmetric stream cipher (popular because it is very fast).

RC5

Ron's Code 5, Rivest Cipher 5

RDN

Relative Distinguished Name. A sequence of RDN's make up a DN (distinguished name). Each RDN is an attribute value assertion (AVA).

Realm

In the DIGEST-MD5 authentication mechanism, "the name of a collection of accounts that might include the user's account. This string should contain at least the name of the host performing the authentication and might additionally indicate the collection of users who might have access. An example might be 'registered_users@gotham.news.example.com'." --RFC 2831

relatively prime

Two numbers are relatively prime if they share no factors other than one. (The two numbers themselves may or may not actually be prime.)

RFC

Request for Comment

RIPEMD-160

RACE Integrity Primitives Evaluation Message Digest 160-bit hash. (RACE = The Research and Development in Advanced Communication Technologies in Europe program.) A 160-bit hash (message digest), not nearly as common as SHA1 (also 160 bits). OpenSSL refers to this algorithm as rmd160

RMD160

Same as RIPEMD-160

RNG

Random Number Generator

ROT13

Substitution cipher that rotates each letter 13 places.

RSA

Rivest, Shamir and Adleman. The most popular public-key algorithm, invented in 1977 and named after its creators: Ron Rivest, Adi Shamir and Leonard M. Adleman.

RSADSI

RSA Data Security, Inc.

s

SA

Security Association (IPSec)

safe prime

A prime number p with the quality that (p-1)/2 is also prime. Diffie-Hellman's p parameter must be a safe prime. Also known as strong prime.

salt

A public random value included as part of the input to a key derivation function.

SBU

Sensitive But Unclassified

SGC

Server Gated Cryptography. Technique of having servers determine key length (used in the days before cryptographic export deregulation).

SHA

Secure Hash Algorithm. A U.S. standard published by the National Institutes of Sciences and Technology.

SHA-1

Secure Hash Algorithm 1. A U.S. standard published by the National Institutes of Sciences and Technology. A stronger hash algorithm derived from MD4. Has 160-bit out.

S-HTTP

Secure Hypertext Transfer Protocol

SKEME

Secure Key Eschange Mechanism for Internet

Skipjack

Block cipher encryption algorithm developed by the National Security Agency for use with the Clipper and Capstone chips. It is classified "Secret."

S/MIME

Secure/Multipurpose Internet Mail Extensions. Secure MUltipurpose Internet Mail Exchange

SMTP

Simple Mail Transfer Protocol

SNEWS

NNTP over SSL

SPI

Security Parameter Index.

SSL

Secure Socket Layer

SSLeay

Secure Socket Layer Eric A. Young (Eric A. Young's Secure Socket Layer). OpenSSL is based on Eric's original SSLeay implementation. The perl implementation of OpenSSL is Net::SSLeay.

Step-Up

Netscape's implementation of negotiating a strong cipher suite. (Required by the U.S. government before export restrictions were removed.)

STLP

Secure Transport Layer Protocol. Microsoft's modification of SSLv3 (1996). Intended to work over a datagram transport such as UDP.

strong prime

Same as safe prime.

STS

Station-to-Station Protocol

subjectAltName

An X.509 version certificate extension that contains alternate name forms for the subject of the certificate.

t

TCP/IP

Transmission Control Protocol/Internet Protocol

TEK

Total Encryption Key

TEMPEST

Transient Electromagnetic Pulse Emanation Standard

TGS

Ticket Granting Server. A Kerberos server--trusted by every entity on a network--that grants "tickets."

tinygrams

Very small packets

TLS

Transport Layer Security

u

UDP

User Datagram Protocol

UMAC

Message Authentication Code using Universal Hashing. See http://www.cs.ucdavis.edu/~rogaway/umac/.

URI

Uniform Resource Identifier. (Superset of URL)

URL

Uniform Resource Locator. (Subset of URI)

UTC

Universal Time, Coordinated; Coordinated Universal Time. Formerly known as GMT.

v

VPN

Virtual Private Network

w

WTLS

Wireless Transport Layer Security. The Wireless Application Forum's TLS variant (1998) that works over a datagram transport such as UDP.

x

X.509

The most widely accepted format for certificates, first introduced in 1988.

X.509v3

Version 3 of X.509, introduced in 1996. Included support for extensions.

XCBC-MAC

Exclusive OR Cipher Block Chaining Message Authentication Code. Variant of CBC-MAC developed by Black and Rogaway.

XOR-MAC

Exclusive OR Message Authentication Code. A highly parallelizable block cipher "suitable for authenticating traffic on a gigabit network."

Compiled by Weldon Whipple <weldon@whipple.org>. Sources include:

• Eric Rescorla, SSL and TLS: Designing and Building Secure Systems (Addison-Wesley, c2001).
• John Viega, Matt Messsier, Pravir Chandra, Network Security with OpenSSL (O'Reilly, 2002).
• Stephen A. Thomas, SSL & TLS Essentials: Securing the Web (Wiley, c2000).
• Bruce Schneier, Applied Cryptography, Second Edition: Protocols, Algorithms, and Source Code in C (Wiley, 1996).