Cryptography glossary

illustrations illustrations illustrations illustrations illustrations illustrations illustrations

Cryptography glossary

Published on Aug 19, 2018 by Malys

Glossary for cryptography vocabulary.

PKI

  • PKI Public Key Infrastructure
  • CSR
  • CLR
  • X.509 standard that defines the format of public key certificates

Standard

Public-Key Cryptography Standards (PKCS)

  • PKCS#1 unencrypted RSA key storage format.
  • PKCS#7 Collection of public certificates.
  • PKCS#8 Encrypted private key format for RSA DSA EC keys.
  • PKCS#10 Certificate signing request (CSR).
  • PKCS#11 Security token / Smart card / HSM access.
  • PKCS#12 Certificate, Private key and probably a CA chain.

File formats

  • DER Distinguished Encoding Rules - Binary format
  • PEM Privacy Enhanced Mail - Text format

Extensions

  • .pem (Privacy-enhanced Electronic Mail) Base64 encoded DER certificate, enclosed between “—–BEGIN CERTIFICATE—–” and “—–END CERTIFICATE—–”
  • .cer, .crt, .der – usually in binary DER form, but Base64-encoded certificates are common too (see .pem above)
  • .p7b, .p7c PKCS#7 SignedData structure without data, just certificate(s) or CRL(s)
  • .p12 PKCS#12, may contain certificate(s) (public) and private keys (password protected)
  • .pfx PFX, predecessor of PKCS#12 (usually contains data in PKCS#12 format, e.g., with PFX files generated in IIS)

Algorithms

TODO

Lexical

  • Certificate pinning: store list of public after the 1st connection, not allow 2nd connection if different public keys
  • Nonce: random number (one use only)
  • Salt: random number for each data (against rainbow table)
  • Pepper: secret(salt) for platform
  • One Time Pad: Perfect secrecy
  • Random number generator
    • HRNG: hardware (from hardware noise)
    • PRNG: pseudo (software)
      • CSPRNG: Cryptographically secure (strong for cryptographic use)