Glossary of cryptographic key types

Glossary of cryptographic key types

This glossary lists types of keys as the term is used in cryptography, as opposed to door locks. Terms that are primarily used by the U.S. National Security Agency are marked (NSA). For classification of keys according to their usage see cryptographic key types.

  • 40-bit key - key with a length of 40 bits, once the upper limit of what could be exported from the U.S. and other countries without a license. Considered very insecure. See key size for a discussion of this and other lengths.
  • authentication key - Key used in a keyed-hash message authentication code, or HMAC.
  • benign key - (NSA) a key that has been protected by encryption or other means so that it can be distributed without fear of its being stolen. Also called BLACK key.
  • content-encryption key (CEK) a key that may be further encrypted using a KEK, where the content may be a message, audio, image, video, executable code, etc.
  • cryptovariable - NSA calls the output of a stream cipher a key or key stream. It often uses the term cryptovariable for the bits that control the stream cipher, what the public cryptographic community calls a key.
  • electronic key - (NSA) key that is distributed in electronic (as opposed to paper) form. See EKMS.
  • ephemeral key - A key that only exists within the lifetime of a communication session.
  • expired key - Key that was issued for a use in a limited time frame (cryptoperiod in NSA parlance) which has passed and, hence, the key is no longer valid.
  • key encryption key (KEK) - key used to protect other keys (e.g. TEK, TSK).
  • key fill - (NSA) loading keys into a cryptographic device. See fill device.
  • FIREFLY key - (NSA) keys used in an NSA system based on public key cryptography.
  • master key - key from which all other keys (or a large group of keys) can be derived. Analogous to a physical key that can open all the doors in a building.
  • message encryption key (MEK) - See traffic encryption key.
  • one-time pad - keying material that is as long as the plaintext and only used once. See one-time pad article.
  • paper key - (NSA) keys that are distributed in paper form, such as printed lists of settings for rotor machines, or keys in punched card or paper tape formats. Paper key is easily copied. See Walker spy ring, RED key.
  • poem key - Keys used by OSS agents in World War II in the form of a poem that was easy to remember. See Leo Marks.
  • Public/private key - in public key cryptography, separate keys are used to encrypt and decrypt a message. The encryption key (public key) need not be kept secret and can be published. The decryption or private key must be kept secret to maintain confidentiality. Public keys are often distributed in a signed public key certificate.
  • pre-placed key - (NSA) large numbers of keys (perhaps a year's supply) that are loaded into an encryption device allowing frequent key change without refill.
  • RED key - (NSA) symmetric key in a format that can be easily copied, e.g. paper key or unencrypted electronic key. Opposite of BLACK or benign key.
  • revoked key - a public key that should no longer be used, typically because its owner is no longer in the role for which it was issued or because it may have been compromised. Such keys are placed on a certificate revocation list or CRL.
  • session key - key used for one message or an entire communications session. See traffic encryption key.
  • symmetric key - a key that is used both to encrypt and decrypt a message. Symmetric keys are typically used with a cipher and must be kept secret to maintain confidentiality.
  • traffic encryption key (TEK) - a symmetric key that is used to encrypt messages. TEKs are typically changed frequently, in some systems daily and in others for every message. See session key.
  • seed key - (NSA) a key used to initialize a cryptographic device so it can accept operational keys using benign transfer techniques. Also a key used to initialize a pseudorandom number generator to generate other keys.
  • signature key - public key cryptography can also be used to electronically sign messages. The private key is used to create the electronic signature, the public key is used to verify the signature. Separate public/private key pairs must be used for signing and encryption. The former is called signature keys.
  • stream key - the output of a stream cipher as opposed to the key (or cryptovariable in NSA parlance) that controls the cipher
  • training key - (NSA) unclassified key used for instruction and practice exercises.
  • Type 2 key - (NSA) keys used to protect sensitive but unclassified (SBU) information. See Type 2 product.
  • Vernam key - Type of key invented by Gilbert Vernam in 1918. See stream key.
  • zeroized key - key that has been erased (see zeroisation.)

See also

  • Specific encryption systems and ciphers have key types associated with them, e.g. PGP key, DES key, AES key, RC4 key, BATON key, Kerberos key, etc.
  • Category:Cryptographic algorithms
  • Category:Cryptographic protocols

Wikimedia Foundation. 2010.

Игры ⚽ Нужна курсовая?

Look at other dictionaries:

  • List of cryptographic key types — This glossary lists types of keys as the term is used in cryptography, as opposed to door locks. Terms that are primarily used by the U.S. National Security Agency are marked (NSA) . For classification of keys according to their usage see… …   Wikipedia

  • Key (cryptography) — In cryptography, a key is a piece of information (a parameter) that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would produce no useful result. In encryption, a key specifies the… …   Wikipedia

  • Glossary of backup terms — This page is a glossary of backup terms.*backup policy an organisation s procedures and rules for ensuring that adequate amounts and types of backups are made, including suitably frequent testing of the process for restoring the original… …   Wikipedia

  • Cryptography — Secret code redirects here. For the Aya Kamiki album, see Secret Code. Symmetric key cryptography, where the same key is used both for encryption and decryption …   Wikipedia

  • NSA cryptography — The vast majority of the National Security Agency s work on encryption is classified, but from time to time NSA participates in standards processes or otherwise publishes information about its cryptographic algorithms. The NSA has categorized… …   Wikipedia

  • Communications security — Not to be confused with Commonwealth Securities. Communications security is the discipline of preventing unauthorized interceptors from accessing telecommunications in an intelligible form, while still delivering content to the intended… …   Wikipedia

  • Internet security — is a branch of computer security[1] specifically related to the Internet. Its objective is to establish rules and measures to use against attacks over the Internet.[2] The Internet represents an insecure channel for exchanging information leading …   Wikipedia

  • Computer insecurity — This article is about computer security exploits and defenses. For computer security through design and engineering, see computer security. Computer security Secure operating systems Security architecture Security by design Secure coding …   Wikipedia

  • Pseudoforest — A 1 forest (a maximal pseudoforest), formed by three 1 trees In graph theory, a pseudoforest is an undirected graph[1] in which every connected component has at most one cycle. That is, it is a system of vertices and edges connecting pairs of ve …   Wikipedia

  • Blu-ray Disc — Blue ray redirects here. For the fish of the same name, see Neoraja caerulea. Blu ray Disc Media type …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”