Cleartext

Cleartext

In data communications, cleartext is the form of a message or data which is in a form that is immediately comprehensible to a human being without additional processing. [ISO/IEC7498-2, Information Processing Systems--Open Systems Interconnection Reference Model--Part 2: Security Architecture] In particular, it implies that this message is transferred or stored without cryptographic protection. The phrases, "in clear", "en clair" and "in the clear" are equivalent. For example, "The keys in the Foo protocol are exchanged as cleartext." would mean that the keys are not encrypted during transmission.

It is related to, but not entirely equivalent to, the term "plaintext". Formally, plaintext is information that is fed as an input to a cryptographic process, while ciphertext is what comes out of that process. Plaintext might be compressed, encrypted, or otherwise manipulated before the cryptographic process is applied, so it is quite common to find plaintext that is not cleartext.

Cleartext material is sometimes in "plain text" form, meaning a sequence of characters without formatting, but this is not strictly required as the sense is 'no protection from snooping'.

The reason this is an important distinction is that not all cryptographic processes are equal - the standard example is encryption via rot13. In modern environments, many of the symmetric encryption processes using smaller keys are now considered to be as readily converted to cleartext as encryption via rot13. Consequently, the first consideration should not be how "secure" a particular encryption process is, just whether or not any process is used.

Websites using insecure HTTP use cleartext transmission, with all submitted data (including usernames and passwords) being sent from the user's computer through the internet via cleartext. Anyone with access to the medium used to carry the data (the routers, computers, telecommunications equipment, wireless transmissions, and so on) may read the password, username, and anything else transmitted to the website.

ee also

* Plaintext
* Plain (unformatted) text


Wikimedia Foundation. 2010.

Игры ⚽ Нужно сделать НИР?

Look at other dictionaries:

  • cleartext — noun The unencrypted form of an encrypted text; plain text …   Wiktionary

  • cleartext —    Text that has not been encrypted in any way and that can be intercepted and read easily while in transit; usually applied to an unencrypted password.    See also plaintext …   Dictionary of networking

  • Password — For other uses, see Password (disambiguation). A password is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource (example: an access code is a type of password). The password… …   Wikipedia

  • Anonymous remailer — An anonymous remailer is a server computer which receives messages with embedded instructions on where to send them next, and which forwards them without revealing where they originally came from. There are Cypherpunk anonymous remailers,… …   Wikipedia

  • Hushmail — Infobox Website name = Hushmail favicon = logo = caption = Hushmail Inbox url = http://www.hush.com/, https://www.hushmail.com commercial = type = Web based email registration = Yes owner = Hush Communications Ltd author = Cliff Baltzley launch… …   Wikipedia

  • Cisco PIX — PIX 535 Firewall Cisco PIX (Private Internet eXchange) is a popular IP firewall and network address translation (NAT) appliance. It was one of the first products in this market segment. In 2005, Cisco introduced the newer Adaptive Security… …   Wikipedia

  • Digest access authentication — HTTP Persistence · Compression · HTTPS Request methods OPTIONS · GET · HEAD · POST · PUT · DELETE · TRACE · CONNECT Header fields Cookie · ETag · Location · Referer DNT · …   Wikipedia

  • Tor (anonymity network) — Tor Developer(s) The Tor Project[1] Initial release 20 September 2002 (2002 09 20) …   Wikipedia

  • Signals intelligence — SIGINT redirects here. For the UNIX signal, see SIGINT (POSIX). RAF Menwith Hill, a large site in the United Kingdom, part of ECHELON and the UK USA Security Agreement. Signals intelligence (often contracted to SIGINT) is intelligence gathering… …   Wikipedia

  • Simple Network Management Protocol — (SNMP) forms part of the internet protocol suite as defined by the Internet Engineering Task Force (IETF). SNMP is used in network management systems to monitor network attached devices for conditions that warrant administrative attention. It… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”