AJAX progress indicator
Search:
  • Term
    Definition
  • The AES (Advanced Encryption Standard) is a standard for secure symmetric encryption. It is the successor to the Data Encryption Standard (DES), which had a key length of only 56 bits. It is a symmetric block cipher with a block length of 128 and key lengths of 128, 192 and 256 bits.(...) Read More
  • In cryptography, when we talk about Alice, we usually mean the sender in a system. (see as well: Bob). Read More
  • ANSI is the abbreviation for American National Standards Institute, the US standards organization (http://www.ansi.org/). Read More
  • Abstract Syntax Notation One is a platform-independent "language" that can be used to define data structures. It is a common standard of the ITU-T (International Telecommunication Union) and the ISO (International Organization for Standardization). ASN.1 is used to uniquely describe the(...) Read More
  • Asymmetric encryption is a method in which - in contrast to the symmetric cipher - two different keys are used: A publicly known public key for encrypting data and a secret key known only to the recipient of the message - the private key for decrypting. One well-known method is RSA ("Rivest(...) Read More
  • An attack is any attempt to determine the plaintext or the corresponding key from a given ciphertext using cryptanalytic methods. Read More
  • A user or computer system proves its identity through authentication. Authentication is possible, for example, through knowledge (password), through possession (e.g., an access card), or through biometric characteristics (e.g., iris structure, fingerprints, or similar). The basis for(...) Read More
  • Authenticity means genuineness. The word refers to the quality of a person to be authentic. Authentic things or objects are also considered genuine or original. The authenticity of a message means that it can be attributed to a specific person without any doubt. Read More
  • Authorization means that someone is granted the right to do something or to receive something. In companies, for example, the administrator authorizes certain users to gain access to systems. As a rule, users must first authenticate themselves. Read More
  • The Avalanche Effect refers to the fact that for a good cipher, changes in the plaintext affect the ciphertext. The algorithm produces a completely different output for a minimally changed input. For example, the SHA-2 checksum algorithm or the AES encryption algorithm show a strong avalanche(...) Read More
  • Biometrics refers - simply put - to the measurement of human characteristics. Biometric procedures are used to identify or verify persons. Biometric procedures are, for example, fingerprint or face recognition. How secure and reliable biometric procedures are depends, among other things, on(...) Read More
  • Block cipher is an encryption method type in which plaintext is processed in data blocks. The data blocks are encrypted and decrypted independently of each other. Examples of block ciphers are the algorithms AES [please link to glossary term], Blowfish, CAST, IDEA, MARS, Rijndael, RC5, RC6,(...) Read More
  • In cryptography, Bob "denotes" the receiver in a system. Where Alice is, Bob is not far away. Read More
  • In a brute force attack, criminals try to figure out passwords or keys by automated, random trial and error of different strings of letters or characters. Long keys, complex passwords, and limiting the number of failed attempts provide protection against brute force. Read More
  • The Federal Office for Information Security (BSI) was founded on January 1, 1991. It is the German government's cyber security authority and is part of the portfolio of the Federal Ministry of the Interior, for Building and the Home Affairs (BMI). Its mission is to make Germany more digitally(...) Read More
  • The Caesar cipher goes back to the Roman general Julius Caesar. Each letter of the alphabet is "shifted" by a fixed amount. The shift by 3 letters would be: A -> D, B -> E, ..., Y -> B, Z -> C. Read More
  • Card readers are devices used for communication with smart cards. Despite the name "card reader", most of the time card readers can also be used for writing on cards. Read More
  • A digital certificate is a data record that confirms certain properties of persons or objects and whose authenticity can be verified by encryption methods. The most common format for certificates is x.509. A certificate is digitally signed by a trusted authority (certification authority). This(...) Read More
  • The CA is a trusted entity with the task of authenticating cryptographic keys (see Certificate). It is an important component of a PKI. More precisely, a certification authority (CA) issues certificates. It confirms the correctness of the data contained in the certificate by means of its(...) Read More
  • The term cipher comes from the Arabic word "sifr" and means "empty" or "zero". Originally, the cipher was used for zero from the 13th century. Since the 18th century, the cipher stands for a sign of a secret writing. Therefore, one also speaks of ciphering or deciphering. Read More
  • In cryptology, a code system, as opposed to a cryptosystem, is a system for substituting whole messages, parts of messages, words, or syllables of one language with words or character strings of another, often artificial, language. Meaning codes operate on semantic language units. A(...) Read More
  • The Data Encryption Standard (DES) is a widely used symmetric encryption algorithm. It was developed by IBM in the early 1970s and standardized by the U.S. standards organization NIST (National Institute of Standards and Technology) in 1977. Today, DES is not considered sufficiently secure for(...) Read More
  • In a denial of service attack, an Internet service is deliberately flooded with targeted requests. The server can no longer process the many requests and fails due to overload. If the requests are made by a large number of computers, this is known as a distributed denial of service attack(...) Read More
  • In an analog world, people prove their identity with a sovereign document such as an ID card. To make this convenient in the digital world as well, experts are currently working on concepts for deriving the sovereign identity to the smartphone, for example. Whenever the user then has to prove(...) Read More
  • In public key cryptography, a directory is required in which certificates and certificate revocation lists (CRL) can be published. The directory service is part of a public key infrastructure (PKI). Read More
  • ECC stands for "Elliptic Curve Cryptography" and is a public key method based on the calculation of elliptic curves. It is used to create small and efficient encryption keys more quickly. ECC computes keys using operations based on elliptic curves instead of the very large prime numbers(...) Read More
  • eID is the abbreviation of "electronic Identity". It is also referred to as "digital identity". An eID is the digital proxy of an analog person, object or process in the virtual world. Read More
  • Data that you want to protect from access by third parties can be converted into unreadable character strings using cryptographic encryption methods (see also cipher, decryption). Read More
  • The entropy of a password is the number of yes/no questions an attacker has to ask one after the other to first narrow down and finally guess a password he wants to guess ("hack"). Since the attacker usually does not get a direct answer to each of these yes/no questions, he has to combine the(...) Read More
  • Factorization means the decomposition of numbers into prime factors. It forms the basis of modern cryptography systems, such as the RSA method. Multiplying two numbers together can be done quickly. Reversing this action - i.e., finding the factors out of the multiplied number - is extremely(...) Read More
  • see Finite body Read More
  • Hackers attempt to penetrate computer systems and access their data. Hackers in the classic sense want to draw attention to security gaps through their work. However, there are also hackers who act criminally and misuse the captured data. Read More
  • The term "hash function" originates from the English verb to hash and means "to chop up". Hash functions reduce characters of any length (e.g. a password with five letters or a password with 7 letters) to characters with a fixed length (e.g. always three numbers. This reduces them to a small,(...) Read More
  • Identity theft means that unauthorized persons have stolen a person's personal data without permission. As this happens, Internet criminals "phish" such data and use it to drain a bank account or order goods at the expense of the person affected. Other common terms are identity fraud and(...) Read More
  • Kerberos is the name of an authentication service and is also called a network authentication protocol. It is intended for open and inherently insecure computer networks, such as the Internet. It is intended to uniformly authenticate the unsecured networks on secure host computers. This(...) Read More
  • This refers to so-called key escrow, i.e. the possibility for a higher-level entity to obtain a user's private key. This is generally not desired in the private sphere, but is useful for the internal use of cryptography within a company. Read More
  • Key management includes all the administrative functions used to generate, distribute, store, destroy, and update keys. Read More
  • The so-called knapsack problem was one of the first problems used for public key methods. The description is simple: Given a backpack that can carry a certain weight and a large number of objects with different masses. The problem is to choose what to put in the backpack to fill it optimally.(...) Read More
  • A lattice is defined in mathematics in a similar way as in everyday life: In the simplest case, it is understood to be a construct of parallel straight lines ("lattice bars") equally spaced and running in two different directions. However, as is common in mathematics, a lattice can also be(...) Read More
  • The term refers to the attack method on a cipher and belongs to the class of so-called known-plaintext attacks. One tries to discover and exploit simple ("linear") dependencies between the bits of the plaintext and the ciphertext in order to obtain information about the key. Read More
  • see hash value Read More
  • The term refers to the possibility of recovering encrypted messages, e.g. if the original encryption key has been lost. Read More
  • see Smartcard Read More
  • see Man-in-the-Middle-Attack Read More
  • Middleware is - generally speaking - a component that stands between two other components and mediates between them. In cryptography, middleware usually refers to a component that stands between an application program (for example, email encryption software) and a crypto module (for example, a(...) Read More
  • The National Institute for Standards and Technology - formerly NBS (National Bureau of Standards) - is a division of the U.S. Department of Commerce that among other things sets cryptographic standards (http://www.nist.gov). Read More
  • OCSP (Online Certificate Status Protocol) is a protocol that can be used to check online whether a certificate received is valid. It allows a user to query the validity in real time via so-called OCSP responders. Read More
  • This means a long and preferably memorable string of characters, such as sentences with punctuation. The passphrase is intended to replace passwords because it is easier to remember and offers more security. Read More
  • A password is a secret string of characters used for access or access control. The password should be known only to its user. Typically, a password is not too short to be certain that an attacker cannot guess it by trial and error. To make guessing a password costly, it should have as much(...) Read More
  • PKI (Public Key Infrastructure) is the term used to describe the components and processes required to use digital certificates. A PKI includes a certification authority that issues the certificates. Other typical PKI components are a registration office, which can be used to apply for a(...) Read More
  • Post-quantum cryptography includes those asymmetric cryptographic methods that cannot be broken by a quantum computer. Almost all asymmetric methods currently used in practice - especially RSA and Diffie-Hellman - do not belong to post-quantum cryptography, as they are quite vulnerable to a(...) Read More
  • This is the secret key, known only to the recipient of a message, used in asymmetric ciphers to decrypt or create digital signatures. Read More
  • A quantum computer uses the effects of quantum mechanics and therefore works differently than conventional computers. While such a device can only perform certain computational operations, it can do so very quickly. In particular, a quantum computer can break all common asymmetric encryption(...) Read More
  • Strong cryptographic methods withstand attacks with decryption attempts. The effort required to decrypt a message would be too high (at least in the foreseeable future) with the computers currently available (see also: weak cryptography). Cryptographic methods are subject to a certain "aging(...) Read More
  • The term describes an encryption method in which the same key is used for encryption and decryption or in which these two keys can be easily derived from each other. A distinction is made between block ciphers, which process the plaintext in blocks of fixed length (usually 64 or 128 bits), and(...) Read More
  • Asymmetric encryption is about choosing a function that is very easy to calculate, but whose inverse is very costly. The discrete logarithm is such a one-way function. However, there are functions for which the inversion can be abbreviated with additional information. In such a case one speaks(...) Read More
  • Electronic cash register systems in Germany must be equipped with tamper protection, the so-called technical security device (TSE). The basis for this is the "Verordnung zur Bestimmung der technischen Anforderungen an elektronische Aufzeichnungs- und Sicherungssysteme im Geschäftsverkehr" - in(...) Read More
  • USB token refers to a small device with a USB port, often in the form of a keychain. It is used for authentication. USB tokens can perform similar cryptographic functions to a smart card, for example. The advantage is that no reader is required. USB tokens generate a unique number combination(...) Read More
  • VPN is short for Virtual Private Network (VPN). The term describes a network that connects its nodes via public networks (e.g. the Internet). By using cryptographic procedures, all communication can be carried out confidentially (hence virtual private). Read More
  • The quality of a cryptographic procedure depends on the effort a potential attacker would have to expend to "crack" a message without knowing the key. The effort consists of the required computing time (i.e., number of computing operations) and the required memory. Weak cryptographic methods(...) Read More
  • X.509 describes a standard for the structure and encoding of certificates, CRLs and authentication services. X.509 is the most frequently used standard for certificate structures worldwide. Read More