You are on page 1of 133

/


()

1389

A
A5/1

GSM .

A5/1 encryption
algorithm
AAAAuthentication,
Authorization, and
Accounting
abort
abrogate

delegate

abstract class
abstraction
abuse
academic break

accept

access

access authority

access control

( )
.

access control entry


)(ACE
)access control list (ACL

access denied

access request

access restriction
access server

accessibility
account
accountability

.

.

accounting
accredit
accreditation

accumulator

ACEAccess Control
Entry
ACIDAtomicity,
Consistency, Isolation
and Durability
acknowledgment
ACLAccess Control
List
acquirer

. .

acronym

action

activation data

active attack

. ( .
)passive attack

active content

active misuse

/
.

active S-box

activity diagram

Ad hoc network

PDA
.

adaptability
adaptive
adaptive chosen
ciphertext attack

.
.

adaptive chosen
plaintext attack

.
.

address

address resolution
)protocol (ARP
address spoofing

adequate security

additive stream cipher

adjoint
ADLArchitecture
Description Language
administrative
adversarial attack
adversary
adware

-
2001 )(NIST

AEAuthenticated
Encryption
AEADAuthenticated
Encryption with
Associated Data
AES (Advanced
)Encryption Standard

FIPS-197
DES . 128 .

192 128 256 12 10 14 .
f ( x) ax b

affine transformation
agent

agent based

aggregation

aggressive mode
AHAuthentication
Header
alarm
alert
alert correlation
algebraic attack

.
(


.

XL (
) ).


) f(x1,x2,..,xn
.

algebraic degree
algebraic immunity
degree
algebraic normal
)form(ANF

f .

f(x1,x2,x3)=1+x2+x3+x2x3+x1x2x3

.

.
.
.

algorithm

algorithm complexity
alias
alignment
alignment property
all-or-nothing
encryption

almost perfect nonlinear


)function (APN
alphabet

alternating
alternative step
generator
always trusted
analytic modeling
annihilator
anomaly detection
anonymity

anonymizers

anonymous
antivirus

applet

( )

application


) (proxy

(MIME)

ActiveX .

application content
filtering

application gateway
application layer
application level firewall
application
programming interface
)(API
application proxy
application relay
approved
arbiter
architecture description
)language(ADL
archive
ARPAddress
Resolution Protocol
array
assess
assessment method

assessment procedure

- -

asset
assignment
associated data
assurance

(
)
.
;
(

= asymmetric cipher
two-key cipher

) (
.)
.
-

asymptotic space
complexity

asymptotic time
complexity

asynchronous

.


.

-1

atomicity
atomicity, consistency,
isolation and durability
)(ACID
attach
attack

-2

attack recovery

attack signature

attacker

attribute

attribute authority

audit

audit data

audit logic

audit query

audit record


.

.

audit reduction tools

audit trail

auditability

authenticated encryption
)(AE

authenticated encryption
with associated data
)(AEAD

. -


.
.1

authentication


.
.2
.
.3
. ( ) .


authentication header
)(AH
authentication server
)(AS
authentication token

authentication,
authorization, and
)accounting (AAA

.

.
Authentication .

authenticity
authority

.
.1
.
.2

authorization

authorization request
authorized

autocorrelation

auto-key cipher


.
.

automaton
autonomous
autonomy
availability

avalanche effect



(.
).

awareness

B
-

.1 -

baby-step giant-step
algorithm
back door


.

.

.2

.

)back up(n
)back up(v

10 /

backbone
backup system

backward

bacteria


( ) .

bad certificate

badge

( )
( )

balance
balanced


.
BAN

BAN logic

1989Abadi Needham
Burrows . -

.


bandwidth
base
baseline security

baselining

bastion host

) (DMZ
FTP

( )hardening.

bayes theorem

)P(A,B)=P(A|B)P(B)=P(B|A)P(A
BCH

.
Chaundhuri Bose

BCH code

11 /
Hocquenghem (
) .

bent function

(.
).
1976 .

RM .
.1 -

BerlekampMassey
algorithm

.
.2 BCH
RS
.
.1 ( )

bias

.
.2
.

.

biased
big-O notation

-
.

bijective

binary

binding
)biometrics(1
)biometrics(2

birthday attack

12 /
.

.

birthday paradox


.
23

1
2

S-box

bit independent criterion


)(BIC

bit-oriented

black hat

black hole

.
.
( )DoS
.

()

= black hole attack


packet drop attack

-
.

()

black webber

black-box attack

blacklist
blended attack

.
(..)
1983
D. Chaum .

blind carbon copy


)(BCC
blind signature

13 /
.


.

.1

blinded message
blinding


( )
( ).
.2
( )

)block (1

)block (2
block cipher


.
.


.

. DES AES
.

block length=block size


Bluetooth

PDA
.
p q

Blum integers

)p q 3 (mod4

--

BlumBlumShub
generator
boomerang attack
boot sector virus

14 /
.Robot
.

bot


.

.

.

.

( )zombie .

botnet

-
.

bottleneck

.
BNC

)bouncer (BNC


.


.

bound
boundary protection

Bounded-errot BPP

Probablistic . Polynomial-time
-

BPP complexity class

15 /
.

branch number

) (mixing layer
.

breach
break

( .
).

breakable

bridge

( )LAN .

bridge firewall
broadcast

broadcast encryption

browser
brute force attack

buffer
buffer overflow

buffer overflow attack

bug

built-in

burst error

business continuity plan


)(BCP

16 /

.

business impact analysis


)(BIA

business recovery)rsumption plan (BRP

bypass

CACertification
Authority
cache consistency
caching
Caesar cipher


.
"" "" "" ""
.
.

Camellia cipher
captcha

Capture Character

.
.1 .

capture

.2
.

()

captured
card issuer

cardholder

) PIV( Personal Identity Verification.


cascade cipher

.
CBC Cipher Block

17 /

Chaining mode
centralized directory
service
CERT Computer
Emergency Response
Team
certificate

certificate of primality
)(or primality certificate

(
) .
( )
( )

certificate revocation list


)(CRL

.
-
.

certificate-related
information

( )CA .

certification

certification and
)accreditation (C&A

Authority

(Security

SAAA

) Authorization Agreement .
2002
.

.

certification authority
)(CA

certification policy
certification sign request
)(CRS
CFB Ciphertext
Feedback Operating
mode

18 /

chaffing and winnowing


.
(
) .

() ()
.
.

.

chain


CBC .

chain of custody


( ).



.

chaining attack
challenge message
challenge-response
authentication
change point test


.
( )
.

( )

chaotic function
character
characteristic
characteristic frequency
characteristic
polynomial
check list

checksum

chinese remainder

19 /

)theorem (CRT
chinese wall security
policy
chosen ciphertext attack

chosen IV attack

chosen plaintext attack

.

.
.



.

cipher

cipher block chaining


)mode(CBC

( )IV .

.

cipher feedback
)mode(CFB


.

.
plaintext


.
. .

ciphertext
ciphertext only attack

20 /

( OSI

ciphony
circuit level firewall

)TCP .

.
:
- -.

.

circuit level gateway


claimant
class
classic ciphers



.
.



f g
x y

classification
classified data
classifier
claw-free= clawresistant

) f(x)=g(y .
Wi-Fi
.

clear channel assessment


attack
cleartext = plaintext
clickjacking

.

/
Skip-Jack

client
client/server model
Clipper chip

.
1993 1996
.

clock-controlled
generator
clogging attak

21 /
.


.
/

closed/open world
policy

closest vector
)problem(CVP

.

( ) .
NP
.



.

closure attack
clueless
cluster analysis
code

.
.

()

code breaker
code maker
codebook

codebook attack

-
( ) .


( )CBC .

coding

coercion resistance

cold site = shell site


.
.

collision

22 /
(
)
.

collision free

collision free hash


function
collision resistance

combining function
commitment protocol

()

. ( )

.
-

common vulnerabilities
)and exposures (CVE
communications
)security(COMSEC

) ( )

... .

x k
:

) f k (x ) f k (x

x , k

compatibility
complementation
property
completeness property

complexity theory
component
compression function

23 /

compromise

compromising
emanations

computational
complexity

) . -
()
.

.

...

computational
complexity theory

computationally secure


( .
).


()

computer crime
computer emergency
)response team (CERT

. "" "
"
.

computer forensics

computer fraud

computer security
COMSEC
Communications
Security

24 /

concatenate
concealment
concurrent

concurrent connection

conditional security

conference keying
protocol

confidentiality

configuration

configuration control

confirmation
confounder
confusion

.

( .

).
) (diffusion.

connection handling
stage
connection maintenance
connection oriented
connection setup /
connection
establishment
connection teardown
connectionless
consistency
console
constraint
content filter

25 /

content format
contingency plan



. AES

contract
control connection
conventional
cryptosystem
cookie

.


.

.


.
a b( )

coprime

copy protection
copyleft

-
.

copyright
correcting block attack

-
LFSR .


. 1985
Siegenthaler .

correlation
correlation attack

26 /

correlation immunity



.
. n f

k
k
.
power analysis attack

.

.
.

correlation power
)analysis attack (CPA
counter mode= integer
counter mode,
segmented integer
counter mode

counterexample

countermeasure

cover object

covert channel


.
-
.

CPACorrelation
Power Analysis Attack
cracked
cracker

cracking

CRCCyclic
Redundancy Check
credentials

27 /

-

credentials service
provider

credit card
critical security
parameter

(PIN)
.
.

criticality level

CRLCertificate
Revocation List
cross certificate pair
cross certification
cross correlation
)cross site scripting(XSS

.


.

.

CRSCertification Sign
Request
CRTChinese
Remainder Theorem
cryptanalysis

( . ;

)

cryptanalyst

crypto-anarchism
cryptogram
cryptographer

28 /

cryptographic
cryptographic strength
cryptographic token
cryptography

cryptological

cryptologist

) (cryptography

cryptology

).(cryptanalysis
.

cryptoperiod

cryptosystem
CTRCounter mode

cut and paste attack

cut-and-choose protocol

CVECommon
Vulnerabilities and
Exposures
cyber liability

()

cyber terrorist


cyber cyberspace

cybercrime

cyberspace

cyclic
cyclic code
cyclic group

data
data compaction

29 /

data complexity
data compression
data conversion
data custodian

data deciphering

data decryption

data encryption

data integrity
data link layer
data message integrity
data mining
data perturbation
data port

data protection

data remanence

data restoration

data seal

data security

data stream

database
data-driven attack
datagram
DCDifferential
Cryptanalysis
dealer
debit card

debug

decentralization

decimated subsequence

decimation

30 /
.

decipher

encipher

decision tree
decode
decoder
decoding attack

.

.


encryption

decrypt
decryption
DECT )Digital
Enhanced Cordless
(Telecommunications


500
.

(
) .

deduction
defined plaintext attack
chosen plaintext
attack
demilitarized zone
)(DMZ

( ) .
-

deniable authentication

deniable encryption

.


.


denial of authentication
attack
denial of quality of
)service (DoQoS
denial of service attack
)(DoS

31 /
.

.

deny

derived key



.()
.
DES (Data Encryption
)Standard

64 56
1977
) (NBS -
.
AES .



description logic
designated confirmer
signature = confirmer
signature
deterministic
deterministic encryption


.ECB
Probabilistic Encryption

dictionary attack


.
.

dictionary based attack

difference distribution
table
differential cryptanalysis

( )


.

32 /

- .




.
.

power analysis attack

()
.

differential power
)analysis attack (DPA
Diffie-Hellman key
exchange = DiffieHellman key agreement
= exponential key
exchange
diffusion

.

.

.
. ) (confusion.
( )

digital

.
/

/

digital certificate
digital envelope
digital evidence

/
.
/

digital ID

digital signature

.

) (authentication
) (integrity
) .(non-repudiation

33 /
.
.

Diophantine equation
disaster recovery plan
)(DRP

discard
disclosure attack


.

x ) bxn (mod m
n b .m

disconnection
discrete logarithm
problem

discretionary access
control
disruption


(
).
D

distinguisher

X Y .
:

}Pr{D (X ) 1} Pr{D (Y ) 1
.
.

distinguishing attack


.


DoS

distinguishing identifier
distributed computing
distributed denial of
)service(DDoS

34 /
. DDoS

.

divide and conquer

.


.



DNS

.DNS DNS spoofing DNS

DMZDemilitarized
Zone
DNS attack
DNS cache poisoning

.
DNS DNS

DNS spoofing

DNS
DNS .

DNSDomain Name
System
document
doll code


.

.
Valvalee Dickinson

.

S1 S2
S1 S2
S1 S2

domain name system


)(DNS
dominate

35 /

doorknob rattling attack

.
- )..(

DoSDenial of Service
Attack
)dot dot attack (..

double encryption
DPADifferential
Power Analysis Attack
DSA (Digital Signature
)Algorithm


.

.

DSPDigital Signal
Processor
DSS (Digital Signature
)System


DSA NIST 1991
.
.

dual
dual encryption protocol
)(DEP
dual-use certificate

due care

dummy message

.


.

dumpster diving
duplicate digital
evidence

duration

dynamic

36 /

) (IP .

dynamic host
configuration protocol
)(DHCP

E
-

easter egg


.

.

E-authentication
electronic authentication
eavesdropping
ECBElectronic
Codebook mode
ECCError Correcting
Elliptic Curve Code

Cryptography
ECDSAElliptic Curve
DSA
echo request
EDEEncipherDecipher-Encipher
edit distance
effective
effective key size
efficiency
egress
egress filtering

) (IP -
-.

electromagnetic
analysis(EM) attack

.

.



electronic authentication
)(E-authentication
electronic cash
electronic codebook
operating mode
)(ECB

37 /
.

electronic data
interchange
electronic signature

electronic wallet


.


.

electronic coin

ElGamal public-key
encryption
ElGamal signature
scheme
eligibility
elliptic curve
cryptography
email
email filtering
embedded system

. decipher

encapsulation
encipher
encipher-decipher)encipher(EDE

.

. DES :

encrypt
encrypted

encryption

end to end

encode
encoder


decryption

enciphered

end to end encryption


end to end security
end user
enemy

38 /
.

entity
entrapment

entropy

entry
ephemeral key

.
-
-
.

.

ephemeral secret
erasure error

error correction code

error detection code

.
CRC .

escrow

espionage
evaluation metric
evasion attack


.


.

event

event driven

event logger

39 /

event oriented
)exclusive OR (XOR

executive
exhaustive key search
attack


.

.
.

exhaustive search

existential forgery

expiry time

exploit code

exposure

fabrication
fabrication attack

fair cryptosystem
fairness
false acceptance rate


.
.1

false negative

.
.2
.
.1

false positive

.
.2
.
...

fault
fault analysis attack

40 /

( ) .

.

NIST

fault detection
federal information
processing
)standards(FIPS
feedback

( )

Feistel construction

.
( )
. (
) .
.
n
n . DES
2.

Fiat-Shamir
identification protocol
field

file transfer
)protocol(FTP
filtering

filtering router

financial cryptography
)(FC

fingerprint

finite field

finite state automaton


finite-state machine
FIPSFederal
Information Processing
Standards
firewall

firewall control proxy

41 /
.

.

firewall environment


.

.

firewall ruleset


.

.





firmware
fitness function
fixed point attack
fixed-point chaining
attack
flaw

flexibility

flooding

forced delay attack

forgery

formal

forward cipher
forward search attack

forward secrecy

forward security

)forward(1

)forward(2

flooding attack

fragile watermark

42 /

fragment
fragmentation
frame
framework
frequency analysis
attack


.
.

frequency hopping

frequency test

freshness
FTPFile Transfer
Protocol

gap of a sequence

gate
gateway
general deduction
general number field
sieve
generalization
generator

generic attack

global


TCP/IP

goodness of fit test


gopher


www .



( )
.

Goppa code
graduated security

43 /

granularity

gray hole attack


.
-

grey hat hacker

group key management


)protocol (GKMP
group signature

.
( )

)guard (system guard

guess and determine


attack

hack

hacker
hacking

Hadamard transform

hamming distance

.
.

.1
.
.2

hamming weight
hand shaking
handler

44 /
( ) .

intractable problem .

handoff
handshake
hard problem
hard-code

) .

hardening

( )DMZ

DNS .
-

hardware-oriented
hash function

.

.
.

header
heuristic security

hiding

high assurance guard


)(HAG

high impact system

hijacking

histogram

HMACHash-based
Message Authentication
Code
homogeneous
homomorphism property

45 /

honeynet

honeypot

hook
host impersonation
attack /server spoofing
attack




--


host to host
host to LAN
host-based
hot site

hub

hybrid encryption

hyper link

hyper text

) e g ( n ) g (n n

hyperexponential

e n


()

hypertext markup
)language (HTML

I
ICMP TCP/IP ICMP
IP

ICMP attacks (Internet


Control Message
)Protocol attacks

46 /
.
.
ICMP sweep ICMP floodICMP fingerprinting

.
ICMP ICMP

ICMP fingerprinting

.
. Smurf attack .

ICMP

ICMP

ICMP flood
ICMP sweep = ping
sweep
ID Code
IDEA

ideal security

identification

identity
IETFInternet
Engineering Task Force
impact

Impersonation attack

.


.

implementation

implication

implicit

impossible differential
attack


.
.
.

incident

47 /

.
incoercibility

IND-CCA
Indistinguishable
Chosen-Ciphertext
Attack
IND-CCA2
Indistinguishable
Adaptive ChosenCiphertext Attack
indistinguishability
indistinguishable
adaptive chosenciphertext attack (INDCCA2)
indistinguishable
chosen-ciphertext attack
(IND-CCA)
infected attachment
information
information dispersal
algorithm (IDA)

information hiding

information leakage

information sharing

information system
information system
security officer
(ISSO)
information technology
(IT)
information warfare
infrastructure
ingress filtering



) (

IP
.

48 /

inheritance
)initial value (IV
=initialization vector

initialization
insecurity
insertion attack


-
.

insider attack

inspection
integer counter
mode(ICM)= Counter
mode
integer factorization
integral cryptanalysis

)(SPN

integration
integrity

integrity check value


)(ICV
inter host
communication
inter realm

interaction

interactive

interception

interface
interleaving
interleaving attack
internet

49 /
.

internet engineering task


)force (IETF
internet service provider
)(ISP
interoperability
interpolation
interpolation attack



.

.
.

interruption
= intractable problem
hard problem
intruder
intrusion
intrusion detection
intrusion detection
)system (IDS

-
.
) (Tamper

invasive attack

.

-
.
.

inversion attack

invertible

involution

. f ( f ( x)) x
IEEE IP

IP security
)(IPsec

IP IP

IP spoofing

) (IP .

50 /
-
.

irreducible polynomial




IT

isomorphic property
iterated
IT-related risk
IVInitial Value

jammer
jamming
jitter
join - request

Kerberos authentication
protocol

. "-"

.
:

Kerckhoffs assumption

kernel

key



-
.

.

key agreement
key clustering attack

key distribution

key distribution
)Center(KDC
key escrow

key establishment
key exchange

51 /

key expansion
key generation material

key loader

key logger
key management

(
)
.






key notarization
key pair
key recovery
key revocation
key schedule
key translation center
)(KTC
key transport

key whitening

(
).
(

key wrap

)
.

key-only attack
keyspace

keystream

keystroke monitoring

kleptography

52 /




knapsack problem
knowledge
known IV attack

known plaintext attack

.
.

L
n

LAN Local Area


Network
latin square

n n n

.

lattice
layer
LCLinear
Cryptanalysis
leased line
least privilege

legitimate
letter frequency
level of significance
=lexicographical order
dictionary order
LFSR Linear
Feedback Shift Register
life time
lightweight
cryptography

-
.

linear approximation
attack
linear complexity

53 /

linear complexity test


.

( )

linear consistency attack


)linear cryptanalysis (LC

()
.


.


.

.
-

.
( )
.

linear feedback shift


)register (LFSR


.
-
.


U V

linear sequential circuit


)approximation (LSCA
linear syndrome attack
linear transformation

:
) 1. v 1 ,v 2 V :T (v 1 v 2 ) T (v 1 ) T (v 2
) 2. v V , R :T (v ) T (v

linearization
linguistic steganography
link

54 /

link analysis

liveness
)(principal liveness

load
load balancing
loadable modules
local area network
)(LAN
local area network
)(LAN
local registration
)authority (LRA
log

Log off =Log out

Log on = Log in

logging
logic bomb

( )
.

long term
look up table
loop
loose source routing
low impact system

)
FIPS 199
.

MAC Message
Authentication Code
macro payment
macro virus

mailbox
maintenance
malicious software

55 /
(

malleability

)

.
.

malware = malicious
software
man-in-the-middle
)attack(MITM


.
.

modification detection code


.

manipulation
manipulation detection
code
many to one
mapping
MARS

5 AES
. 128
128-1248 .

mask
masking


(
) .

Spoofing

masquerader
masquerading


( ).
.

)mass mail (MM


master key


1992 .

matching
Maurers universal
statistical test

56 /
.

McEliece cryptosystem


.
.
.

.
)MD5(Message Digest5

MD

MDS

MDCModification
Detection Code
MDS code

. RS

MD-strengthening
Merkle-Damgard
Strengthening
measure of roughness
mechanism
meet in the middle
attack



.
.

memory-resident virus

mere semantics
merge

.



.
.

Merkle-Damgard
construction

57 /
-
MD

.
Mn= 2n 1 n

Merkle-Damgard
strengthening= MDstrengthening= Length
Padding
Mersenne number

mesh
message authentication
message authentication
)code (MAC
message concealing
message digest
message integrity
message integrity code
)(MIC
meta data
metamorphic virus

.
.

.macro payment


( )

metropolitan area
network
micro payment
million instrument per
)second (MIPS
MIME(Multipurpose
)Internet Mail Extension

-MIPS

MIPSMillion
Instrument Per Second
MIPS-year

misfeasor
misnamed

misrouting attack

58 /


.

.

miss
miss-in-the-middle
attack

.
()
.


Mitnick

mission time
missionability
misuse detection
MITM Man In The
Middle attack
Mitnick attack


TCP.

mix net

MD5 :
. SHA-1

-m

mixing
mixing cipher
mode
modification detection
)code (MDC
module
monitoring
monoalphabetic
substitution
monomial
monotone
m-resilient

59 /
2n 1 -

m-sequence = maximum
length sequence

n .

.

multilevel caching
multiple encryption
multisignature
mutual authentication

.
unilateral authentication

national institute of
standard and
)technology(NIST

.
.


( )

navigation
need to know principle
= principle of least
privilege

2000-2003
.

negligible
NESSIE(New European
Schemes for Signature,
Integrity and
)Encryption
net-mask
network
network access server
) (NAS
network address
)translate (NAT


IP
.

network file system


)(NFS

network IDS base

60 /
()

network information
)center (NIC
network interface

network scanner

network security

network time
)protocol(NTP
network weaving

NFSRNon-Linear
Feedback Shift Register
Niederreiter encryption
scheme

.

.

NISTNational
Institute of Standard and
Technology
node
noise

Nonce

non-interactive
non-invasive attack


.
.

.
(LFSR)
.

non-linear feedback shift


)register (NFSR
nonlinearity
non-malicious

61 /

non-malleable

C1
C2

.

non-repudiation

notarization


NP
.
.

nonpersistent

notary
= NP Problems
Nondeterministic
Polynomial Problems

-NP
NP

NP-complete
NP-hard
NSA(national security
)agency
null

OAEP Optimal
Asymmetric Encryption
Padding
obligation
OFBOutput Feedback
mode
off-line
omnipresent
one-time password
one-time-pad cipher

.
.
.

one-way function

on-line
on-to
ontology

62 /
Operation Code

)Opcode (operand code

operand
operating mode

.
.
) ECB(Electronic Codebook
)OFB(Output CFB(Cipher Feedback mode

) Feedback mode .


RSA

opponent
Optimal Asymmetric
Encryption Padding
)(OAEP

oracle

order

outage

output feedback
)mode(OFB

.

.

over flow
overdefined

overhead
overlap

package
packet
packet sniffer

padding

63 /
- .

pager

parity

passcode
passive attack

.



.

passkey
passphrase
password

patch

patent

P-BoxPermutation
Box
peer to peer
PEM (privacy enhanced
)mail

IETF
.

pending
penetration
penetration test

.

.

perfect forward secrecy



.

.

perfectly secure system

performance

permutation

permutation box
)(P-Box
persistent

64 /




.

personal area network


)(PAN
personal digital assistant
)(PDA
personal identification
)number (PIN
pervasive computing
environment

.
PGP (pretty good
)privacy


1991
( )

.

phishing attack


... .

.

.
.


.

physical attack

.

IP

Ping ( packet internet


)groper
PKCS Public-Key
Cryptography Standard
PKI Public Key
Infrastructure
plaintext

platform for privacy


)preference project(P3P

65 /
.

55

plausible deniability
Playfair cipher

p-1

PN sequence
Pseudorandom Number
Sequence
)point of present (pop
)point of sale (PoS
policy
policy description
)language (PDL
Pollard p-1 method

Pollard Rho method

poly alphabetic
polyalphabetic
substitution
polymorphic virus

polynomial
polynomial time
port
port scanning



PoSpoint of sale

potential impact

power analysis attack


.
.

= p-problems
polynomial problems

66 /

preamble

precision

precursor

.

.

preimage attack
preimage resistance


.

-

f ] F2[x 1

preprocess

primality test

) f(x n ] F2[x
1

pre-play attack

preshared key

pre-paid payment

primary key
primitive polynomial

x 2

d x d 1 2n 1 .

priority

privacy

private key


.

.

private key cryptosystem

private network

PRNG Pseudorandom
Number Generator
proactive security
probabilistic algorithm
probabilistic encryption


. CBC .

probabilistic model

67 /

probabilistic public-key
encryption

( RSA
).

probabilistic signature
)scheme (PSS
procedure
process
product cipher


.

. .

f k -

profile
propagation criterion

k

1
2

protection

protocol

provable security


( ) .
.

p= 2m k k

0 < |k| < 2m/2.

prover
proxy server
proxy signature
pseudo attack
pseudo collision
pseudo-Mersenne
primes

pseudonym

pseudoprime

pseudorandom
pseudo-random number
)generator (PRNG

68 /

public directory

public key
public key cipher
public key Infrastructure
)(PKI


.

RSA .

public-key cryptography
standards (PKCS):
purge

quantum cryptography
quartet
query

R

.

Rabin public-key
encryption
radio frequency
identification tag (RFID
)tag
rainbow table

.

.

random
random attack



.



.

random number
generator
random oracle

69 /
.

randomness
randomness test
RC6


AES.
r .

-r

r-collision
reactive
real time

.

. -

.

realm
receipt-freeness

reciprocal polynomial
rectangular attack
redundancy
reflection attack

)regional authority (RA


rekeying
related key
related-key attack

reliability
reliable
relinearization
remailer

70 /

.

remediation

:
.

replay attack

repository

.
G k g1g2..gn G

representation problem

h G-n ) (a1,a2,..,an
h ) (g1,g2,..,gnG

h=g1a ga2 ..gan .


n

G .
.


resiliency order
resilient function
resource exhaustion
RFCs (Request For
)Comments

RFID Tag Radio


Frequency Identification
Tag
Rijndael

AES
.

risk
RNG Random
Number Generator
robustness
root CA

rootkit

rotation
round

71 /

CISCO

round key
)router audit tool(RAT


.
RSA

RSA algorithm

)run (of a sequence

.
.

run test
run time
running key

S

MIME

2p+1 p

S/MIME
(Secure/Multipurose
Internet Mail
)Extentions
SACStrict Avalanche
Criterion
safe prime

. ... 47 23 11 7 5

safeguard

(
)
.



.

safety




.

.

salt

72 /

.

salting

sanitization

.
.
) (conjunctive normal form

satisfiability problem


"" " "1
.
Cook 1971 -NP
.

saturation attack
s-boxsubstitution box


RFC 1949
)Multicats(

scalable
scalable multicast key
)distribution (SMKD

scavenge

scheme
schnorr signature
scheme
scrambler
screen scrapping

scrip
script


.

m1 m2

second preimage
resistant= weak collision
freeness

) hash(m1) = hash(m2 .

secret
secret key cryptosystem

73 /
.

secret sharing scheme

secure channel
secure electronic
)transaction (SET
secure socket layer
)(SSL
security
)security association (SA

( )
.

. :

security audit
security classification

security evaluation

security hole

)security identifier (SID

security incident

vulnerability .

security label

security policy
security violation
seed

selective forgery

self synchronizing

self-shrinking generator
self-signed certificate

self-synchronous

semantic security

semi-invasive attack

74 /

.
.

semi-weak key

sensitive data

sensitive information

sensitivity

separation of duties

serial test

" "11""10""01""00

2
.
Serpent


. AES

server
session hijacking



.
.

session key
setup time
setupc
SHA (Secure Hash
)Algorithm

NSA
NIST
.
SHA-2 SHA-1 SHA-0 .

shadow

75 /
.

shared key cryptosystem

shift register

short term

shrinking generator

1993 .

.

side channel attack

.

.

sieving
signatory
signature stripping
signcryption

-
.


significance level
simple network
management protocol
)(SNMP

.
power analysis attack .

simple power analysis


)(SPA
single-hop problem

site
slide key attack


.


.

n -y

smart card
smooth integer

76 /
y.
ICMP

Smurf attack

. ping
IP -
-
.

sniffer

.
.
.

sniffing
software-oriented
)solving factor (SF
soundness
source routing
SPA simple power
analysis
spam

spammer
sparse

split knowledge

.

.
F ) f(x F ()

splitting field

K ) f(x
:
f(x) )2 F K )1 K )3 .
K F )1(
( )2 .
SPN Substitution
Permutation Network

77 /


-
.

spoofed
spoofing
spread spectrum
transmission
spy virus
spyware
square attack
SSLSecure Socket
Layer
stage
state
state space
station to station key
agreement protocol
)(STS
statistic
statistical cryptanalysis
status
stealth virus

.

.

steganalysis

steganography


.
.
cover (

stego-object

)object .


stop-and-go generator
storage complexity
stream cipher

.

.

strength
strict avalanche criterion
)(SAC

78 /
1

2
.

) (x,y ) H(x)=H(y
.

strobe
strong collision
resistance
strong hash function



.


.1

strong prime
strong pseudoprime
structural attack

.AES
.2
.

) e g ( n ) g (n n

structural hazard
subexponential function

subroutine

substitution

)substitution box (s-box

.
()


.

SPN
.

()
.
.

substitution cipher

79 /
.
-


substitution-permutation
network
supersingular curve
surjective function
swapping
symbol
symmetric cipher

SYN

symmetry
SYN flood attack
synchronous

tag
tamper


( )
.

tamper resistant
tapping
TCP Transmission
Control
Protocol/Internet
Protocol
TCP Transmission
Control
Protocol/Internet
Protocol
TEMPEST


( .
.

).

-

.

template attack

80 /

threat

( )

threshold
threshold cryptography



.
.

ticket

- -

time memory data trade


)off (TMTO

time- memory trade-off


attack

throughput

time stamp
timing attack


.
TM Turing Machine
TMTOTime Memory
Data Trade Off

token

( )

topology
total break
trace
tracing
tracking
tractable

.
-

trade-off
traffic analysis

81 /

transaction
transaction
authentication
transparency
transposition cipher

trapdoor function

trial and error


triple AAAA

DES

DES

triple DES


.
-
.
E k 1Dk 2 E k 1 .

Trojan horse

truncated differentials
attack

.
.

trust anchors
trust chain
)trust management (TM
)trusted third party(TTP

.
.

trustee
truth table
tunneling

82 /

Turing machine

.
Twofish

Twofish cipher

U
UDP

UDP scanning

.
UDP UDP

UDP tunneling

.

.

blinding function

unauthorized

unblinding function

uncertainty

unconditional security
unforgeability

unicity distance

unilateral authentication

.

.

unit

universal forgery attack

universal one-way hash


function

unkeyed hash function

unlinkability

untraceablity

)1
)2

urgent
user account
management

)3 .

user ID

83 /

validation
verification

("
)

verification & validation


)(V&V
verifier
verify
vernam cipher = one
time pad cipher
versatility
victim
virtual private network
)(VPN

virus

.
-
.
.

virus hoax

visited network

visual cryptography
vote
vote submission facility
)(VSF
vulnerability

vulnerability scanner

.


.

W
wardriving
.

warchalking

84 /

wardialing




.
Wi-Fi

wardriving

warez


.

.

warm site

IT
IT
.

warrant
watermarking



.
x y ) H(x)=H(y
.

weak collision resistance

weak hash function


weak key

web services

web site

web surfing

wetware

85 /

white hat hacker

.
.

whitening
Wildcard Character

.


.

()

wiretapping
withdrawn
witness
witness hiding protocol
witness
indistinguishability
word-oriented
work factor
workload
)world wide web (www
worm

wrapper

X
X.509


ITU .

XORExclusive OR
XSSCross Site
Scripting

zero knowledge proof


zero knowledge protocol

86 /
.

zeroization

CSP

.

ZK protoclZero
Knowledge protocol
zombie

87 /

Array
Maurers universal
statistical test
primality test
linear complexity
test
randomness test
serial test
run test
goodness of fit test
frequency test

penetration test

change point test

NSA(national
security agency)
Threshold

common
vulnerabilities and
exposures (CVE)
vulnerability

dumpster diving

data perturbation

confounder

Confusion

Awareness

computer
emergency
response team
(CERT)
Statistic

mixing

entropy

hyperexponential

88 /
hyper link

hyper text

audit reduction
tools
router audit
tool(RAT)
anonymizers

key revocation

control connection

connection oriented

concurrent
connection
resource exhaustion

prover
zero knowledge
proof
avalanche effect
fingerprint
effective
executive
authentication
electronic
authentication
(E-authentication)
message
authentication
transaction
authentication
deniable
authentication
mutual
authentication

challenge-response
authentication

unilateral
authentication
authentication,
authorization, and
accounting (AAA)
disruption

jamming
capture

89 /
alarm
crypto-anarchism

jammer

merge

internet service
provider (ISP)
inter host
communication
inheritance
assess
security evaluation

biased

bias

Trojan horse
federal information
processing
standards(FIPS)
public-key
cryptography
standards (PKCS):
strength
cryptographic
strength
eavesdropping
general deduction
deduction
bug

debug

authenticity

need to know
principle
= principle of least
privilege
information
sensitive
information
certificate-related
information
validation
credentials
pseudo-Mersenne
primes

90 /
Blum integers
accredit
acknowledgment
redundancy

exposure

obligation

algorithm

RSA algorithm
information
dispersal algorithm
(IDA)
BerlekampMassey
algorithm
probabilistic
algorithm
A5/1 encryption
algorithm
baby-step giantstep algorithm
escrow
key escrow
patent
signatory
signcryption

RSA


-

A5/1

electronic signature

designated
confirmer signature
= confirmer
signature
attack signature

digital signature

blind signature

group signature

proxy signature

computationally
secure
security

IP security
ideal security

IP

91 /
unconditional
security
proactive security

forward security

perfect forward
secrecy
heuristic security

data security

computer security

end to end security

graduated security

network security

provable security

adequate security

baseline security

communications
security(COMSEC)
conditional security
semantic security
accumulator
spread spectrum
transmission
key transport
effective key size

tapping

fairness

flexibility
binding
non-repudiation
plausible
deniability
ICMP
fingerprinting
priority
connection setup /
connection
establishment
flaw
safeguard
safety



ICMP

92 /
correlation
immunity
internet

bot
load
workload

key loader

forward(2)

inspection

key recovery
buffer

bacteria

acquirer

archive
misnamed
malware
connectionless
collision free
receipt-freeness
trade-off
seed

on-line

setupc

tag
security label
radio frequency
identification tag
(RFID tag)
collision
withdrawn
computer forensics
key establishment
applet
compromising
emanations

93 /
off-line
screen scrapping
characteristic
frequency
platform for
privacy preference
project(P3P)
datagram
packet



) (

package

pending

Bluetooth

virus hoax

ticket
logic bomb
point of present
(pop)
compromise

attack recovery

claw-free= clawresistant
clueless

real time

overdefined

critical security
parameter
countermeasure

handoff

accountability

purge

sanitization

digital envelope
application content
filtering
point of sale (PoS)
keystroke
monitoring

94 /
monitoring
site
hot site
warm site
cold site = shell site
web site
base

broadcast

diffusion

micro payment

macro payment

query

audit query

frequency hopping

protocol
Kerberos
authentication
protocol
file transfer
protocol(FTP)
cut-and-choose
protocol
witness hiding
protocol
dynamic host
configuration
protocol (DHCP)
Diffie-Hellman key
exchange = DiffieHellman key
agreement =
exponential key
exchange
commitment
protocol
station to station
key agreement
protocol (STS)
conference keying
protocol
dual encryption
protocol (DEP)
simple network
management

()
-

95 /
protocol (SNMP)

Fiat-Shamir
identification
protocol
group key
management
protocol (GKMP)
address resolution
protocol (ARP)
network time
protocol(NTP)
zero knowledge
protocol
backward

feedback
data remanence

back up(n)

back up(v)

bridge

concealment

hiding

information hiding
null
annihilator

on-to

mask

key wrap

masking

wrapper
electronic cash
dynamic
UDP scanning
port scanning
network scanner
vulnerability
scanner
bandwidth
implementation

UDP

96 /
challenge message

dummy message

blinded message

pager
algorithm
complexity
asymptotic space
complexity
linear complexity
data complexity

storage complexity

asymptotic time
complexity
computational
complexity
precursor

pre-paid payment

preprocess

console
forward(1)
proxy server
oracle
random oracle

configuration
security association
(SA)
module
loadable modules
Ping ( packet
internet groper)
infected attachment
unlinkability
link

chaotic function

fitness function

bent function
unblinding function

97 /
surjective function
combining function
hash function

collision free hash


function

unkeyed hash
function
strong hash
function
universal one-way
hash function

weak hash function

trapdoor function

subexponential
function
almost perfect
nonlinear function
(APN)
compression
function
one-way function

impact

potential impact

world wide web


(www)

) (

freshness
credentials service
provider
confirmation
linear
transformation
data conversion
affine
transformation
Hadamard
transform
adware
abstraction

integer
factorization
atomicity

atomicity,
consistency,

98 /
isolation and
durability (ACID)
aggregation
statistical
cryptanalysis
link analysis
business impact
analysis (BIA)
traffic analysis
differential
cryptanalysis
simple power
analysis (SPA)
linear cryptanalysis
(LC)
cluster analysis
cryptanalysis
steganalysis

integral
cryptanalysis
cryptanalyst
assignment
easter egg
Clipper chip

secure electronic
transaction (SET)
transaction

lexicographical
order= dictionary
order
network address
translate (NAT)
remediation

data restoration
cyber terrorist


()

vote submission
facility (VSF)
information sharing
dealer
misuse detection
anomaly detection

99 /
intrusion detection
random
randomness
filtering

egress filtering

email filtering

ingress filtering

assurance

matching

interaction

interactive

load balancing

generalization

swapping
separation of duties
symmetry
access request
linear sequential
circuit
approximation
(LSCA)
divide and conquer

split knowledge

computer fraud

monomial
nonce
fragmentation

fragment

honeypot

data integrity

distinguisher

indistinguishability

witness
indistinguishability
decentralization

birthday paradox

100/
sparse
versatility
resilient function
parity
balance
key agreement
topology
mesh
key distribution
scalable multicast
key distribution
(SMKD)
rekeying
key expansion
built-in
key schedule
UDP tunneling
tunneling
fragile watermark
threat
watermarking

) (


UDP

shift register
linear feedback
shift register
(LFSR)
non-linear feedback
shift register
(NFSR)
Log off =Log out
key notarization
key logger
Log on = Log in

ICMP sweep =
ping sweep
spyware

ICMP

101/
espionage

wiretapping

substitution

monoalphabetic
substitution
polyalphabetic
substitution
permutation
difference
distribution table
truth table

rainbow table

look up table

computer crime

cybercrime

data stream

exhaustive search
substitution box (sbox)
active S-box
permutation box
(P-Box)
fabrication
forgery
DNS spoofing
IP spoofing

DNS
IP

selective forgery

address spoofing

existential forgery
spoofing
spoofed
checksum
information
warfare

framework
rotation
cyclic

102/
message digest
data compaction
many to one
decimation
characteristic
polynomial
reciprocal
polynomial
poly alphabetic

multisignature

polynomial

primitive
polynomial
irreducible
polynomial
quartet

incident
liveness
(principal liveness)
attach

concatenate

adjoint

state

structural hazard
least privilege

privacy

account

accounting

sensitivity

bridge firewall

application level
firewall
circuit level
firewall
protection
data protection
boundary
protection
copyright

103/
copyleft
egress
loop

ICMP attacks
(Internet Control
Message Protocol
attacks)
attack

ICMP

clear channel
assessment attack
Smurf attack

saturation attack
SYN flood attack
forced delay attack
disclosure attack



SYN

template attack

clogging attak

reflection attack

chosen IV attack

cut and paste attack


closure attack

boomerang attack

DNS attack

DNS

preimage attack

pre-play attack

invasive attack

electromagnetic
analysis(EM)
attack
power analysis
attack
differential power
analysis attack
(DPA)
fault analysis attack
frequency analysis
attack
correlation power
analysis attack
(CPA)

104/
random attack
correcting block
attack
impossible
differential attack
truncated
differentials attack
linear
approximation
attack
replay attack
distinguishing
attack
algebraic attack
forward search
attack
brute force attack
exhaustive key
search attack
black-box attack
fabrication attack
universal forgery
attack
host impersonation
attack /server
spoofing attack
Impersonation
attack
gray hole attack
blended attack
guess and
determine attack
adversarial attack
key clustering
attack
insider attack
data-driven attack
insertion attack

interpolation attack

interleaving attack

doorknob rattling
attack
dot dot attack (..)

birthday attack

)..(

105/
timing attack
chaining attack
fixed-point
chaining attack
structural attack
linear consistency
attack
buffer overflow
attack
black hole attack
flooding attack
semi-invasive
attack
wardialing

warchalking

wardriving

phishing attack
generic attack
non-invasive attack
passive attack

man-in-the-middle
attack(MITM)
active attack

miss-in-the-middle
attack
key-only attack

ciphertext only
attack
physical attack

side channel attack

denial of quality of
service (DoQoS)

codebook attack

decoding attack

slide key attack

related-key attack

evasion attack
known IV attack

known plaintext

106/
attack
dictionary based
attack
chosen plaintext
attack
adaptive chosen
plaintext attack
chosen ciphertext
attack
indistinguishable
chosen-ciphertext
attack (IND-CCA)
adaptive chosen
ciphertext attack
indistinguishable
adaptive chosenciphertext attack
(IND-CCA2)
square attack

rectangular attack

misrouting attack

time- memory
trade-off attack

meet in the middle


attack
denial of
authentication
attack
denial of service
attack (DoS)
distributed denial
of service(DDoS)

Mitnick attack

fixed point attack

strobe

inversion attack

dictionary attack

correlation attack

linear syndrome
attack

connection
teardown
alignment property

107/
web services
centralized
directory service
leased line
policy
security policy
chinese wall
security policy
closed/open world
policy
erasure error
burst error
certification policy
linearization
relinearization
black webber
signature stripping
involution
autocorrelation
self synchronizing
self-synchronous
automaton
finite state
automaton
autonomous
autonomy







/





) (




database
data custodian
data mining

sensitive data

classified data

activation data

audit data
associated data


- -

data

asset

108/
entrapment

knowledge

granularity

arbiter
back door
algebraic immunity
degree
algebraic degree

decision tree

join - request

certification sign
request (CRS)
echo request
authorization
request
soundness
verification &
validation (V&V)
port

data port

gateway

circuit level
gateway
application
gateway
gate
inter realm
interpolation
scrambler
captured
hand shaking

interception

handshake

accessibility
access

manipulation

tamper

personal digital
assistant (PDA)
enemy

109/
opponent
notary

precision

decoy

implication
m-sequence =
maximum length
sequence
padding
keystream

bijective

binary

round

dual

sniffer

packet sniffer

sniffing

firewall

secret
ephemeral secret
administrative
vote
email
masquerader
masquerading
security incident

breach

rootkit

security hole

hack

grey hat hacker

white hat hacker

110/
hacker
hacking
access denied
trace
tracing
class
classifier
classification
BPP complexity
class
abstract class
run (of a sequence)
notarization
digital
application relay
cipher



BPP

Twofish cipher

Twofish

one-time-pad
cipher
Playfair cipher

forward cipher

product cipher

probabilistic
encryption
transposition cipher

substitution cipher

auto-key cipher

additive stream
cipher
stream cipher

cryptoperiod

Caesar cipher

enciphered

encrypted

code breaker

block cipher

Camellia cipher

111/
public key cipher

probabilistic
public-key
encryption
encipher

symmetric cipher

cascade cipher

mixing cipher

asymmetric cipher
vernam cipher

ciphony

code maker

cryptological

cryptologist

cryptology

encrypt

encryption

broadcast
encryption
hybrid encryption
authenticated
encryption (AE)

multiple encryption

deniable encryption

data encryption

double encryption

end to end
encryption
deterministic
encryption
ElGamal publickey encryption

Rabin public-key
encryption

all-or-nothing
encryption
decryption
data deciphering

112/
data decryption

decipher

decrypt

cryptographer

cryptography

threshold
cryptography
visual cryptography
lightweight
cryptography
quantum
cryptography
financial
cryptography (FC)
elliptic curve
cryptography

cryptogram

cryptographic

classic ciphers

Pollard p-1 method

p-1

assessment method

Pollard Rho
method
blind carbon copy
(BCC)
event


)..(

event oriented

event logger

log
logging

procedure
assessment
procedure
tracking
risk

zombie

113/
scavenge
policy description
language (PDL)
architecture
description
language(ADL)
hypertext markup
language (HTML)
run time





)(

expiry time

setup time

polynomial time
mission time
chain
trust chain
chain of custody
key pair
cross certificate
pair
subroutine
public key
Infrastructure (PKI)
decimated
subsequence
infrastructure

biometrics(2)

biometrics(1)

audit record
Feistel construction

Merkle-Damgard
construction
compatibility

cache consistency

mechanism

information system

high impact system

backup system
intrusion detection
system (IDS)

114/
network IDS base

embedded system

cryptosystem

secret key
cryptosystem
McEliece
cryptosystem
private key
cryptosystem

shared key
cryptosystem

conventional
cryptosystem
network file system
(NFS)
perfectly secure
system
low impact system
domain name
system (DNS)
shadow
mode
operating mode

output feedback
mode(OFB)
cipher feedback
mode(CFB)
cipher block
chaining
mode(CBC)
counter mode=
integer counter
mode, segmented
integer counter
mode
integer counter
mode(ICM)=
Counter mode
electronic
codebook operating
mode
(ECB)
hardware-oriented
over flow

115/
header
authentication
header (AH)
global
overhead
end to end
buffer overflow

clickjacking

kleptography

hijacking

acronym

level of
significance
significance level

criticality level

trial and error

firmware

whitening

key whitening

electronic coin

audit trail

document

abuse
active misuse

black hole

black hat

fair cryptosystem

mass mail (MM)

flooding
ICMP flood


ICMP

master key

network

mix net

virtual private
network (VPN)
Ad hoc network

116/
botnet

network weaving

honeynet

substitutionpermutation
network
private network

local area network


(LAN)
personal area
network (PAN)
visited network

metropolitan area
network
local area network
(LAN)
pseudoprime

pseudo collision

pseudorandom

pseudo attack
trusted third
party(TTP)
transparency
gap of a sequence

total break

academic break

break

malleability

non-malleable

personal
identification
number (PIN)
probabilistic
signature scheme
(PSS)
identification
identity
security identifier
(SID)
distinguishing
identifier
digital ID
user ID

117/
cover object

cardholder

card issuer

content filter
certification and
accreditation
(C&A)
authorization
zeroization
algebraic normal
form(ANF)
formal

antivirus

work factor

warrant

implicit

security
classification
stage
schnorr signature
scheme
ElGamal signature
scheme
disaster recovery
plan (DRP)
business recoveryrsumption plan
(BRP)
business continuity
plan (BCP)
secret sharing
scheme
contingency plan
Niederreiter
encryption scheme
scheme
discard
principal
block length=block
size

118/
duration

long term

agent
solving factor (SF)
agent based

passphrase

branch number

safe prime

strong prime

strong pseudoprime

Mersenne number

smooth integer

coercion resistance

incoercibility

uncertainty
badge
life time
action
operand
fault
fault detection

general number
field sieve
sieving

dominate

non-interactive

nonlinearity
unforgeability

untraceablity

unauthorized

non-malicious

unicity distance

119/
edit distance

hamming distance

meta data
letter frequency
process
Kerckhoffs
assumption
data compression

cyberspace

state space

keyspace
miss
information
technology (IT)
urgent
check list
public directory
blacklist
access control list
(ACL)
certificate
revocation list
(CRL)

) (






) (

frame

breakable

reliability

availability

auditability

interoperability
block (1)
content format
legitimate
accept
contract
victim
chinese remainder
theorem (CRT)

120/
bayes theorem
abort

disconnection

outage

deterministic

cracked

warez

cracker

cracking

hook

realm

constraint

efficiency

misfeasor

application

credit card

debit card

smart card

client

server

secure channel

covert channel

chaffing and
winnowing
codebook
code

BCH code

BCH

MDS code

MDS

message
authentication code
(MAC)
modification
detection code
(MDC)
error detection code
manipulation
detection code

121/
error correction
code
cyclic code
hard-code
exploit code

Opcode (operand
code)
Goppa code

message integrity
code (MIC)

encoder

coding

encode

decoder
decode

bound

worm

password
cookie
key
running key
preshared key

primary key

derived key

session key

private key

round key

weak key

passkey

related key

ephemeral key

semi-weak key

public key
bypass
configuration
control
access control

122/
discretionary
access control
short term
blinding
electronic wallet
performance
end user
authentication
server (AS)
access server
network access
server (NAS )
ID Code
doll code
word-oriented

passcode
throughput
one-time password
handler
cyclic group
node
MIME(Multipurpos
e Internet Mail
Extension)
bottleneck
anonymous
anonymity
digital evidence
witness
certification
certificate of
primality
(or primality
certificate)
self-signed
certificate
cross certification
bad certificate

123/
certificate
dual-use certificate
digital certificate
scrip
gopher

layer
data link layer
secure socket layer
(SSL)
application layer
Optimal
Asymmetric
Encryption Padding
(OAEP)
jitter

abrogate

encapsulation

trust anchors

backbone
Turing machine

finite-state machine

information system
security officer
(ISSO)
missionability

persistent

electronic data
interchange
key exchange

bit-oriented

event driven

host-based

baselining

coprime
adversary
cleartext = plaintext

124/
plaintext

ciphertext

alternating

balanced

) (

counterexample

false positive

authorized
eligibility
access authority
attribute authority
firewall ruleset
local registration
authority (LRA)
distributed
computing
high assurance
guard
(HAG)
guard (system
guard)
active content
access restriction
confidentiality
forward secrecy
firewall
environment
pervasive
computing
environment
IT-related risk
repository
message concealing
entry
duplicate digital
evidence
claimant








)(




IT

probabilistic model

client/server model

analytic modeling

trust management
(TM)

125/
user account
management
key management
due care
regional authority
(RA)
latin square
resiliency order
order
certification
authority (CA)
authority
connection
handling stage
network
information center
(NIC)
key translation
center (KTC)
root CA
key distribution
Center(KDC)
browser
satisfiability
problem
hard problem
intractable problem
= hard problem
knapsack problem
discrete logarithm
problem
closest vector
problem(CVP)
single-hop problem
cyber liability

NP Problems

p-problems
representation
problem

hardening

126/
block (2)

DNS cache
poisoning
filtering router

DNS

loose source
routing
source routing

lattice
characteristic
time memory data
trade off (TMTO)

--

approved

reliable

Diophantine
equation
accreditation
trustee
mere semantics
evaluation metric
bit independent
criterion (BIC)
propagation
criterion
strict avalanche
criterion (SAC)
measure of
roughness
wetware
robustness
tamper resistant

Merkle-Damgard
strengthening
collision resistance

preimage resistance

second preimage
resistant weak
weak collision
resistance

127/
strong collision
resistance
initial value (IV)
integrity check
value (ICV)
initialization
preamble

scalable

iterated

copy protection
audit
security audit
supersingular curve
BAN logic
description logic
audit logic
demilitarized zone
(DMZ)
deny
false negative
key generation
material
national institute of
standard and
technology(NIST)
generator
random number
generator
pseudo-random
number generator
(PRNG)
stop-and-go
generator
shrinking generator
clock-controlled
generator
alternative step
generator
BlumBlumShub
generator
self-shrinking
generator



BAN







--

128/
component

attacker

tractable

time stamp

data seal
interleaving
field
splitting field
finite field

) (

host to LAN

bastion host

host to host

--

million instrument
per second (MIPS)

insecurity

negligible

hub

alias

pseudonym

nonpersistent

remailer

mailbox

navigation
asynchronous
script

cross site
scripting(XSS)
false acceptance
rate
software-oriented

malicious software

token
authentication
token
cryptographic
token
address

129/
information
leakage
session hijacking

complexity theory

computational
complexity theory
peer to peer

intrusion

penetration

intruder

net-mask

security violation

mapping

bouncer (BNC)

maintenance

connection
maintenance
symbol

big-O notation
firewall control
proxy
application proxy

profile

salting

salt

histogram

activity diagram

noise

character
Wildcard Character

caching
multilevel caching

steganography

linguistic
steganography
stego-object

130/
verify

verifier
verification

invertible
interface
application
programming
interface (API)
network interface
reactive
web surfing
access control entry
(ACE)
hamming weight

patch

status

aggressive mode
adaptability

adaptive

interruption

virus
stealth virus
spy virus

polymorphic virus

metamorphic virus

boot sector virus


macro virus

memory-resident
virus
attribute

completeness
property
complementation
property
homomorphism
property

isomorphic

131/
property

spam
spammer
entity
ontology
kernel
alert
alignment
correlation

cross correlation

alert correlation

overlap
concurrent
synchronous
consistency
homogeneous
omnipresent
always trusted

exclusive OR
(XOR)
message integrity
data message
integrity
integrity
integration
monotone
unit

triple DES

DES

m-resilient

-m

MIPS-year

-MIPS

NP-complete
NP-hard

r-collision

-NP
NP
-r

132/
-1
.1385
-2 .85
-3 .1383
-4 1383
-5 .1387
-6 .83
-7 .1385
-8 : : :
.1385
-9 - - :
.1386
-10
- .1386
-11 .1385
-12
.
-13
.1384
-14 .
.1385
-15 . .1383
-16 .1386
-17 .

133/
.1387 -18
. -19
. -20

21. Handbook of Applied Cryptography, Menezes, A.J., P.C. van Oorschot, and S.A. Vanstone, CRC
Press, Boca Raton, FL, 1997.
22. Encyclopedia of Cryptography and Security, Edited by Henk C. A. van Tilborg, Springer
Science, 2005.
23. Handbook of Database security Applications and Trends edited by MichaelGertz, SushilJajodia,
SpringerScience,2008.
24. Encyclopedia of cryptology, David E. Newton, ABC-CLIO, California 1997.
25. Microsoft Encyclopedia of Security, Mitch Tulloch. , Microsoft Press, 2003.
26. Dictionary of Information Security, Robert Slade, Syngress, 2006.
27. ISO/IEC 2382-8:1998, 2th Ed: information technology Vocabulary Part 8: Security.
28. National information systems security (INFOSEC) GLOSSARY.
29. Glossary of Key Information Security Terms, NIST IR 7298, Richard Kissel, April 2006.
30. Applied Cryptography, Bruce Schneier, second edition, John Wiley, 1996.
31. Modern Cryptography: theory and practice, Webno Mao, Prentice Hall, 2004.
32. Network Security Essentials: Application and Standards, William Stallings,Prentice Hall,1999.
33. Information Security Glossary, Primode, March 2003.
34. National Information Assurance (IA) Glossary, Keith B. Alexander, Revised June 2006.
35. http://www.wikipedia.org.
36. http://www.yourwindow.to/information-security/index.htm.
37. http://www.ciphersbyritter.com/GLOSSARY.HTM.
38. http://www.businesslink.gov.uk.
39. http://www.itsecurity.com/security.htm?s=93.
40. http://www.pki.vt.edu/help/glossary.html.
41. http://www.rsa.com/rsalabs/node.asp?id=2373.
42. http://tldp.org/HOWTO/Apache-WebDAV-LDAP-HOWTO/glossary.html.
43. http://download.oracle.com/docs/cd/A58617_01/network.804/a54088/gls.htm#423707.