Professional Documents
Culture Documents
2. Root CA
The highest level CA in a certification hierarchy. All certificates are traceable back to
the root CA; and thus the root must be the most trusted CA.
3. RSA
The first significant asymmetric cryptographic algorithm; it represents the inventors
namely, Rivest, Shamir and Adleman.
4. ECDSA
Elliptic Curve Digital Signature Algorithm (ECDSA) is a Digital Signature Algorithm
(DSA) which uses keys derived from elliptic curve cryptography (ECC).
5. Key Pair
In an asymmetric algorithm, refers to the private key and its matching public key.
6. Private key
The part of an asymmetric key pair that is not revealed by the owner. The term
secret key is different referring to a symmetric key.
7. Public key
The part of an asymmetric key pair that is exposed to the public or external
parties. This key is used by other parties to communicate securely with the
owner of the key.
8. Certificate
Certificate is a means of providing one’s identity in electronic transactions
(similar to a driver’s license or a passport in the face-to-face interactions) or a
mechanism for publicising public keys in such as way that vouchsafes the
owners’ identities and optionally their attributes as well. Technically, a certificate
is an electronic document that includes the name, public key, name of the issuer,
the validity period of the certificate and the digital signature of the issuer. A set of
attributes of the owner that is relevant to the certificate application can be
included on an optional basis. All information about the owner of the certificates
are verified by the issuer or CA. As such, the relying party of the certificate, such
as friends, business associates and on-line service providers are assured that
the electronic information received are authentic. Certificate format is governed
by the X.509 standard. Certificates are also known as “public key certificates”,
“digital certificates” or “digital IDs”.
9. Subordinate CA
A subordinate certificate issued by the root certificate authority to issue end-entity
server certificates.
.
10. PKI
“Public Key Infrastructure”, the PKI describes the layout, techniques, management,
methodologies and other similar concepts that support a public cryptographic system.
12. Token
A portable, personal hardware device, typically a PC card or smart card, used to
carry users’ private key(s), providing physical security as that of private key(s) stored
in the token. Modern tokens have sufficient processing power to generate user keys
internally, and to sign and verify the digital signatures.
13. SHA
“Secure Hash Algorithm”; see also hash.
14. Hash
An efficient one-way function that transforms an input file into a fixed length data
string. Documents are hashed during the calculation of a digital signature, in
order to reduce the computation involved in the encryption that follows, and to
produce a standard length result. This step provides integrity as any change to
the input file results in a change to the hash value. Hash algorithms may be
public domain or secret. Examples include MD5 and SHA256.
Key length is equal to the number of bits in an encryption algorithm’s key. A short key
length means poor security. However, a long key length does not necessarily mean
good security. The key length determines the maximum number of combinations
required to break an encryption algorithm.
If a key is n bits long, then there are two to the nth power (2n) possible keys. For
example, if the key is one bit long, and that one bit can either be a zero or a one,
there are only two possible keys, 0 or 1. However, if the key length is 40 bits long,
then there are 240 possible keys.