Glossary of Security Terms

This glossary contains commonly used security terms. Links to appropriate web sites and additional information are included.

Cryptography		The art of protecting information by transforming it (encrypting it) into an unreadable format, called cyphertext.
Decryption		The act of retrieving the original message from its encrypted form. See Encryption.
DES		Short for Data Encryption Standard. A popular symmetric-key encryption method developed in 1975 and standardized by ANSI in 1981 as ANSI.X.3.92. DES uses a 56-bit key and is illegal to export out of the U.S. or Canada.
Encryption		The act of making a given message unreadable by some kind of transformation.
PGP		Short for Pretty Good Privacy. A technique for encrypting messages developed by Philip Zimmerman. PGP is one of the most common ways to protect messages on the internet because it is effective, easy to use, and free. PGP is based on the public-key method of encryption which uses two keys. One is a public key that you disseminate to anyone from whom you wish to receive a message. The other is a private key that you use to decrypt messages that you receive.
Public-Key Cryptography		A cryptographic system that uses two keys: a public key known to everyone and a private or secret key known only to the recipient of the message.
RSA		Rivest, Shamir, Adleman. This is a public key algorithm where security is accomplished by using a pair of keys; one public, one private. The only key whish will decrypt a message encrypted with the public key is the corresponding private key and vice-versa. More information on this algorithm is available at: http://www.rsa.com/.
SSL		Secure Socket Layer. An open, non-proprietary security protocol designed by Netscape Corporation. It is designed for Internet commerce and provides security features such as encryption, authentication, and message integrity. SSL uses the RSA algorithm. More information on SSL may be found at: http://www.netscape.com/newsref/std/SSL.html.
Symmetric-Key Cryptography		An encryption system in which the sender and receiver of a message share a single, common key that is used to both encrypt and decrypt the message.