3. Cryptography and Encryption

AES

Advanced Encryption Standard: Symmetric encryption algorithm widely used globally

AES-256

Advanced Encryption Standards 256-bit: AES implementation using 256-bit key length

CBC

Cipher Block Chaining: Mode of operation for block ciphers

CFB

Cipher Feedback: Mode of operation for block ciphers

CTM

Counter Mode: Mode of operation for block ciphers

DES

Digital Encryption Standard: Older encryption algorithm now considered insecure

DHE

Diffie-Hellman Ephemeral: Key exchange protocol providing forward secrecy

ECC

Elliptic Curve Cryptography: Public-key cryptography based on elliptic curve theory

ECDHE

Elliptic Curve Diffie-Hellman Ephemeral: Key exchange mechanism providing forward secrecy

ECDSA

Elliptic Curve Digital Signature Algorithm: Digital signature algorithm using elliptic curves

EFS

Encrypted File System: Microsoft Windows feature for file encryption

ESP

Encapsulated Security Payload: Part of IPsec protocol suite providing encryption

FDE

Full Disk Encryption: Encryption of entire contents of a storage device

GCM

Galois Counter Mode: Mode of operation for symmetric key cryptographic block ciphers

GPG

Gnu Privacy Guard: Free implementation of OpenPGP standard

HMAC

Hashed Message Authentication Code: Specific type of message authentication code involving a hash function

HSM

Hardware Security Module: Physical device managing digital keys and performing cryptographic functions

IDEA

International Data Encryption Algorithm: Symmetric-key block cipher

IKE

Internet Key Exchange: Protocol used to set up security associations in IPsec

IPSec

Internet Protocol Security: Protocol suite securing IP communications through authentication and encryption

IV

Initialization Vector: Input to cryptographic primitive to ensure unique ciphertexts

KDC

Key Distribution Center: Part of a cryptosystem that distributes keys

KEK

Key Encryption Key: Key used to encrypt other keys

MAC

Message Authentication Code: Information used to verify message authenticity

MD5

Message Digest 5: Widely used (now insecure) cryptographic hash function

P12

PKCS #12: Archive file format for storing private keys with certificates

PBKDF2

Password-based Key Derivation Function 2: Key derivation function with a configurable number of iterations

PEM

Privacy Enhanced Mail: Format for storing and sending cryptographic keys

PFS

Perfect Forward Secrecy: Property preventing past session key compromise

PGP

Pretty Good Privacy: Encryption program providing cryptographic privacy and authentication

PKCS

Public Key Cryptography Standards: Specifications for public-key cryptography

PKI

Public Key Infrastructure: Set of roles, policies, and procedures for creating and managing digital certificates

PSK

Pre-shared Key: Shared secret which is known by parties before communication

RC4

Rivest Cipher version 4: Stream cipher once widely used in protocols like WEP

RIPEMD

RACE Integrity Primitives Evaluation Message Digest: Family of cryptographic hash functions

RSA

Rivest, Shamir, & Adleman: Public-key cryptosystem for secure data transmission

S/MIME

Secure/Multipurpose Internet Mail Extensions: Standard for public key encryption and signing of email

SED

Self-encrypting Drives: Storage devices that encrypt all data automatically

SHA

Secure Hashing Algorithm: Family of cryptographic hash functions

SSL

Secure Sockets Layer: Legacy protocol for encrypted communications (replaced by TLS)

TLS

Transport Layer Security: Cryptographic protocol securing communications over networks

TSIG

Transaction Signature: Provides authenticated DNS transactions

XOR

Exclusive Or: Logical operation often used in cryptography