A level CS (9618) 17 Security

Eavesdropper

a person who intercepts data being transmitted.

Plaintext

the original text/document/message before it is put through an encryption algorithm.

Ciphertext

the product when plaintext is put through an encryption algorithm.

Block cipher

the encryption of a number of contiguous bits in one go rather than one bit at a time.

Stream cipher

the encryption of bits in sequence as they arrive at the encryption algorithm.

Block chaining

form of encryption, in which the previous block of ciphertext is XORed with the block of plaintext and then encrypted thus preventing identical plaintext blocks producing identical ciphertext.

Symmetric encryption

encryption in which the same secret key is used to encrypt and decrypt messages.

Key distribution problem

security issue inherent in symmetric encryption arising from the fact that, when sending the secret key to a recipient, there is the risk that the key can be intercepted by an eavesdropper/ hacker

Asymmetric encryption

encryption that uses public keys (known to everyone) and private keys (secret keys).

Public key

encryption/decryption key known to all users.

Private key

encryption/decryption key which is known only to a single user/computer.

Quantum cryptography

cryptography based on the laws of quantum mechanics (the properties of photons).

Quantum key distribution (QKD)

protocol which uses quantum mechanics to securely send encryption keys over fibre optic networks.

Qubit

the basic unit of a quantum of information (quantum bit).

Secure Sockets Layer (SSL)

security protocol used when sending data over the internet.

Transport Layer Security (TLS)

a more up-to-date version of SSL.

Handshake

the process of initiating communication between two devices. This is initiated by one device sending a message to another device requesting the exchange of data.

Session caching

function in TLS that allows a previous computer session to be 'remembered

Certificate authority (CA)

commercial organisation used to generate a digital certificate requested by website owners or individuals.

Public key infrastructure (PKI)

a set of protocols, standards and services that allow users to authenticate each other using digital certificates issued by a CA.

Digital signature

electronic way of validating the authenticity of digital documents (that is, making sure they have not been tampered with during transmission) and also proof that a document was sent by a known user.

Digest

a fixed-size numeric representation of the contents of a message produced from a hashing algorithm. This can be encrypted to form a digital signature.

Hashing algorithm (cryptography)

a function which converts a data string into a numeric string which is used in cryptography.

Digital certificate

an electronic document used to prove the identity of a website or individual. It contains a public key and information identifying the website owner or individual, issued by a CA.