Header image  
line decor
line decor


Glossary of cryptographic terms


Advanced Encryption Standard

The Advanced Encryption Standard will be the new standard cryptographic algorithm for use by U.S. government organizations to protect sensitive (unclassified) information. The algorithm Rijndael was chosen out of a group of contending algorithms. It is intended as the successor for DES. Newer versions of PGP and GPG feature support for AES.

Chosen Plain Text Attack

This is the next step up from the Known Plain Text Attack. In this version, the cryptanalyst can choose what plain text message he wishes to encrypt and view the results, as opposed to simply taking any old plain text that he might happen to lay his hands on. If he can recover the key, he can use it to decode all data encrypted under this key. This is a much stronger form of attack than known plain text. The better encryption systems will resist this form of attack.


A chip developed by the United States Government that was to be used as the standard chip in all encrypted communications. Aside from the fact that all details of how the Clipper chip work remain classified, the biggest concern was the fact that it has an acknowledged trap door in it to allow the government to eavesdrop on anyone using Clipper provided they first obtained a wiretap warrant. This fact, along with the fact that it can't be exported from the United States, has led a number of large corporations to oppose the idea. Clipper uses an 80 bit key to perform a series of nonlinear transformation on a 64 bit data block.

Data Encryption Standard

A data encryption standard developed by IBM under the auspices of the United States Government. It was criticized because the research that went into the development of the standard remained classified. Concerns were raised that there might be hidden trap doors in the logic that would allow the government to break anyone's code if they wanted to listen in. DES uses a 56 bit key to perform a series of nonlinear transformation on a 64 bit data block. Even when it was first introduced a number of years ago, it was criticized for not having a long enough key. 56 bits just didn't put it far enough out of reach of a brute force attack. Today, with the increasing speed of hardware and its falling cost, it is feasible to build a machine that could crack a 56 bit key in under a day's time as demonstrated by EFF's DES Cracker Project.

For this reason, triple-DES or 3DES is introduced. It uses single-DES to encrypt the data, then to "decrypt" it with another key and encrypt the result again with another key. The resulting encryption is as strong as a hypothetical 112-bit DES.

Electronic Frontier Foundation

The Electronic Frontier Foundation (EFF) was founded in July 1990, to assure freedom of expression in digital media, with a particular emphasis on applying the principles embodied in the Constitution and the Bill of Rights to computer-based communication. For further information, contact:

1001 G St., NW
Suite 950 East
Washington?DC 20001
United States of America
+1 202 347 5400
+1 202 393 5509

International Data Encryption Algorithm

Developed in Switzerland and used in PGP 2.x as the symmetrical encryption algorithm. For non-commercial use in PGP licensing fees are waved, for commercial use licenses must be purchased (see What's with the patent on IDEA?). IDEA uses a 128 bit user supplied key to perform a series of nonlinear mathematical transformations on a 64 bit data block.

International Traffic in Arms Regulations

ITAR are the regulations covering the export of weapons and weapons related technology from the United States.

Key Escrow

In general, key escrow means that a copy of the secret key needed to decrypt something is stored with a third party. This can be a notary or a bank, who will keep it safely for you, in case you lose your key, or when you die, in which case your relatives might need access to your encrypted material.

It is also common in business. When an employee has encrypted material on his company computer, and he leaves, gets fired, or dies unexpectedly, the company might not be able to decrypt the material. This can cost them a lot of money, especially when the employee was working on something very important. For this reason, a copy of the secret key is usually kept by one or more supervisors, who can then decrypt the material if necessary. To ensure that a supervisor does not abuse this power, the key can be split amongst several persons, who have to work together to restore the key.

Thanks to the US Clipper initiative, this term is now more or less synonymous with government key escrow, where the government keeps a copy of all the secret keys in the country. This allows them to read all encrypted messages being sent, usually for reasons of national security. Many people object to this type of key escrow, as it can be used to invade people's privacy very easily.

Known Plain Text Attack

A method of attack on a crypto system where the cryptanalyst has matching copies of plain text, and its encrypted version. With weaker encryption systems, this can improve the chances of cracking the code and getting at the plain text of other messages where the plain text is not known.

Message Digest Algorithm #5

The message digest algorithm used in PGP is the MD5 Message Digest Algorithm, placed in the public domain by RSA Data Security, Inc. MD5's designer, Ronald Rivest, writes this about MD5:

It is conjectured that the difficulty of coming up with two messages having the same message digest is on the order of 264 operations, and that the difficulty of coming up with any message having a given message digest is on the order of 2128 operations. The MD5 algorithm has been carefully scrutinized for weaknesses. It is, however, a relatively new algorithm and further security analysis is of course justified, as is the case with any new proposal of this sort. The level of security provided by MD5 should be sufficient for implementing very high security hybrid digital signature schemes based on MD5 and the RSA public-key cryptosystem.

Million Instructions Per Second

MIPS stands for Million Instructions Per Second. Usually, this is an indicator of the computer's brute force power. A MIPS-year is approximately the amount of computing done by a 1 MIPS computer in one year.

Multiple Precision Integer Library

This is the common name for the set of RSA routines used in PGP 2.3a and previous, as well as the international versions of PGP. It is alleged to violate PKP's RSA patent in the USA, but is not otherwise restricted in usage. It retains its popularity abroad because it outperforms RSAREF and has fewer legal restrictions as well.

National Security Agency

The following information is from the sci.crypt FAQ:

The NSA is the official communications security body of the U.S. government. It was given its charter by President Truman in the early 50's, and has continued research in cryptology till the present. The NSA is known to be the largest employer of mathematicians in the world, and is also the largest purchaser of computer hardware in the world. Governments in general have always been prime employers of cryptologists. The NSA probably possesses cryptographic expertise many years ahead of the public state of the art, and can undoubtedly break many of the systems used in practice; but for reasons of national security almost all information about the NSA is classified.

One Time Pad

The one time pad is the only encryption scheme that can be proven to be absolutely unbreakable! It is used extensively by spies because it doesn't require any hardware to implement and because of its absolute security. This algorithm requires the generation of many sets of matching encryption keys pads. Each pad consists of a number of random key characters. These key characters are chosen completely at random using some truly random process. They are not generated by any kind of cryptographic key generator. Each party involved receives matching sets of pads. Each key character in the pad is used to encrypt one and only one plain text character, then the key character is never used again. Any violation of these conditions negates the perfect security available in the one time pad.

So why don't we use the one time pad all the time? The answer is that the number of random key pads that need to be generated must be at least equal to the volume of plain text messages to be encrypted, and the fact that these key pads must somehow be exchanged ahead of time. This becomes totally impractical in modern high speed communications systems.

Among the more famous of the communications links using a one time pad scheme is the Washington to Moscow hot line.

Pretty Good Privacy

The program we're discussing. See question What is PGP?.


RSA is the public key encryption method used in PGP. RSA are the initials of the developers of the algorithm. The basic security in RSA comes from the fact that, while it is relatively easy to multiply two huge prime numbers together to obtain their product, it is computationally difficult to go the reverse direction: to find the two prime factors of a given composite number. It is this one-way nature of RSA that allows an encryption key to be generated and disclosed to the world, and yet not allow a message to be decrypted.


This is the free library RSA Data Security, Inc., made available for the purpose of implementing freeware PEM applications. It implements several encryption algorithms, including (among others) RSA. MIT PGP uses RSAREF's RSA routines to avoid the alleged patent problems associated with other versions of PGP.

Rubber-hose cryptoanalysis

A term coined by Marcus J. Ranum to describe the method of breaking a cryptographic key by beating the owner with a rubber hose until he reveals his key, a method practiced in many repressive regimes. It is also used for describing other, less brutal, situations where the owner is forced to give up his keys (see Can I be forced to reveal my pass phrase in any legal proceedings?).


TEMPEST is a standard for electromagnetic shielding for computer equipment. It was created in response to the fact that information can be read from computer radiation (e.g., from a CRT) at quite a distance and with little effort. Needless to say, encryption doesn't do much good if the cleartext is available this way. The typical home computer would fail all of the TEMPEST standards by a long shot. So, if you are doing anything illegal, don't expect PGP or any other encryption program to save you. The government could just set up a monitoring van outside your home and read everything that you are doing on your computer.


To be done.


To be done.


To be done.


To be done.







Nie Jingfeng的公钥