Cryptography glossary
This is a list of some of the more common cryptographic terms and their meanings.
| Term | Definition |
|---|---|
| Asymmetric key algorithms | Those ciphers that require one key to encrypt and a different key to decrypt. |
| Attack | Any process of trying to bypass encryption without the key or get unauthorized access to a key. |
| Brute force attack | An attack which attempts every possible password combination. They guarantee a correct answer, but usually take too long to be feasible. Also known as an exhaustive search. |
| Cipher | Any algorithm that converts plaintext into ciphertext. Examples include the Caesar cipher, one-time pad, and many others. |
| Ciphertext | Ciphertext is information that has been encrypted through a cipher and is no longer readable. Before it has been encrypted, it is called plaintext. |
| Crack | The process of deciphering information without needing the key or by guessing the key. In cryptography, the goal is to make ciphers that are uncrackable. |
| Decrypt | The act of deciphering information to its original plainly readable form through the use of a key. |
| Defeat | The act of circumventing a system to get secret information. This can include cracking a cipher, obtaining keys through theft or subterfuge, or any other manner. |
| Encrypt | The act of enciphering information so that it cannot be plainly read without first decrypting it using a key. |
| Hash | The result of putting information through a hash function. |
| Hash function | A algorithm that converts an arbitrary amount of information into a fixed-length of information called a hash. Hash functions are one-way so the original information cannot be recovered from the hash. |
| Key | The information necessary to decrypt information that has been encrypted. This is different than a password which is an easily-remembered piece of information that is usually converted into a key. |
| Lookup attack | An attack which uses a premade list to defeat a cipher, examples include a dictionary attack and a rainbow attack. Lookup attacks are often defeated by using a salt. |
| Man in the middle attack | An attack where someone intercepts an encrypted message, and replaces it with a different message. |
| Nonce | A one-time random salt used to prevent attacks like a replay attack. |
| Password | A password is a piece of information that can be remembered which is used to generate a key to decrypt ciphertext. |
| Plaintext | Plaintext refers to readable information before it has been encrypted. Once plaintext has been encrypted, it becomes ciphertext. |
| Private key | A key that must only be known to the sender and recipient in order for the encryption to be secure. Most traditional ciphers use a private key. |
| Pseudorandom | Something that appears random, but isn't. Most values generated by computers are actually pseudorandom rather than random. |
| Public key | A key that is made public, and can be used to encrypt plaintext into ciphertext that can only be decrypted with a private key. |
| Public key encryption | A form of encryption where a public key is generated from a private key. The public key is made freely available, and when plaintext is encrypted, it should only be able to be decrypted with the private key. |
| Random | A produced value that cannot be predicted. Random values are extremely difficult to produce, and are usually pseudorandom. |
| Salt | Information added to plaintext before being hashed or encrypted to help prevent lookup attacks. |
| Symmetric key algorithms | Those ciphers that can be encrypted and decrypted with the same key. Most traditional ciphers use a symmetric key algorithm. |
| Trapdoor function | A mathematical function that is easy to compute one-way, but difficult to compute in reverse. Trapdoor functions are found in asymmetric key algorithms for public key encryption. |
