Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.
OCR for page 353
Page 353 B Glossary A ACCESS (to a system, to data, to a software process)(n.) in general, the right to enter or make use of. In a computer context, entry granted to a software path that establishes the right to use a system and its resources; to read, write, modify, or delete data; and/or to use software processes with various capabilities. (v.) to achieve the status of having access. ACCESS CONTROLthe granting or denying to a subject of certain permissions to access a resource (e.g., to view a certain file, to run a certain program). ALGORITHM AND KEY LENGTHthe combination of cryptographic algorithm and its key length(s) often used to establish the strength of an encryption process. ASSURANCEconfidence that a system design meets its requirements, or that its implementation meets its specification, or that some specific property is satisfied. ASYMMETRIC CRYPTOGRAPHY (also public-key cryptography) cryptography based on algorithms that enable the use of one key (a public key) to encrypt a message and a second, different, but mathematically related, key (a private key) to decrypt a message. Asymmetric cryptography can also be used to perform digital signatures and key exchange.
OCR for page 354
Page 354 AUDITINGthe process of making and keeping the records necessary to support accountability. See audit trail. AUDIT TRAILthe results of monitoring each operation of subjects on objects; for example, an audit trail might be a record of all actions taken on a particularly sensitive file or a record of all users who viewed that file. AUTHENTICATION (OF IDENTITY)an adjunct step to identification that confirms an asserted identity with a specified, or understood, level of confidence. Authentication can be used to provide high assurance that the purported identity is, in fact, the correct identity associated with the entity that provides it. The authentication mechanism can be based on something that the entity knows, has, or is (e.g., a password, a smart card that uses some encryption or random number for a challenge-response scheme, or a fingerprint). AUTHENTICATION OF A MESSAGE (OR A FILE)the process of adding one or more additional data elements to communications traffic (or files) to ensure the integrity of the traffic (or files). Such additional elements are often called ''message authenticator(s)" and would be an example of an integrity lock. AUTHENTICITYa security service that provides a user with a means of verifying the identity of the sender of a message, a file, a computer system, a software process, or even a database or individual software component. AUTHORIZATIONdetermining whether a subject (a user or system) is trusted to act for a given purpose, for example, allowed to read a particular file. AVAILABILITYthe property that a given resource will be usable during a given time period, for example, that an encrypted file can be decrypted when necessary. B BACK DOORan aspect of a system's mechanism that can be exploited to circumvent the system's security. BINARY DIGITone of the two symbols (0 and 1) that are commonly used to represent numerical entries in the binary number system. BITa contraction of the term "binary digit."
OCR for page 355
Page 355 BIT STREAM (also digital stream)the running stream of binary symbols representing digitized information; the term is commonly used to refer to digital communications. C CAPSTONE CHIPan integrated circuit chip that implements the Skipjack algorithm and also includes the Digital Signature Algorithm, the Secure Hash Standard, the classified Key Exchange Algorithm, circuitry for efficient exponentiation of large numbers, and a random number generator using a pure noise source. CAPSTONE/FORTEZZA INITIATIVEa government initiative to promote and support escrowed encryption for data storage and communications. CERTIFICATE AUTHORITYsynonym for certification authority. CERTIFICATE MANAGEMENTthe overall process of issuing, storing, verifying, and generally accepting responsibility for the accuracy of certifications and their secure delivery to appropriate consumers. CERTIFICATIONthe administrative act of approving a computer system or component for use in a particular application. CERTIFICATION AUTHORITYa specially established trusted organization or part of a larger organization that accepts the responsibilities of managing the certificate process by issuing, distributing, and verifying certificates. CIPHERTEXTliterally, text material that has been encrypted; also used in a generic sense for the output of any encryption process, no matter what the original digitized input might have been (e.g., text, computer files, computer programs, or digitized graphical images). CLEARTEXT (also plaintext)the material entering into an encryption process or emerging from a decryption process. "Text" is used categorically for any digitized material. CLIPPER CHIPan escrowed encryption chip that implements the Skipjack algorithm to encrypt communications conducted over the public switched network (e.g., between telephones, modems, or facsimile equipment).
OCR for page 356
Page 356 CLIPPER INITIATIVE a voluntary program to improve the security of telephone communications while meeting the legitimate needs of law enforcement. CoComCoordinating Committee for Multilateral Export Controls, began operations in 1950 to control export of strategic materials and technology to communist countries; participants include Australia, Belgium, Canada, Denmark, France, Germany, Greece, Italy, Japan, Luxembourg, the Netherlands, Norway, Portugal, Spain, Turkey, the United Kingdom, and the United States. COLLATERAL CRYPTOGRAPHYa collective term used in this report to include uses of encryption for other than confidentiality; it includes such services as authentication, integrity checks, authoritative date/time stamping, and digital signatures. COMPETITIVE ACCESS PROVIDERStelephone carriers that compete with local monopoly carriers. CONFIDENTIALITY (communications)the protection of communications traffic against interception or receipt by unauthorized third parties. CONFIDENTIALITY (data)an assertion about a body of data that is sensitive and must be protected against loss, misuse, destruction, unintended change, and unauthorized access or dissemination. COUNTERMEASUREa mechanism that reduces vulnerability to a threat. CRYPTANALYSISthe study and practice of various methods to penetrate ciphertext and deduce the contents of the original cleartext message. CRYPTOGRAPHIC ALGORITHMa mathematical procedure, used in conjunction with a closely guarded secret key, that transforms original input into a form that is unintelligible without special knowledge of the secret information and the algorithm. Such algorithms are also the basis for digital signatures and key exchange. CRYPTOGRAPHYoriginally, the science and technology of keeping information secret from unauthorized parties by using a code or a cipher. Today, cryptography can be used for many applications that do not involve confidentiality.
OCR for page 357
Page 357 D DATA ENCRYPTION STANDARD (DES)a U.S. government standard (FIPS 46-1) describing a cryptographic algorithm to be used in a symmetric cryptographic application. DATE/TIME STAMPthe date and time a transaction or document is initiated or submitted to a computer system, or the time at which a transaction is logged or archived. Often it is important that the stamp be certified by some authority to establish legal or other special status. Such a service can be provided by a cryptographic procedure. DECOMPILINGa process through which object code consisting of ones and zeros can be converted into source code in a high-level computer language such as C or Pascal. DECRYPTIONthe cryptographic procedure of transforming ciphertext into the original message cleartext. DENIAL OF SERVICEreducing the availability of an object below the level needed to support critical processing or communication, as can happen, for example, in a system crash. DIGESTa much condensed version of a message produced by processing the message by a hash algorithm. Commonly, the digest has a fixed length and is not dependent on the length of the original message. DIGITAL SIGNATUREa digitized analog of a written signature, produced by a cryptographic procedure acting (commonly) on a digest of the message to be signed. DIGITAL SIGNATURE STANDARD (DSS)a U.S. government standard (FIPS 186) describing a cryptographic algorithm for producing a digital signature. DIGITAL TELEPHONY ACT OF 1995a law requiring that the telephone industry make such technical changes to its installed equipment as are needed to comply with court-authorized wiretap orders. DISASSEMBLYa process through which object code consisting of ones and zeros can be converted into its low-level assembly language representation. DISCLOSURE (of data)the act of making available; the instance of revealing.
OCR for page 358
Page 358 DUAL-USE SYSTEMa system with both military and civilian applications. E ESCROWED ENCRYPTION STANDARD (EES)a voluntary U.S. government standard for key-escrowed encryption of voice, fax, or computer data transmitted over circuit-switched telephone systems. EVALUATION(1) the process of examining a computer product or system with respect to certain criteria; (2) the results of that process. EXCEPTIONAL ACCESSaccess to encrypted data granted to a recipient other than the originally intended recipient. F FEDERAL INFORMATION PROCESSING STANDARD (FIPS)a categorical term for U.S. government standards applying to computer-based systems. FIRMWAREthe programmable information used to control the low-level operations of hardware. Firmware is commonly stored in read only memory (ROM), which is initially installed in the factory and may be replaced in the field to fix mistakes or to improve system capabilities. FIRST PARTYthe originator of a transaction (e.g., an electronic message or telephone call). FUNCTIONALITYthe functional behavior of a system. Functionality requirements include, for example, confidentiality, integrity, availability, authentication, and safety. I IDENTIFICATIONthe assertion by a person, process, or system wishing to communicate with another person, process, or system of the name by which it is known within the process(es) or system(s) in question. IDENTIFICATION KEYa key registered or issued to a specific user. IMPLEMENTATIONthe mechanism that (supposedly) realizes the specified design. INTEGRATED PRODUCTa product designed to provide the user a capability useful in its own right (e.g., word processing) and integrated with encryption capabilities that a user may or may not employ; a product in which the cryptographic capability is fully integrated with the other capabilities of the product.
OCR for page 359
Page 359 INTEGRITYthe property that an object meets an a priori established set of expectations. One example of integrity is that changes must be accomplished in a specified and authorized manner. Data integrity, program integrity, system integrity, and network integrity are all relevant to consideration of computer and system security. INTEGRITY CHECKa quantity derived algorithmically from the running digital stream of a message and appended to it for transmission, or from the entire contents of a stored data file and appended to it. Some integrity checks are not cryptographically based (e.g., cyclic redundancy checks), but others are. INTERCEPTORa party eavesdropping on communications. ITARInternational Traffic in Arms Regulations. K KEYa sequence of easily changed symbols that, used with a cryptographic algorithm, provides a cryptographic process. KEY DISTRIBUTIONa secure method for two distant parties to exchange keys or to receive keys from a central authoritative source. KEY ESCROW ENCRYPTION (also escrowed encryption)an encryption system that enables exceptional access to encrypted data through special data recovery keys held by a trusted party. KEY MANAGEMENTthe overall process of generating and distributing cryptographic keys to authorized recipients in a secure manner. M MONITORINGrecording of relevant information about each operation by a subject on an object, maintained in an audit trail for subsequent analysis. N NODEa computer system that is connected to a communications network and participates in the routing of messages within that network. Networks are usually described as a collection of nodes that are connected by communications links. NONREPUDIATION (of a signed digital message, data, or software) the status achieved by employing a digital-signature procedure to affirm the identity of the signer of a digital message with extremely high confidence and, hence, to protect against a subsequent attempt to deny authenticity, whether or not there had been an initial authentication.
OCR for page 360
Page 360 O OBJECT CODEthe "executable" code of ones and zeros that provides a computer with instructions on what steps to perform. Contrast with source code. OBJECT LINKING AND EMBEDDING (OLE)Microsoft's object-oriented software technology. ONE-WAY HASH FUNCTIONa function that produces a message digest that cannot be reversed to obtain the original. OPERATING SYSTEMa program that runs on a computer whose purpose is to provide basic services that can be used by applications running on that computer. Such functions might include screen displays, file handling, and encryption. MS-DOS and Windows '95 are examples of operating systems that run on Intel microprocessors. P PASSWORDa sequence of characters or words that a subject presents to a system for purposes of validation or verification. See authentication. PCMCIA CARDthe industry-standard Personal Computer Memory Card Industry Association card and associated electrical interface for various computer components (e.g., memory, hard disks, and cryptographic processes). Also known as a PC card. PEN REGISTERa device that records numbers dialed from a telephone. PIN (personal identification number)a (generally numeric) quantity that has to be keyed into some device or process to authenticate an individual. A common example is the 4-digit PIN associated with the use of automated teller machines; another, the 4-digit PIN associated with a telephone calling card. PLAINTEXTa synonym for cleartext. PRIVATE KEYthe private (secret) key associated with a given person's public key for a public-key cryptographic system. PUBLIC KEYthe publicly known key associated with a given person's use of a public-key cryptographic system. PUBLIC-KEY CERTIFICATEa statement, possibly on paper but more often transmitted electronically over an information network, that establishes the relationship between a named individual (or organization) and
OCR for page 361
Page 361 a specified public key. In principle, it could (but need not) include collateral information such as mailing address, organizational affiliation, and telephone number. R RC2/RC4 ALGORITHMStwo variable-key-length cryptographic algorithms designed by Ronald Rivest of the Massachusetts Institute of Technology. Both are symmetric algorithms. RELIABILITYthe ability of a computer or an information or telecommunications system to perform consistently and precisely according to its specifications and design requirements and to do so with high confidence. REMAILERa computer-based process that automatically redistributes electronic mail, often to multiple recipients. Remailers can be anonymous (i.e., they can be configured to strip off information identifying the sender of a message, while still enabling a return "path" so that recipients can reply to messages). REVERSE ENGINEERINGthe generic name for methods by which parties attempt to uncover technical details of a microelectronic chip or of software. RISKthe likelihood that a vulnerability may be exploited, or that a threat may become harmful. RSA ALGORITHMthe Rivest-Shamir-Adelman public-key encryption algorithm. S SAFETYthe property indicating that a computer system or software, when embedded in its operational environment, does not cause any actions or events that create unintended potentially or actually dangerous situations for itself or for the environment in which it is embedded. SECOND PARTYthe recipient of a transaction (e.g., an electronic message or telephone call). SECRET-KEY CRYPTOSYSTEMa symmetric cryptographic process that uses the same secret key (which both parties have and keep secret) to encrypt and decrypt messages. SECURE HASH FUNCTIONa one-way hash function for which the
OCR for page 362
Page 362 likelihood that two messages will yield the same digest is satisfactorily small. SECURE HASH STANDARDa U.S. government standard (FIPS 180-1) for a secure hash function. SECURITYthe collection of safeguards that ensures the confidentiality of information, protects the system(s) or network(s) used to process it, and controls access to it. Hence, security safeguards impose appropriate access rules for computer information. SECURITY-SPECIFIC (OR STAND-ALONE) CRYPTOGRAPHY PRODUCTan add-on product specifically designed to provide cryptographic capabilities for one or more other software or hardware capabilities. SHAREWAREsoftware offered publicly and shared rather than sold. SKIPJACKa classified symmetric key encryption algorithm that uses 80-bit keys; developed by the National Security Agency. SOURCE CODEthe textual form in which a program is entered into a computer (e.g., Pascal). SPECIFICATIONa technical description of the desired behavior of a system, as derived from its requirements. A specification is used to develop and test an implementation of a system. SPOOFINGillicitly masquerading as a legitimate company, party, or individual. STU-IIIa U.S. government secure telephone system using end-to-end encryption. SYMMETRIC CRYPTOGRAPHY, CRYPTOSYSTEMa cryptographic system that uses the same key to encrypt and decrypt messages. SYSTEMan interdependent collection of components that can be considered as a unified whole; for example, a networked collection of computer systems, a distributed system, an editor, a memory unit, and so on. T THIRD-PARTY ACCESSeavesdropping on or entry to data communi-
OCR for page 363
Page 363 cations, telephony, or stored computer data by an unauthorized party. See exceptional access. THREATthe potential for exploitation of a vulnerability. TOKENwhen used in the context of authentication, a (usually) physical device necessary for user identification. TRAP AND TRACEa device that identifies the telephone numbers from which calls have been placed to a target telephone number. TROJAN HORSEa computer program whose execution would result in undesired side effects, generally unanticipated by the user. A Trojan horse program may otherwise give the appearance of providing normal functionality. TRUSTthe concept that a system will provide its intended functionality with a stated level of confidence. The term is also used for other entities, e.g., trusted software, trusted network, trusted individual. Sometimes the confidencealso called the assurancecan be measured, but sometimes it is inferred on the basis of testing and other information. TRUSTWORTHINESSassurance that a system deserves to be trusted. V VULNERABILITYa weakness in a system that can be exploited to violate the system's intended behavior. There may be vulnerabilities in security, integrity, availability, and other aspects. The act of exploiting a vulnerability represents a threat, which has an associated risk of being exploited. W WORK FACTORa measure of the difficulty of undertaking a brute-force test of all possible keys against a given ciphertext and known algorithm.
Representative terms from entire chapter: