Note: for index of full report see: http://jya.com/nrcindex.htm

---------



                              B

                          Glossary


ACCESS -- (to a system, to data, to a software process)(n.) in
general, the right to enter or make use of. In a computer
context, entry granted to a software path that establishes the
right to use a system and its resources; to read, write,
modify, or delete data; and/or to use software processes with
various capabilities. (v.) to achieve the status of having
access.

ACCESS CONTROL -- the granting or denying to a subject of
certain permissions to access a resource (e.g., to view a
certain file, to run a certain program).

ALGORITHM AND KEY LENGTH -- the combination of cryptographic
algorithm and its key length(s) often used to establish the
strength of an encryption process.

ASSURANCE -- confidence that a system design meets its
requirements, or that its implementation meets its
specification, or that some specific property is satisfied.

ASYMMETRIC CRYPTOGRAPHY (also public-key cryptography) --
cryptography based on algorithms that enable the use of one
key (a public key) to encrypt a message and a second,
different, but mathematically related, key (a private key) to
decrypt a message. Asymmetric cryptography can also be used to
perform digital signatures and key exchange.

AUDITING -- the process of making and keeping the records
necessary to support accountability. See audit trail.

AUDIT TRAIL -- the results of monitoring each operation of
subjects on objects; for example, an audit trail might be a
record of all actions taken on a particularly sensitive file
or a record of all users who viewed that file.

AUTHENTICATION (OF IDENTITY) -- an adjunct step to
identification that confirms an asserted identity with a
specified, or understood, level of confidence. Authentication
can be used to provide high assurance that the purported
identity is, in fact, the correct identity associated with the
entity that provides it. The authentication mechanism can be
based on something that the entity knows, has, or is (e.g., a
password, a smart card that uses some encryption or random
number for a challenge-response scheme, or a fingerprint).

AUTHENTICATION OF A MESSAGE (OR A FILE) -- the process of adding
one or more additional data elements to communications traffic
(or files) to ensure the integrity of the traffic (or files).
Such additional elements are often called "message
authenticator(s)" and would be an example of an integrity
lock.

AUTHENTICITY -- a security service that provides a user with a
means of verifying the identity of the sender of a message, a
file, a computer system, a software process, or even a
database or individual software component.

AUTHORIZATION -- determining whether a subject (a user or
system) is trusted to act for a given purpose, for example,
allowed to read a particular file.
AVAILABILITY--the property that a given resource will be
usable during a given time period, for example, that an
encrypted file can be decrypted when necessary.

BACK DOOR -- an aspect of a system's mechanism that can be
exploited to circumvent the system's security.

BINARY DIGIT -- one of the two symbols (0 and 1) that are
commonly used to represent numerical entries in the binary
number system.

BIT -- a contraction of the term "binary digit."

BIT STREAM (also digital stream) -- the running stream of 
binary symbols representing digitized information; the 
term is commonly used to refer to digital communications.

CAPSTONE CHIP -- an integrated circuit chip that implements the
Skipjack algorithm and also includes the Digital Signature
Algorithm, the Secure Hash Standard, the classified Key
Exchange Algorithm, circuitry for efficient exponentiation of
large numbers, and a random number generator using a pure
noise source.

CAPSTONE/FORTEZZA INITIATIVE -- a government initiative to
promote and support escrowed encryption for data storage and
communications.

CERTIFICATE AUTHORITY -- synonym for certification authority.

CERTIFICATE MANAGEMENT -- the overall process of issuing,
storing, verifying, and generally accepting responsibility for
the accuracy of certifications and their secure delivery to
appropriate consumers.

CERTIFICATION -- the administrative act of approving a computer
system or component for use in a particular application.

CERTIFICATION AUTHORITY -- a specially established trusted
organization or part of a larger organization that accepts the
responsibilities of managing the certificate process by
issuing, distributing, and verifying certificates.

CIPHERTEXT -- literally, text material that has been encrypted,
also used in a generic sense for the output of any encryption
process, no matter what the original digitized input might
have been (e.g., text, computer files, computer programs, or
digitized graphical images).

CLEARTEXT (also plaintext) -- the material entering into an
encryption process or emerging from a decryption process.
"Text" is used categorically for any digitized material.

CLIPPER CHIP -- an escrowed encryption chip that implements the
Skipjack algorithm to encrypt communications conducted over
the public switched network (e.g., between telephones, modems,
or facsimile equipment).

CoCom -- Coordinating Committee for Multilateral Export
Controls, began operations in 1950 to control export of
strategic materials and technology to communist countries;
participants include Australia, Belgium, Canada, Denmark,
France, Germany, Greece, Italy, Japan, Luxembourg, the
Netherlands, Norway, Portugal, Spain, Turkey, the United
Kingdom, and the United States.

COLLATERAL CRYPTOGRAPHY -- a collective term used in this report
to include uses of encryption for other than confidentiality,
it includes such services as authentication, integrity checks,
authoritative date/time stamping, and digital signatures.

COMPETITIVE ACCESS PROVIDERS -- telephone carriers that compete
with local monopoly carriers.

CONFIDENTIALITY (communications) -- the protection of
communications traffic against interception or receipt by
unauthorized third parties.

CONFIDENTIALITY (data) -- an assertion about a body of data that
is sensitive and must be protected against loss, misuse,
destruction, unintended change, and unauthorized access or
dissemination.

COUNTERMEASURE -- a mechanism that reduces vulnerability to a
threat.

CRYPTANALYSIS -- the study and practice of various methods to
penetrate ciphertext and deduce the contents of the original
cleartext message.

CRYPTOGRAPHIC ALGORITHM -- a mathematical procedure, used in
conjunction with a closely guarded secret key, that transforms
original input into a form that is unintelligible without
special knowledge of the secret information and the algorithm.
Such algorithms are also the basis for digital signatures and
key exchange.

CRYPTOGRAPHY -- originally, the science and technology of
keeping information secret from unauthorized parties by using
a code or a cipher. Today, cryptography can be used for many
applications that do not involve confidentiality.

DATA ENCRYPTION STANDARD (DES) -- a U.S. government standard
(FIPS 46-1) describing a cryptographic algorithm to be used in
a symmetric cryptographic application.

DATE/TIME STAMP -- the date and time a transaction or document
is initiated or submitted to a computer system, or the time at
which a transaction is logged or archived. Often it is
important that the stamp be certified by some authority to
establish legal or other special status. Such a service can be
provided by a cryptographic procedure.

DECOMPILING -- a process through which object code consisting of
ones and zeros can be converted into source code in a
high-level computer language such as C or Fortran.

DECRYPTION -- the cryptographic procedure of transforming
ciphertext into the original message cleartext.

DENIAL OF SERVICE -- reducing the availability of an object
below the level needed to support critical processing or
communication, as can happen, for example, in a system crash.

DIGEST -- a much condensed version of a message produced by
processing the message by a hash algorithm. Commonly, the
digest has a fixed length and is not dependent on the length
of the original message.

DIGITAL SIGNATURE -- a digitized analog of a written signature,
produced by a cryptographic procedure acting (commonly) on a
digest of the message to be signed.

DIGITAL SIGNATURE STANDARD (DSS) -- a U.S. government standard
(FIPS 186) describing a cryptographic algorithm for producing
a digital signature.

DIGITAL TELEPHONY ACT OF 1995 -- a law requiring that the
telephone industry make such technical changes to its
installed equipment as are needed to comply with
courtauthorized wiretap orders.

DISASSEMBLY -- a process through which object code consisting of
ones and zeros can be converted into its low-level assembly
language representation.

DISCLOSURE (of data) -- the act of making available; the
instance of revealing.

DUAL-USE SYSTEM -- a system with both military and civilian
applications.

ESCROWED ENCRYPTION INITIATIVE -- a voluntary program to improve
the security of telephone communications while meeting the
legitimate needs of law enforcement.

ESCROWED ENCRYPTION STANDARD (EES) -- a voluntary U.S.
government standard for key-escrowed encryption of voice, fax,
or computer data transmitted over circuit-switched telephone
systems.

EVALUATION -- 1. the process of examining a computer product or
system with respect to certain criteria. 2. the results of
that process.

EXCEPTIONAL ACCESS -- access to encrypted data granted to a
recipient other than the originally intended recipient.

FEDERAL INFORMATION PROCESSING STANDARD (FIPS) -- a categorical
term for U.S. government standards applying to computer-based
systems.

FIRMWARE -- the programmable information used to control the
low-level operations of hardware. Firmware is commonly stored
in Read-Only Memory (ROM), which is initially installed in the
factory and may be replaced in the field to fix mistakes or to
improve system capabilities.

FIRST PARTY -- the originator of a transaction (e.g., an
electronic message or telephone call).

FUNCTIONALITY -- the functional behavior of a system.
Functionality requirements include, for example,
confidentiality, integrity, availability, authentication, and
safety.

IDENTIFICATION -- the assertion by a person, process, or system
wishing to communicate with another person, process, or system
of the name by which it is known within the process(es) or
system(s) in question.

IDENTIFICATION KEY -- a key registered or issued to a specific
user.

IMPLEMENTATION -- the mechanism that (supposedly) realizes the
specified design.

INTEGRATED PRODUCT -- a product designed to provide the user a
capability useful in its own right (e.g., word processing) and
integrated with encryption capabilities that a user may or may
not employ; a product in which the cryptographic capability is
fully integrated with the other functionality of the product.

INTEGRITY -- the property that an object meets an a priori
established set of expectations. One example of integrity is
that changes must be accomplished in a specified and
authorized manner. Data integrity, program integrity, system
integrity, and network integrity are all relevant to
consideration of computer and system security.

INTEGRITY CHECK -- a quantity derived algorithmically from the
running digital stream of a message and appended to it for
transmission, or from the entire contents of a stored data
file and appended to it. Some integrity checks are not
cryptographically based, e.g., cyclic redundancy checks, but
others are.
INTERCEPTOR -- a party eavesdropping on communications.

ITAR -- International Traffic in Arms Regulations.

KEY -- a sequence of easily changed symbols that, used with a
cryptographic algorithm, provides a cryptographic process.

KEY DISTRIBUTION -- a secure method for two distant parties to
exchange keys or to receive keys from a central authoritative
source.

KEY ESCROW ENCRYPTION (also escrowed encryption) -- an
encryption system that enables exceptional access to encrypted
data through special data recovery keys held by a trusted
party.

KEY MANAGEMENT -- the overall process of generating and
distributing cryptographic keys to authorized recipients in a
secure manner.

MONITORING -- recording of relevant information about each
operation by a subject on an object, maintained in an audit
trail for subsequent analysis.

NODE -- a computer system that is connected to a communications
network and participates in the routing of messages within
that network. Networks are usually described as a collection
of nodes that are connected by communications links.

NONREPUDIATION (of a signed digital message, data, or
software) -- the status achieved by employing a
digital-signature procedure to affirm the identity of the
signer of a digital message with extremely high confidence
and, hence, to protect against a subsequent attempt to deny
authenticity, whether or not there had been an initial
authentication.

OBJECT CODE -- the "executable" code of ones and zeros that
provides a computer with instructions on what steps to
perform. Contrast to source code.

OBJECT LINKING AND EMBEDDING (OLE) -- Microsoft's
object-oriented software technology.

ONE-WAY HASH FUNCTION -- a function that produces a message
digest that cannot be reversed to obtain the original.

OPERATING SYSTEM -- a program that runs on a computer whose
purpose is to provide basic services that can be used by
applications running on that computer. Such functions might
include screen displays, file handling, and encryption. MS-DOS
and Windows 95 are examples of operating systems that run on
Intel microprocessors.

PASSWORD -- a sequence of characters or words that a subject
presents to a system for purposes of validation or
verification. See authentication.

PCMCIA CARD -- the industry-standard Personal Computer Memory
Card Industry Association card and associated electrical
interface for various computer components (e.g., memory, hard
disks, and cryptographic processes). Also known as a PC card.

PEN REGISTER -- a device that records numbers dialed from a
telephone.

PIN (personal identification number) -- a (generally numeric)
quantity that has to be keyed into some device or process to
authenticate an individual. A common example is the 4-digit
PIN associated with the use of automated teller machines;
another, the 4-digit PIN associated with a telephone calling
card.

PLAINTEXT -- a synonym for cleartext.

PRIVATE KEY -- the private (secret) key associated with a given
person's public key for a public-key cryptographic system.

PUBLIC KEY -- the publicly known key associated with a given
person's use of a public-key cryptographic system.

PUBLIC-KEY CERTIFICATE -- a statement, possibly on paper but
more often transmitted electronically over an information
network, that establishes the relationship between a named
individual (or organization) and a specified public key. In
principle, it could (but need not) include collateral
information such as mailing address, organizational
affiliation, and telephone number.

RC2/RC4 ALGORITHMS -- two variable-key-length cryptographic
algorithms designed by Ronald Rivest of the Massachusetts
Institute of Technology. Both are symmetric algorithms.

RELIABILITY -- the ability of a computer or an information or
telecommunications system to perform consistently and
precisely according to its specifications and design
requirements and to do so with high confidence.

REMAILER -- a computer-based process that automatically
redistributes electronic mail, often to multiple recipients.
Remailers can be anonymous (i.e., they can be configured to
strip off information identifying the sender of a message,
while still enabling a return "path" so that recipients can
reply to messages).

REVERSE ENGINEERING -- the generic name for methods by which
parties attempt to uncover technical details of a
microelectronic chip or of software.

RISK -- the likelihood that a vulnerability may be exploited, or
that a threat may become harrnful.

RSA ALGORITHM -- the Rivest-Shamir-Adelman public-key encryption
algorithm.

SAFETY -- the property indicating that a computer system or
software, when embedded in its operational environment, does
not cause any actions or events that create unintended
potentially or actually dangerous situations for itself or for
the environment in which it is emhedded.

SECOND PARTY -- the recipient of a transaction (e.g., an
electronic message or telephone call).

SECRET-KEY CRYPTOSYSTEM -- a symmetric cryptographic process
that uses the same secret key (which both parties have and
keep secret) to encrypt and decrypt messages.

SECURE HASH FUNCTION -- a one-way hash function for which the
likelihood that two messages will yield the same digest is
satisfactorily small.

SECURE HASH STANDARD -- a U.S. government standard (FIPS 180-1)
for a secure hash function.

SECURITY -- the collection of safeguards that ensures the
confidentiality of information, protects the system(s) or
network(s) used to process it, and controls access to it.
Hence, security safeguards impose appropriate access rules for
computer information.

SECURITY-SPECIFIC (OR STAND-ALONE) CRYPTOGRAPHY PRODUCT -- an
add-on product specifically designed to provide cryptographic
capabilities for one or more other software or hardware
capabilities.

SHAREWARE -- software offered publicly and shared rather than
sold.

SKIPJACK -- a classified symmetric key encryption algorithrn
that uses 80-bit keys; developed by the National Security
Agency.

SOURCE CODE -- the textual form in which a program is entered
into a computer (e.g., FORTRAN).

SPECIFICATION -- a technical description of the desired behavior
of a system, as derived from its requirements. A specification
is used to develop and test an implementation of a system.

SPOOFING -- illicitly masquerading as a legitimate company,
party, or individual.

STU-III -- a U.S. government secure telephone system using
end-to-end encryption.

SYMMETRIC CRYPTOGRAPHY, CRYPTOSYSTEM -- a cryptographic system
that uses the same key to encrypt and decrypt messages.

SYSTEM -- an interdependent collection of components that can be
considered as a unified whole; for example, a networked
collection of computer systems, a distributed system, an
editor, a memory unit, and so on.

THIRD-PARTY ACCESS -- eavesdropping on or entry to data
communications, telephony, or stored computer data by an
unauthorized party.

THREAT -- the potential for exploitation of a vulnerability.

TOKEN -- when used in the context of authentication, a (usually)
physical device necessary for user identification.

TRAP AND TRACE -- a device that identifies the telephone numbers
from which calls have been placed to a target telephone
number.

TROJAN HORSE -- a computer program whose execution would result
in undesired side effects, generally unanticipated by the
user. A Trojan horse program may otherwise give the appearance
of providing normal functionality.

TRUST -- the concept that a system will provide its intended
functionality with a stated level of confidence. The term is
also used for other entities; e.g., trusted software, trusted
network, trusted individual. Sometimes the confidence--also
called the assurance -- can be measured but sometimes it is
inferred on the basis of testing and other information.

TRUSTWORTHINESS -- assurance that a system deserves to be
trusted.

VULNERABILITY -- a weakness in a system that can be exploited to
violate the system's intended behavior. There may be security,
integrity, availability, and other vulnerabilities. The act of
exploiting a vulnerability represents a threat, which has an
associated risk of being exploited.

WORK FACTOR -- a measure of the difficulty of undertaking a
brute-force test of all possible keys against a given
ciphertext and known algorithm.

_______________________________________________________________

[End Appendix B]




