Previous section.
Common Security: CDSA and CSSM, Version 2 (with corrigenda)
Copyright © 2000 The Open Group
Glossary
Asymmetric algorithms
Cryptographic algorithms using one key to
encrypt, and a second key to decrypt. They are often
called public-key algorithms. One key is called the public
key, and the other is called the private key or secret key.
RSA (Rivest-Shamir-Adelman) is the most commonly used
public-key algorithm. It can be used for encryption and for
signing.
carve-outs
The term in general use in the United States of America to identify
a set of constants corresponding to the application areas currently
recognized by the United States Department of Commerce as application
areas that can be granted an export license to use strong cryptography.
Financial applications have been recognized for carve-out for several
years. The application areas of medicine and insurance are recent
additions to the carve-out list.
CDSA
See Common Data Security Architecture
Certification Authority (CA)
An entity that guarantees or sponsors a certificate.
For example, a credit card
company signs a cardholder's certificate to assure
that the cardholder is who he or she claims to be. The
credit card company is a certificate authority. Certificate
authorities issue, verify, and revoke certificates.
Certificate
See Digital certificate.
Certificate chain
The hierarchical chain of all the other certificates
used to sign the current certificate. This includes the
Certificate Authority (CA) who signs the certificate, the CA
who signed that CA's certificate, and so on. There is no
limit to the depth of the certificate chain.
Certificate signing
The Certificate Authority (CA) can sign certificates
it issues or cosign certificates issued by another CA. In a
general signing model, an object signs an arbitrary set of
one or more objects. Hence, any number of signers can attest
to an arbitrary set of objects. The arbitrary objects could
be, for example, pieces of a document for libraries of
executable code.
Certificate validity date
A start date and a stop date for the validity of the
certificate. If a certificate expires, the Certificate
Authority (CA) may issue a new certificate.
Common Data Security Architecture
A set of layered security services that address communications
and data security problems in the emerging
Internet and Intranet application space. The CDSA
consists of three basic layers:
-
A set of system security services
-
The Common Security Services Manager (CSSM)
-
Add-in Security Modules (CSPs, TPs, CLs, DLs)
Common Security Services Manager
The central layer of the Common Data Security
Architecture (CDSA) that
defines six key service components:
-
Cryptographic Services Manager
-
Trust Policy Services Manager
-
Certificate Library Services Manager
-
Data Storage Library Services Manager
-
Integrity Services Manager
-
Security Context Manager
The CSSM binds together all the security services
required by PC applications. In particular, it facilitates
linking digital certificates to cryptographic actions and
trust protocols.
Cryptographic algorithm
A method or defined mathematical process for
implementing a cryptography operation. A cryptographic
algorithm may specify the procedure for encrypting and
decrypting a byte stream, digitally signing an object,
computing the hash of an object, generating a random number.
Cryptoki
The name of the PKCS#11 version 1.0 standard published by RSA
Laboratories. The standard specifies the interface for accessing
cryptographic services performed by a removable device. For
additional information see
http://www.rsa.com.
Cryptographic Service Providers (CSPs)
Modules that provide secure key storage and
cryptographic functions. The
modules may be software only or hardware with
software drivers. The cryptographic functions provided may
include:
-
Bulk encryption and decryption
-
Digital signing
-
Cryptographic hash
-
Random number generation
-
Key exchange
CSSM
See Common Security Services Manager.
Digital certificate
The binding of some identification to a public key
in a particular domain, as attested to directly or
indirectly by the digital signature of the owner of that
domain. A digital certificate is an unforgeable credential
in cyberspace. The certificate is issued by a trusted
authority, covered by that party's digital signature. The
certificate may attest to the certificate holder's identity,
or may authorize certain actions by the certificate holder.
A certificate may include multiple signatures and may attest
to multiple objects or multiple actions.
Digital signature
A data block that was created by applying a
cryptographic signing algorithm to some other data using a
secret key. Digital signatures may be used to:
-
Authenticate the source of a message, data, or document
-
Verify that the contents of a message hasn't been modified
since it was signed by the sender
-
Verify that a public key belongs to a particular person
Typical digital signing algorithms include MD5 with
RSA encryption, and DSS, the Digital Signature Standard
defined by NIST FIPS Pub 186.
Hash algorithm
A cryptographic algorithm used to compress a variable-size input
stream into a unique, fixed-size output value. The function is
one-way, meaning the input value cannot be derived from the
output value. A cryptographically strong hash algorithm is
collision-free, meaning unique input values produce unique output
values. Hashing is typically used in digital signing algorithms.
Example hash algorithms include MD and MD2 from RSA Data
Security. MD5, also from RSA Data Security, hashes a
variable-size input stream into a 128-bit output value. SHA,
a Secure Hash Algorithm published by the U.S. Government,
produces a 160-bit hash value from a variable-size input
stream.
Hypertext Transfer Protocol (HTTP)
The Hypertext Transfer Protocol (HTTP) is an application-level
protocol for distributed, collaborative, hypermedia
information systems. It is a generic, stateless, object-oriented
protocol which is widely used for data transfer over the
Internet. More information about HTTP is available at
http://www.w3.org/Protocols/
and at
http://www.ics.uci.edu/pub/ietf/http/.
JAVA
JAVA is an object-oriented language for development of
platform-independent applications. JAVA runtime defines a sandbox paradigm
to provide a secure JAVA execution environment. Additional
information can be found at
http://www.javasoft.com.
Leaf Certificate
The certificate in a certificate chain that has not
been used to sign another certificate in that chain. The
leaf certificate is signed directly or transitively by all
other certificates in the chain.
Meta-information
Descriptive information specified by an add-in
service module and stored in the CSSM registry. This
information advertises the add-in modules services. CSSM
supports application queries for this information. The
information my change at runtime.
Message digest
The digital fingerprint of an input stream. A
cryptographic hash function is applied to an input message
arbitrary length and returns a fixed-size output, which is
called the digest value.
Nonce
A non-repeating value, usually but not necessarily
random.
Owned certificate
A certificate whose associated private key resides
in a local CSP. Digital signature algorithms require the
private key when signing data. A system may supply
certificates it owns along with signed data to enable other
to verify the signature. A system uses certificates that it
does not own to verify signatures created by others.
PolicyMaker
PolicyMaker is a language for evaluating trust policy
expressions. Additional information can be found at:
Pretty Good Privacy (PGP)
PGP is a widely available software package providing data
encryption and decryption using the IDEA cryptographic
algorithms. To date,PGP facilities have been applied to securing
data files and electronic mail communications. Additional
information can be found at http://www.pgp.com
Private key
The cryptographic key used to decipher or sign messages in
public-key cryptography. This key is kept secret by its
owner.
Public key
The cryptographic key used to encrypt messages in
public-key cryptography. The public key is available to
multiple users (for example, the public).
Random number generators
A function that generates cryptographically strong
random numbers that
cannot be easily guessed by an attacker. Random
numbers are often used to generate session keys.
Root certificate
The prime certificate, such as the official
certificate of a corporation or government entity. The root
certificate is positioned at the top of the certificate
hierarchy in its domain, and it guarantees the other
certificates in its certificate chain. The root
certificate's public key is the foundation of signature
verification in its domain.
Secret key
A cryptographic key used with symmetric algorithms, usually to
provide confidentiality.
Secure Electronic Transaction (SET)
A specification designed to utilize technology for authenticating
the parties involved in payment card purchases on any type of
online network, including the Internet. SET focuses on
maintaining confidentiality of information, ensuring message
integrity, and authenticating the parties involved in a
transaction. More information about SET is available at:
Secure MIME (S/MIME)
MIME is a mechanism for specifying and describing the format
of Internet message bodies also known as attachments to electronic
mail. S/MIME provides a method to send and receive secure MIME
messages. In order to validate the keys of a message sent to it,
an S/MIME agent needs to certify that the encryption key is
valid. Additional information can be found at:
Secure Sockets Layer (SSL)
SSL (also known as Above Transport Layer Security (TLS)) is a
security protocol that prevents eavesdropping, tampering, or
message forgery over the Internet. An SSL service negotiates a
secure session between two communicating endpoints. Basic
facilities include certificate-based authentication,
end-to-end data integrity and optional data privacy.
Additional information can be found at
http://search.netscape.com/newsref/std/SSL.html
and
http://search.netscape.com/newsref/ssl/3-SPEC.html.
SSL has been submitted to the IETF as an Internet Draft for
Transport Layer Security (TLS). More information about TLS can
be found at
ftp://ftp.ietf.org/internet-drafts/draft-ietf-tls-protocol-03.txt.
Security Context
A control structure that retains state information
shared between a cryptographic service provider and the
application agent requesting service from the CSP. Only one
context can be active for an application at any given time,
but the application is free to switch among contexts at
will, or as required. A security context specifies CSP and
application-specific values, such as required key length and
desired hash functions.
Security-relevant event
An event where a CSP-provided function is performed,
an add-in security module is loaded, or a breach of system
security is detected.
Session key
A cryptographic key used to encrypt and decrypt
data. The key is shared by two or more communicating
parties, who use the key to ensure privacy of the exchanged
data.
Signature
See Digital signature.
Signature chain
The hierarchical chain of signers, from the root
certificate to the leaf certificate, in a certificate chain.
Symmetric algorithms
Cryptographic algorithms that use a single secret
key for encryption and decryption. Both the sender and
receiver must know the secret key. Well-known symmetric
functions include DES (Data Encryption Standard) and IDEA.
DES was endorsed by the U.S. Government as a standard in
1977. It's an encryption block cipher that operates on
64-bit blocks with a 56-bit key. It is designed to be
implemented in hardware, and works well for bulk encryption.
IDEA (International Data Encryption Algorithm) uses a
128-bit key.
Token
The logical view of a cryptographic device, as
defined by a CSP's interface. A token can be hardware, a
physical object, or software. A token contains information
about its owner in digital form, and about the services it
provides for electronic-commerce and other communication
applications. A token is a secure device. It may provide a
limited or a broad range of cryptographic functions.
Examples of hardware tokens are SmartCards and PMCIA cards.
USEE
USEE
A tag defining a set of Use Exemptions (USEE). Applications
present one USEE tag value when requesting privileged services.
CSSM and add-in service provider modules have a set of associated
USEE tags. Each tag defines one or more use
exemptions that can be granted to authorized callers.
Each USEE tag represents
policy-based exemptions for the use of Cryptographic Services, Key
Recovery Services, and other CSSM services available only to
authorized callers.
Verification
The process of comparing two message digests. One
message digest is generated by the message sender and
included in the message. The message recipient computes the
digest again. If the message digests are exactly the same,
it shows or proves there was no tampering of the message
contents by a third party (between the sender and the
receiver).
A process performed to check the integrity of a message, to
determine the sender of a message, or both. Different algorithms
are used to support different modes of verification. A typical
procedure supporting integrity verification is the combination of
a one-way hash function and a reversible
digital signaturing algorithm. A one-way hash of
the message is computed. The hash value is signed by encrypting
it with a private key. The message and the encrypted hash value
are sent to a receiver. The recipient recomputes the one-way
hash, decrypts the signed hash value, and compares it with the
computed hash. If the values match then the message has not been
message has not been tampered since it was signed. The identity
of a sender can be verified by a challenge-response protocol. The
recipient sends the message sender a random challenge value. The
original sender uses its private key to sign the challenge value
and returns the result to the receiver. The receiver uses the
corresponding public key to verify the signature over the
challenge value. If the signature verifies the sender is the
holder of the private key. If the receiver can reliably
associate the corresponding public key with the named/known
entity, then the identity of the sender is said to have been
verified.
Web of trust
A trust network among people who know and
communicate with each other. Digital certificates are used
to represent entities in the web of trust. Any pair of
entities can determine the extent of trust between the two,
based on their relationship in the web.