Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Proof of possession<br />
(POP)<br />
Pseudorandom number<br />
generator (PRNG)<br />
March, 2007<br />
A verification process whereby it is proven that the owner of a key pair<br />
actually has the private key associated with the public key. The owner<br />
demonstrates possession by using the private key in its intended<br />
manner.<br />
See Deterministic Random Bit Generator (DRBG).<br />
Public key A cryptographic key used with a public key cryptographic algorithm<br />
that is uniquely associated with an entity and that may be made public.<br />
In an asymmetric (public) cryptosystem, the public key is associated<br />
with a private key. The public key may be known by anyone and,<br />
depending on the algorithm, may be used to:<br />
1. Verify a digital signature that is signed by the corresponding<br />
private key,<br />
2. Encrypt data that can be decrypted by the corresponding private<br />
key, or<br />
3. Compute a piece of shared data.<br />
Public key certificate A set of data that uniquely identifies an entity, contains the entity's<br />
public key and possibly other information, and is digitally signed by a<br />
trusted party, thereby binding the public key to the entity. Additional<br />
information in the certificate could specify how the key is used and its<br />
cryptoperiod.<br />
Public key<br />
(asymmetric)<br />
cryptographic<br />
algorithm<br />
Public Key<br />
Infrastructure (PKI)<br />
Random number<br />
generator (RNG)<br />
A cryptographic algorithm that uses two related keys, a public key and<br />
a private key. The two keys have the property that determining the<br />
private key from the public key is computationally infeasible.<br />
A framework that is established to issue, maintain and revoke public<br />
key certificates.<br />
A process used to generate an unpredictable series of numbers. Each<br />
individual value is called random if each of the values in the total<br />
population of values has an equal probability of being selected.<br />
Recipient usage period The period of time during the cryptoperiod of a symmetric key during<br />
which the protected information is processed.<br />
Registration Authority A trusted entity that establishes and vouches for the identity of a user.<br />
Retention Period The minimum amount of time that a key or other cryptographic related<br />
information should be retained in the archive.<br />
RNG seed A secret value that is used to initialize a deterministic random bit<br />
generator.<br />
26