Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
March, 2007<br />
Secret key A cryptographic key that is used with a secret key (symmetric)<br />
cryptographic algorithm that is uniquely associated with one or more<br />
entities and is not made public. The use of the term “secret” in this<br />
context does not imply a classification level, but rather implies the<br />
need to protect the key from disclosure.<br />
Secure communication<br />
protocol<br />
A communication protocol that provides the appropriate<br />
confidentiality, authentication and content integrity protection.<br />
<strong>Security</strong> domain A system or subsystem that is under the authority of a single trusted<br />
authority. <strong>Security</strong> domains may be organized (e.g., hierarchically) to<br />
form larger domains.<br />
<strong>Security</strong> life of data The time period during which data has security value.<br />
<strong>Security</strong> services Mechanisms used to provide confidentiality, data integrity,<br />
authentication or non-repudiation of information.<br />
<strong>Security</strong> strength<br />
(Also “bits of<br />
security”)<br />
A number associated with the amount of work (that is, the number of<br />
operations) that is required to break a cryptographic algorithm or<br />
system. In this Recommendation, security strength is specified in bits<br />
and is a specific value from the set {80, 112, 128, 192, 256}<br />
Self-signed certificate A public key certificate whose digital signature may be verified by the<br />
public key contained within the certificate. The signature on a selfsigned<br />
certificate protects the integrity of the data, but does not<br />
guarantee authenticity of the information. The trust of self-signed<br />
certificates is based on the secure procedures used to distribute them.<br />
Shall This term is used to indicate a requirement of a Federal Information<br />
processing Standard (FIPS) or a requirement that must be fulfilled to<br />
claim conformance to this recommendation. Note that shall may be<br />
coupled with not to become shall not.<br />
Shared secret A secret value that has been computed using a key agreement scheme<br />
and is used as input to a key derivation function.<br />
Should This term is used to indicate a very important requirement. While the<br />
“requirement” is not stated in a FIPS, ignoring the requirement could<br />
result in undesirable results. Note that should may be coupled with not<br />
to become should not.<br />
Signature generation Uses a digital signature algorithm and a private key to generate a<br />
digital signature on data.<br />
Signature verification Uses a digital signature algorithm and a public key to verify a digital<br />
signature.<br />
27