Cryptography Terminology

This section provides descriptions on some commonly used cryptography terminologies

AES (Advanced Encryption Standard): A data encryption standard adopted in 2001 by the US government to replace DES (Advanced Encryption Standard). AES uses Rijndael ciphers developed by Joan Daemen and Vincent Rijmen. AES ciphers are symmetric 128-bit block encryptions with 128-bit, 196-bit and 256-bit keys. AES ciphers are more secure and faster than DES ciphers.

Blowfish: A Feistel network iterating a simple encryption function 16 times. The block size is 64 bits, and the key can be any length up to 448 bits. Although there is a complex initialization phase required before any encryption can take place, the actual encryption of data is very efficient on large microprocessors.

CBC (Cipher Block Chaining): An operation mode for block ciphers, where each plaintext block is XORed with the previous ciphertext block before encryption.

Certification Chain: Also called Certificate Path. An ordered list of certificates where the subject entity of one certificate is identical to the issuing entity of the next certificate.

Certificate Path: Also called Certification Chain. An ordered list of certificates where the subject entity of one certificate is identical to the issuing entity of the next certificate.

CFB (Cipher FeedBack): An operation mode for block ciphers, where each block of plaintext is XORed with the encrypted version of the previous ciphertext to generate the current ciphertext block.

DES (Data Encryption Standard): A 16-round Feistel cipher with block size of 64 bits. DES was developed by IBM in 1974 in response to a federal government public invitation for data encryption algorithms. In 977, DES was published as a federal standard, FIPS PUB 46.

ECB (Electronic CodeBook): An operation mode for block ciphers, where each plaintext block is encrypted independent from other blocks.

MD5 (Message Digest 5): A message-digest algorithm, which takes as input a message of arbitrary length and produces as output a 128-bit "fingerprint" or "message digest" of the input. It is conjectured that it is computationally infeasible to produce two messages having the same message digest, or to produce any message having a given pre-specified target message digest.

OFB (Output FeedBack): An operation mode for block ciphers, where each block of plaintext is XORed with the encrypted version of the previous ciphertext to generate the current ciphertext block.

OpenSSL: A cryptography toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) network protocols and related cryptography standards required by them.

PKCS5Padding: A padding schema for block ciphers, where the number of padded bytes equals to "8 - numberOfBytes(clearTextMessage) mod 8", and the value of each padded byte is an integer value of the number of padded bytes.

RSA (Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman): A public key algorithm invented in 1976 by three MIT mathematicians, Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman.

SHA1 (Secure Hash Algorithm 1): A message-digest algorithm, which takes an input message of any length < 2^64 bits and produces a 160-bit output as the message digest.

Table of Contents

 About This Book

Cryptography Terminology

 Cryptography Basic Concepts

 Introduction to AES (Advanced Encryption Standard)

 Introduction to DES Algorithm

 DES Algorithm - Illustrated with Java Programs

 DES Algorithm Java Implementation

 DES Algorithm - Java Implementation in JDK JCE

 DES Encryption Operation Modes

 DES in Stream Cipher Modes

 PHP Implementation of DES - mcrypt

 Blowfish - 8-Byte Block Cipher

 Secret Key Generation and Management

 Cipher - Secret Key Encryption and Decryption

 Introduction of RSA Algorithm

 RSA Implementation using java.math.BigInteger Class

 Introduction of DSA (Digital Signature Algorithm)

 Java Default Implementation of DSA

 Private key and Public Key Pair Generation

 PKCS#8/X.509 Private/Public Encoding Standards

 Cipher - Public Key Encryption and Decryption

 MD5 Mesasge Digest Algorithm

 SHA1 Mesasge Digest Algorithm

 OpenSSL Introduction and Installation

 OpenSSL Generating and Managing RSA Keys

 OpenSSL Managing Certificates

 OpenSSL Generating and Signing CSR

 OpenSSL Validating Certificate Path

 "keytool" and "keystore" from JDK

 "OpenSSL" Signing CSR Generated by "keytool"

 Migrating Keys from "keystore" to "OpenSSL" Key Files

 Certificate X.509 Standard and DER/PEM Formats

 Migrating Keys from "OpenSSL" Key Files to "keystore"

 Using Certificates in IE (Internet Explorer)

 Using Certificates in Firefox

 Using Certificates in Google Chrome

 Outdated Tutorials

 References

 PDF Printing Version