The Security Lexicon

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z

Advanced Encryption Standard

is the new symmetric encryption standard selected by the NIST and the NSA. The selection was a public contest. For 4 years, the cryptographic community thoroughly cryptanalysed the different candidates. From the five remaining algorithms, NIST selected Rijndael. AES is a block cipher with a 128 bit key. It has been designed to be fast both in hardware implementation and software implementation.

AES

see Advanced Encryption Standard

AKE

see Authenticated Key Exchange

Answer To Reset

is part of the communication protocol between the smart card and its reader. The ISO7816 standard fully defines it. After receiving a reset signal, a smart card should issue this normalized answer. It provides useful information to the reader that allows the reader to identify and to communicate with the smart card.

Asymmetric cryptography

see Public key cryptography

ATR

see Answer To Reset

Authenticated Diffie Hellman Key agreement

is an enhancement of the DIFFIE HELLMAN Key Agreement (see DIFFIE HELLMAN Key Agreement Protocol) It defeats the possible middle person attack.
Alice and Bob possess a public/private key pair. Together with her public value g^amod p, Alice sends a signature, and her public key certificate. Although Carol can still intercept the message, she is not anymore able to forge signature without Alice s private key.

Authenticated Key Exchange

is a typical process to open a secure session of communication between two devices. In the first step, the two entities authenticate each others. After a successful authentication, they create a common shared session key. A typical protocol is the Authenticated Diffie Hellman Key Agreement.

Authentication

Hardware or software process that aims to establish in an unforgeable way the identification of the two actors of an exchange or transaction. This process implies that the actors confirm and validate their identity by techniques such as password, exchange of secret information, or digital signatures.

To authenticate a principal, it is possible to use three methods, so-called factors:

What the prinicpal is or does: this is typically the realm of biometrics which measures charcateristcis such as fingerprints or the way to write on a keyboard.
Whate the principal knows: this is typically a password, a passphrase or an answer to a known challenge
What the principal has: for instance an identification token, or physical key.

A two-factor authentication combines two methods whereas a three-factor authentication combines all three methods. the RSA ID secure token is a typical two-factor authentication method where the user proves he has the token by dialing the displayed code and the user proves he knows his PIN.