The Security Lexicon
CBC (Cipher Block Chaining)
See Block cipher
CC
see Common Criteria for Information Technology Security Evaluation
CDMF (Commercial Data Masking Facility)
is a symmetric algorithm for providing data confidentiality. This scrambling technique relies upon DES as the underlying cryptographic algorithm. It weakens the overall cryptographic operations by defining a key- transformation method that produces the equivalent of a 40-bit DES key instead of the 56-bit key length required for full strength DES. Since the CDMF algorithm is not as resistant to key exhaustion as DES, it provides a form of data masking rather than data encryption.
CERT (Center of Emergency and Response Team)
is the generic name for every team that surveys the security of networks, publishes alerts on disclosed vulnerabilities, and provides some hints for the potential remedies. The first and most reknown CERT is the Carnegie Mellon University one. Its address is www.cert.org.
CFB (Cipher Feedback)
See Block cipher
CHAUM
is the pioneer in the field of digital cash. He first discovered blind signature scheme. He is the founder of DigiCash bv.
CLE (Constrained Linear Equation)
is an authentication algorithm designed by Jacques STERN. THOMSON multimedia owns the corresponding patents.
C-SET
Extension of Secure Electronic Transaction (SET) uses a smart card for cryptographic work. It is a current French "GIE-Cartes Bancaires" development. It adds to SET the following features:
- Authentication of smart card
- Irrevocability of the payment for the customer: This point is only true regarding French regulation.
Certificate
is a digital document
where a third party (the Certificate
Authority) attests that a given public key belongs to a given
individual. It contains at least the digital signature of the
certificate issuer, a name, and a public key. It may also contain an
expiration date, the name of the certifying authority, and a serial
number.
A message may enclose two or more certificates, forming a hierarchical chain. One certificate testifies to the authenticity of the other one (see X509 standard).
Certificate Revocation List
is a list of certificates that have been revoked before their expiration date. Certifying Authorities maintain those lists.
Certification
is a
process that signs a document. It adds the time of the certification to
the document. The result of the process is the certificate.
Certification uses the user s private key to bind the document to the
user. The verification uses the user s public key to verify that the
signature was issued with the proper private key.
Certifying Authority is a central administration that registers the public keys of users. It delivers the corresponding certificates. In a broader scope, their role can be:
- Authentication of the different parties of the transaction
- Certification of a digital signature
- Certification of payment. It guaranties the seller that he will be paid, and the buyer that he will pay only the agreed amount.
There are mainly two methods for generating a certificate. In the case of Centralized Generation, the Certifying authority generates the private/public key pair, and the certificate. In the distributed Generation, the end user generates the private/public key pair. Then he sends the public key to the Certifying Authority, which returns the certificate.
Common Criteria for Information Technology Security Evaluation (CC)
are used in evaluating products and systems and for stating security requirements in a standardized way. Its aim is to replace national and regional criteria with a worldwide set acceptable to the International Standards Organization. This project was initiated to harmonize the ITSEC, CTCPEC (Canadian criteria) and US Federal Criteria (FC).
The user defines a protection profile (PP) that the target of evaluation (TOE) should support. The result is an Evaluation Assurance Level (EAL) ranging from 1 to 7. EAL 1 means that the product has been functionally tested. EAL 7 means that design of TOE has been formally proved and that the product has been tested.
It is also known as ISO15408
Constrained Linear Equation
see CLE
CPPM (Content Protection for Prerecorded Media)
is a copy protection mechanism developed by SONY, IBM, INTEL, MATSUSHITA for DVD- A. The key management uses broadcast encryption to manage revocation of devices.
CPRM (Content Protection for Recordable Media)
is a copy protection mechanism developed by SONY, IBM, INTEL, MATSUSHITA for recordable media. The key management uses broadcast encryption to manage revocation of devices.It supports DVD RAM, DRV +RW, and flash memory.
CRL
See Certificate Revocation List
Cryptanalysis
is the attempt to compromise cryptographic mechanisms. This activity is mandatory to assess the real security of any solution. It is at the heart of the evolution of cryptographic schemes.
Cryptanalyst
is a person who attempts to compromise cryptographic mechanisms. The purpose may be academic, or criminal.