CBC  (Cipher Block Chaining)

See Block cipher


see Common Criteria for Information Technology Security Evaluation

CDMF (Commercial Data Masking Facility)

is a symmetric algorithm for providing data confidentiality. This scrambling technique relies upon DES as the underlying cryptographic algorithm. It weakens the overall cryptographic operations by defining a key- transformation method that produces the equivalent of a 40-bit DES key instead of the 56-bit key length required for full strength DES. Since the CDMF algorithm is not as resistant to key exhaustion as DES, it provides a form of data masking rather than data encryption.

CERT (Center of Emergency and Response Team)

is the generic name for every team that surveys the security of networks, publishes alerts on disclosed vulnerabilities, and provides some hints for the potential remedies. The first and most renown CERT is the Carnegie Mellon University one. Its address is www.cert.org.

CFB (Cipher Feedback)

See Block cipher


is the pioneer in the field of digital cash. He first discovered the blind signature scheme. He is the founder of DigiCash bv.

CLE (Constrained Linear Equation)

is an authentication algorithm designed by Jacques STERN. THOMSON multimedia owns the corresponding patents.


Extension of Secure Electronic Transaction (SET) uses a smart card for cryptographic work. It is a current French “GIE-Cartes Bancaires” development. It adds to SET the following features:

  • Authentication of smart card
  • Irrevocability of the payment for the customer: This point is only true regarding French regulation.

Unfortunately, C-SET was never seriously deployed and is currently a dead standard.


is a digital document where a third party (the Certificate Authority) attests that a given public key belongs to a given individual. It contains at least the digital signature of the certificate issuer, a name, and a public key. It may also contain an expiration date, the name of the certifying authority, and a serial number.

A message may enclose two or more certificates, forming a hierarchical chain. One certificate testifies to the authenticity of the other one (see X509 standard).

Certificate Revocation List

is a list of certificates that have been revoked before their expiration date. Certifying Authorities maintain those lists.


is a process that signs a document. It adds the time of the certification to the document. The result of the process is the certificate.
Certification uses the user s private key to bind the document to the user. The verification uses the user s public key to verify that the signature was issued with the proper private key.

Certifying Authority is a central administration that registers the public keys of users. It delivers the corresponding certificates. In a broader scope, their role can be:

  • Authentication of the different parties of the transaction
  • Certification of a digital signature
  • Certification of payment. It guaranties the seller that he will be paid, and the buyer that he will pay only the agreed amount.

There are mainly two methods for generating a certificate. In the case of Centralized Generation, the Certifying authority generates the private/public key pair, and the certificate. In the distributed Generation, the end user generates the private/public key pair. Then he sends the public key to the Certifying Authority, which returns the certificate.

Common Criteria for Information Technology Security Evaluation (CC)

are used in evaluating products and systems and for stating security requirements in a standardized way. Its aim is to replace national and regional criteria with a worldwide set acceptable to the International Standards Organization. This project was initiated to harmonize the ITSEC, CTCPEC (Canadian criteria) and US Federal Criteria (FC).

The user defines a protection profile (PP) that the target of evaluation (TOE) should support. The result is an Evaluation Assurance Level (EAL) ranging from 1 to 7. EAL 1 means that the product has been functionally tested. EAL 7 means that design of TOE has been formally proved and that the product has been tested.

It is also known as ISO15408

Constrained Linear Equation

see CLE

CPPM (Content Protection for Prerecorded Media)

is a copy protection mechanism developed by SONY, IBM, INTEL, MATSUSHITA for DVD- A. The key management uses broadcast encryption to manage revocation of devices.

CPRM (Content Protection for Recordable Media)

is a copy protection mechanism developed by SONY, IBM, INTEL, MATSUSHITA for recordable media. The key management uses broadcast encryption to manage revocation of devices.It supports DVD RAM, DRV +RW, and flash memory.


See Certificate Revocation List


is the attempt to compromise cryptographic mechanisms. This activity is mandatory to assess the real security of any solution. It is at the heart of the evolution of cryptographic schemes.


is a person who attempts to compromise cryptographic mechanisms. The purpose may be academic, or criminal.


The time span during which a specific key is authorized for use or in which the keys for a given system may remain in effect.

Leave a Reply

Your email address will not be published. Required fields are marked *