AES (Advanced Encryption Standard)The AES (Advanced Encryption Standard) is a standard for secure symmetric encryption. It is the successor to the Data Encryption Standard (DES), which had a key length of only 56 bits. It is a symmetric block cipher with a block length of 128 and key lengths of 128, 192 and 256 bits.(...) Read More
AliceIn cryptography, when we talk about Alice, we usually mean the sender in a system. (see as well: Bob).
Read More
ANSIANSI is the abbreviation for American National Standards Institute, the US standards organization (http://www.ansi.org/). Read More
ASN1Abstract Syntax Notation One is a platform-independent "language" that can be used to define data structures. It is a common standard of the ITU-T (International Telecommunication Union) and the ISO (International Organization for Standardization). ASN.1 is used to uniquely describe the(...) Read More
Asymmetric encryptionAsymmetric encryption is a method in which - in contrast to the symmetric cipher - two different keys are used: A publicly known public key for encrypting data and a secret key known only to the recipient of the message - the private key for decrypting. One well-known method is RSA ("Rivest(...) Read More
AttackAn attack is any attempt to determine the plaintext or the corresponding key from a given ciphertext using cryptanalytic methods. Read More
AuthenticationA user or computer system proves its identity through authentication. Authentication is possible, for example, through knowledge (password), through possession (e.g., an access card), or through biometric characteristics (e.g., iris structure, fingerprints, or similar). The basis for(...) Read More
AuthenticityAuthenticity means genuineness. The word refers to the quality of a person to be authentic. Authentic things or objects are also considered genuine or original. The authenticity of a message means that it can be attributed to a specific person without any doubt. Read More
AuthorizationAuthorization means that someone is granted the right to do something or to receive something. In companies, for example, the administrator authorizes certain users to gain access to systems. As a rule, users must first authenticate themselves. Read More
Avalanche effectThe Avalanche Effect refers to the fact that for a good cipher, changes in the plaintext affect the ciphertext. The algorithm produces a completely different output for a minimally changed input. For example, the SHA-2 checksum algorithm or the AES encryption algorithm show a strong avalanche(...) Read More
BiometricsBiometrics refers - simply put - to the measurement of human characteristics. Biometric procedures are used to identify or verify persons. Biometric procedures are, for example, fingerprint or face recognition. How secure and reliable biometric procedures are depends, among other things, on(...) Read More
Block cipherBlock cipher is an encryption method type in which plaintext is processed in data blocks. The data blocks are encrypted and decrypted independently of each other. Examples of block ciphers are the algorithms AES [please link to glossary term], Blowfish, CAST, IDEA, MARS, Rijndael, RC5, RC6,(...) Read More
BobIn cryptography, Bob "denotes" the receiver in a system. Where Alice is, Bob is not far away.
Read More
Brute Force AttackIn a brute force attack, criminals try to figure out passwords or keys by automated, random trial and error of different strings of letters or characters. Long keys, complex passwords, and limiting the number of failed attempts provide protection against brute force. Read More
BSIThe Federal Office for Information Security (BSI) was founded on January 1, 1991. It is the German government's cyber security authority and is part of the portfolio of the Federal Ministry of the Interior, for Building and the Home Affairs (BMI). Its mission is to make Germany more digitally(...) Read More
Caesar cipherThe Caesar cipher goes back to the Roman general Julius Caesar. Each letter of the alphabet is "shifted" by a fixed amount. The shift by 3 letters would be: A -> D, B -> E, ..., Y -> B, Z -> C. Read More
Card readerCard readers are devices used for communication with smart cards. Despite the name "card reader", most of the time card readers can also be used for writing on cards. Read More
CertificateA digital certificate is a data record that confirms certain properties of persons or objects and whose authenticity can be verified by encryption methods. The most common format for certificates is x.509. A certificate is digitally signed by a trusted authority (certification authority). This(...) Read More
Certification Authority (CA)The CA is a trusted entity with the task of authenticating cryptographic keys (see Certificate). It is an important component of a PKI. More precisely, a certification authority (CA) issues certificates. It confirms the correctness of the data contained in the certificate by means of its(...) Read More
The term cipher comes from the Arabic word "sifr" and means "empty" or "zero". Originally, the cipher was used for zero from the 13th century. Since the 18th century, the cipher stands for a sign of a secret writing. Therefore, one also speaks of ciphering or deciphering. Read More
Code systemIn cryptology, a code system, as opposed to a cryptosystem, is a system for substituting whole messages, parts of messages, words, or syllables of one language with words or character strings of another, often artificial, language. Meaning codes operate on semantic language units. A(...) Read More
Data Encryption Standard (DES)The Data Encryption Standard (DES) is a widely used symmetric encryption algorithm. It was developed by IBM in the early 1970s and standardized by the U.S. standards organization NIST (National Institute of Standards and Technology) in 1977. Today, DES is not considered sufficiently secure for(...) Read More
Denial of Service Attack (DoS)In a denial of service attack, an Internet service is deliberately flooded with targeted requests. The server can no longer process the many requests and fails due to overload. If the requests are made by a large number of computers, this is known as a distributed denial of service attack(...) Read More
Derived IdentityIn an analog world, people prove their identity with a sovereign document such as an ID card. To make this convenient in the digital world as well, experts are currently working on concepts for deriving the sovereign identity to the smartphone, for example. Whenever the user then has to prove(...) Read More
Directory serviceIn public key cryptography, a directory is required in which certificates and certificate revocation lists (CRL) can be published. The directory service is part of a public key infrastructure (PKI). Read More
ECCECC stands for "Elliptic Curve Cryptography" and is a public key method based on the calculation of elliptic curves. It is used to create small and efficient encryption keys more quickly. ECC computes keys using operations based on elliptic curves instead of the very large prime numbers(...) Read More
eIDeID is the abbreviation of "electronic Identity". It is also referred to as "digital identity". An eID is the digital proxy of an analog person, object or process in the virtual world. Read More
EncryptionData that you want to protect from access by third parties can be converted into unreadable character strings using cryptographic encryption methods (see also cipher, decryption). Read More
EntropyThe entropy of a password is the number of yes/no questions an attacker has to ask one after the other to first narrow down and finally guess a password he wants to guess ("hack"). Since the attacker usually does not get a direct answer to each of these yes/no questions, he has to combine the(...) Read More
FactorizationFactorization means the decomposition of numbers into prime factors. It forms the basis of modern cryptography systems, such as the RSA method. Multiplying two numbers together can be done quickly. Reversing this action - i.e., finding the factors out of the multiplied number - is extremely(...) Read More
Hackers attempt to penetrate computer systems and access their data. Hackers in the classic sense want to draw attention to security gaps through their work. However, there are also hackers who act criminally and misuse the captured data. Read More
Hash functionThe term "hash function" originates from the English verb to hash and means "to chop up". Hash functions reduce characters of any length (e.g. a password with five letters or a password with 7 letters) to characters with a fixed length (e.g. always three numbers. This reduces them to a small,(...) Read More
Identity TheftIdentity theft means that unauthorized persons have stolen a person's personal data without permission. As this happens, Internet criminals "phish" such data and use it to drain a bank account or order goods at the expense of the person affected. Other common terms are identity fraud and(...) Read More
KerberosKerberos is the name of an authentication service and is also called a network authentication protocol. It is intended for open and inherently insecure computer networks, such as the Internet. It is intended to uniformly authenticate the unsecured networks on secure host computers. This(...) Read More
Key EscrowThis refers to so-called key escrow, i.e. the possibility for a higher-level entity to obtain a user's private key. This is generally not desired in the private sphere, but is useful for the internal use of cryptography within a company. Read More
Key ManagementKey management includes all the administrative functions used to generate, distribute, store, destroy, and update keys. Read More
Knapsack-ProblemThe so-called knapsack problem was one of the first problems used for public key methods. The description is simple: Given a backpack that can carry a certain weight and a large number of objects with different masses. The problem is to choose what to put in the backpack to fill it optimally.(...) Read More
Lattice-based cryptographyA lattice is defined in mathematics in a similar way as in everyday life: In the simplest case, it is understood to be a construct of parallel straight lines ("lattice bars") equally spaced and running in two different directions. However, as is common in mathematics, a lattice can also be(...) Read More
Linear cryptanalysisThe term refers to the attack method on a cipher and belongs to the class of so-called known-plaintext attacks. One tries to discover and exploit simple ("linear") dependencies between the bits of the plaintext and the ciphertext in order to obtain information about the key. Read More
MiddlewareMiddleware is - generally speaking - a component that stands between two other components and mediates between them. In cryptography, middleware usually refers to a component that stands between an application program (for example, email encryption software) and a crypto module (for example, a(...) Read More
NISTThe National Institute for Standards and Technology - formerly NBS (National Bureau of Standards) - is a division of the U.S. Department of Commerce that among other things sets cryptographic standards (http://www.nist.gov). Read More
OCSPOCSP (Online Certificate Status Protocol) is a protocol that can be used to check online whether a certificate received is valid. It allows a user to query the validity in real time via so-called OCSP responders. Read More
PassphraseThis means a long and preferably memorable string of characters, such as sentences with punctuation. The passphrase is intended to replace passwords because it is easier to remember and offers more security. Read More
PasswordA password is a secret string of characters used for access or access control. The password should be known only to its user. Typically, a password is not too short to be certain that an attacker cannot guess it by trial and error. To make guessing a password costly, it should have as much(...) Read More
PKIPKI (Public Key Infrastructure) is the term used to describe the components and processes required to use digital certificates. A PKI includes a certification authority that issues the certificates. Other typical PKI components are a registration office, which can be used to apply for a(...) Read More
Post-quantum cryptographyPost-quantum cryptography includes those asymmetric cryptographic methods that cannot be broken by a quantum computer. Almost all asymmetric methods currently used in practice - especially RSA and Diffie-Hellman - do not belong to post-quantum cryptography, as they are quite vulnerable to a(...) Read More
Private KeyThis is the secret key, known only to the recipient of a message, used in asymmetric ciphers to decrypt or create digital signatures. Read More
Quantum computerA quantum computer uses the effects of quantum mechanics and therefore works differently than conventional computers. While such a device can only perform certain computational operations, it can do so very quickly. In particular, a quantum computer can break all common asymmetric encryption(...) Read More
Strong cryptographyStrong cryptographic methods withstand attacks with decryption attempts. The effort required to decrypt a message would be too high (at least in the foreseeable future) with the computers currently available (see also: weak cryptography). Cryptographic methods are subject to a certain "aging(...) Read More
Symmetric cipherThe term describes an encryption method in which the same key is used for encryption and decryption or in which these two keys can be easily derived from each other. A distinction is made between block ciphers, which process the plaintext in blocks of fixed length (usually 64 or 128 bits), and(...) Read More
Trapdoor functionAsymmetric encryption is about choosing a function that is very easy to calculate, but whose inverse is very costly. The discrete logarithm is such a one-way function. However, there are functions for which the inversion can be abbreviated with additional information. In such a case one speaks(...) Read More
Electronic cash register systems in Germany must be equipped with tamper protection, the so-called technical security device (TSE). The basis for this is the "Verordnung zur Bestimmung der technischen Anforderungen an elektronische Aufzeichnungs- und Sicherungssysteme im Geschäftsverkehr" - in(...) Read More
USB tokenUSB token refers to a small device with a USB port, often in the form of a keychain. It is used for authentication. USB tokens can perform similar cryptographic functions to a smart card, for example. The advantage is that no reader is required. USB tokens generate a unique number combination(...) Read More
VPNVPN is short for Virtual Private Network (VPN). The term describes a network that connects its nodes via public networks (e.g. the Internet). By using cryptographic procedures, all communication can be carried out confidentially (hence virtual private). Read More
Weak cryptographyThe quality of a cryptographic procedure depends on the effort a potential attacker would have to expend to "crack" a message without knowing the key. The effort consists of the required computing time (i.e., number of computing operations) and the required memory. Weak cryptographic methods(...) Read More
X.509X.509 describes a standard for the structure and encoding of certificates, CRLs and authentication services. X.509 is the most frequently used standard for certificate structures worldwide. Read More
We use cookies on our website. Some of them are functional, while others help us to evaluate page usage and thus improve our online offer. You can find out more in our privacy policy. Cookie SettingsAgreePrivacy Policy
Cookie Settings
Privacy Overview
This website uses cookies to improve your user experience while you are navigating the website. These cookies store the cookies categorized as required in your browser, since they are essential for the functioning of the basic functions of the website. We also use cookies from statistical tools, with which we can analyze and understand how you use this website. These cookies are only saved in your browser with your consent. You also have the option of deactivating these cookies. However, disabling some of these cookies can affect your browsing experience.
Necessary cookies are essential for the proper functioning of the website. This category only contains cookies that guarantee basic functions and security features of the website. These cookies do not store personal information. The necessary cookies also include the Polylang cookie, which is used to remember the language that the user selected when visiting the website again.
