Skip to content
SynAc
Discovery

Recently updated

Published entries ordered by most recent updates.

  1. initialization valueJan 06, 2026

    An input parameter that sets the starting state of a cryptographic algorithm or mode. (Compare: activation data.)

  2. DISNJan 06, 2026

    See: Defense Information Systems Network (DISN).

  3. Morris WormJan 06, 2026

    A worm program that flooded the ARPANET in November 1988, causing problems for thousands of hosts. [R1135] (See: community risk, worm)

  4. OCSPJan 06, 2026

    See: Online Certificate Status Protocol.

  5. fingerprintJan 06, 2026

    A pattern of curves formed by the ridges on a fingertip. (See: biometric authentication. Compare: thumbprint.)

  6. anonymous loginJan 06, 2026

    An access control feature (actually, an access control vulnerability) in many Internet hosts that enables users to gain access to general purpose or public services and resources of a host (such as allowing any user to transfer data using FTP) without having a pre established, identity specific account (i.e., user name and password). (See: anonymity.)

  7. CMSJan 06, 2026

    See: Cryptographic Message Syntax.

  8. key distributionJan 06, 2026

    A process that delivers a cryptographic key from the location where it is generated to the locations where it is used in a cryptographic algorithm. (See: key establishment, key management.)

  9. challenge-responseJan 06, 2026

    An authentication process that verifies an identity by requiring correct authentication information to be provided in response to a challenge. In a computer system, the authentication information is usually a value that is required to be computed in response to an unpredictable challenge value, but it might be just a password.

  10. National Security AgencyJan 06, 2026

    A U.S. DoD organization that has primary U.S. Government responsibility for INFOSEC standards for classified information and for sensitive unclassified information handled by national security systems. (See: FORTEZZA, KEA, MISSI, national security system, NIAP, NIST, SKIPJACK.)

  11. emanations analysisJan 06, 2026

    See: secondary definition under "interception".

  12. Internet ProtocolJan 06, 2026

    An Internet Standard, Internet Layer protocol that moves datagrams (discrete sets of bits) from one computer to another across an internetwork but does not provide reliable delivery, flow control, sequencing, or other end to end services that TCP provides. IP version 4 (IPv4) is specified in RFC 791, and IP version 6 (IPv6) is specified in RFC 2460. (See: IP address, TCP/IP.)

  13. IANAJan 06, 2026

    See: Internet Assigned Numbers Authority.

  14. misappropriationJan 06, 2026

    A type of threat action whereby an entity assumes unauthorized logical or physical control of a system resource. (See: usurpation.)

  15. activation dataJan 06, 2026

    A pass phrase, personal identification number (PIN), biometric data, or other mechanisms of equivalent authentication robustness used to protect access to any use of a private key, except for private keys associated with System or Device certificates.

  16. notarizationJan 06, 2026

    Registration of data under the authority or in the care of a trusted third party, thus making it possible to provide subsequent assurance of the accuracy of characteristics claimed for the data, such as content, origin, time of existence, and delivery. [I7498 2] (See: digital notary.)

  17. ITSECJan 06, 2026

    See: Information Technology System Evaluation Criteria.

  18. computer emergency response teamJan 06, 2026

    An organization that studies computer and network INFOSEC in order to provide incident response services to victims of attacks, publish alerts concerning vulnerabilities and threats, and offer other information to help improve computer and network security. (See: CSIRT, security incident.)

  19. indicatorJan 06, 2026

    An occurrence or sign that an incident may have occurred or may be in progress.

  20. APIJan 06, 2026

    See: application programming interface.

  21. CLEFJan 06, 2026

    See: commercially licensed evaluation facility.

  22. dual signatureJan 06, 2026

    A single digital signature that protects two separate messages by including the hash results for both sets in a single encrypted value. [SET2]

  23. 3DESJan 06, 2026

    See: Triple Data Encryption Algorithm.

  24. indistinguishabilityJan 06, 2026

    An attribute of an encryption algorithm that is a formalization of the notion that the encryption of some string is indistinguishable from the encryption of an equal length string of nonsense. (Compare: semantic security.)

  25. electronic codebookJan 06, 2026

    A block cipher mode in which a plaintext block is used directly as input to the encryption algorithm and the resultant output block is used directly as cipher text [FP081]. (See: block cipher, [SP38A].)

  26. DESJan 06, 2026

    See: Data Encryption Standard.

  27. cryptographic boundaryJan 06, 2026

    See: secondary definition under "cryptographic module".

  28. initialization vectorJan 06, 2026

    Synonym for "initialization value".

  29. emergency responseJan 06, 2026

    An urgent response to a fire, flood, civil commotion, natural disaster, bomb threat, or other serious situation, with the intent of protecting lives, limiting damage to property, and minimizing disruption of system operations. [FP087] (See: availability, CERT, emergency plan.)

  30. dangling vulnerabilityJan 06, 2026

    A vulnerability of a system for which there is no corresponding threat and, therefore, no implied risk.

  31. legal non-repudiationJan 06, 2026

    See: secondary definition under "non repudiation".

  32. IKEJan 06, 2026

    See: IPsec Key Exchange.

  33. capability listJan 06, 2026

    A mechanism that implements access control for a system entity by enumerating the system resources that the entity is permitted to access and, either implicitly or explicitly, the access modes granted for each resource. (Compare:

  34. EDIFACTJan 06, 2026

    See: secondary definition under "electronic data interchange".

  35. networkJan 06, 2026

    An information system comprised of a collection of interconnected nodes. (See: computer network.)

  36. attribute certificateJan 06, 2026

    A digital certificate that binds a set of descriptive data items, other than a public key, either directly to a subject name or to the identifier of another certificate that is a public key certificate. (See: capability token.)

  37. DEKJan 06, 2026

    See: data encryption key.

  38. anti-jamJan 06, 2026

    "Measures ensuring that transmitted information can be received despite deliberate jamming attempts." [C4009] (See: electronic security, frequency hopping, jam, spread spectrum.)

  39. CCITTJan 06, 2026

    Acronym for French translation of International Telephone and Telegraph Consultative Committee. Now renamed ITU T.

  40. non-repudiation with proof of originJan 06, 2026

    A security service that provides the recipient of data with evidence that proves the origin of the data, and thus protects the recipient against an attempt by the originator to falsely deny sending the data. (See: non repudiation service.)

  41. COMSECJan 06, 2026

    See: communication security.

  42. loginJan 06, 2026

    An act by which a system entity establishes a session in which the entity can use system resources. (See: principal, session.)

  43. hardenJan 06, 2026

    To protect a system by configuring it to operate in a way that eliminates or mitigates known vulnerabilities. Example: [RSCG]. (See: default account.)

  44. data integrityJan 06, 2026

    The property that data is complete, intact, and trusted and has not been modified or destroyed in an unauthorized or accidental manner.

  45. MANJan 06, 2026

    metropolitan area network.

  46. entrapmentJan 06, 2026

    "The deliberate planting of apparent flaws in a system for the purpose of detecting attempted penetrations or confusing an intruder about which flaws to exploit." [FP039] (See: honey pot.)

  47. cryptographic application programming interfaceJan 06, 2026

    The source code formats and procedures through which an application program accesses cryptographic services, which are defined abstractly compared to their actual implementation. Example, see: PKCS 11, [R2628].

  48. bulk keyJan 06, 2026

    In a few published descriptions of hybrid encryption for SSH, Windows 2000, and other applications, this term refers to a symmetric key that (a) is used to encrypt a relatively large amount of data and (b) is itself encrypted with a public key. (Compare: bulk keying material, session key.)

  49. KhufuJan 06, 2026

    A patented, symmetric block cipher designed by Ralph C. Merkle as a plug in replacement for DES. [Schn]

  50. effective key lengthJan 06, 2026

    "A measure of strength of a cryptographic algorithm, regardless of actual key length." [IATF] (See: work factor.)