- List of cryptographic key types
This glossary lists types of keys as the term is used in
cryptography, as opposed to door locks. Terms that are primarily used by the U.S. National Security Agencyare marked "(NSA)". For classification of keys according to their usage see cryptographic key types.
* 40-bit key - key with a length of 40 bits, once the upper limit of what could be exported from the U.S. and other countries without a license. Considered very insecure. "See"
key sizefor a discussion of this and other lengths.
* authentication key - Key used in a keyed-hash message authentication code, or
* benign key - (NSA) a key that has been protected by encryption or other means so that it can be distributed without fear of its being stolen. Also called BLACK key.
* cryptovariable - NSA calls the output of a
stream ciphera key or key stream. It often uses the term cryptovariable for the bits that control the stream cipher, what the public cryptographic community calls a key.
* derived key - keys computed by applying a predetermined
hash algorithmor key derivation functionto a passwordor, better, a passphrase.
* electronic key - (NSA) key that is distributed in electronic (as opposed to paper) form. "See"
* ephemeral key - A key that only exists within the lifetime of a communication session.
* expired key - Key that was issued for a use in a limited time frame (
cryptoperiodin NSA parlance) which has passed and, hence, the key is no longer valid.
* key encryption key (KEK) - key used to protect other keys (e.g. "TEK, TSK)."
* key fill - (NSA) loading keys into a cryptographic device. "See"
* FIREFLY key - (NSA) keys used in an NSA system based on
public key cryptography.
* master key - key from which all other keys (or a large group of keys) can be derived. Also a physical key that can open all the doors in a building.
* one-time pad - keying material that is as long as the
plaintextand only used once. "See" one-time padarticle.
* paper key - (NSA) keys that are distributed in paper form, such as printed lists of settings for
rotor machines, or keys in punch cardor paper tapeformats. Paper key is easily copied. "See" Walker spy ring, "RED key".
* poem key - Keys used by OSS agents in
World War IIin the form of a poem that was easy to remember. See Leo Marks.
* Public/private key - in
public key cryptography, separate keys are used to encrypt and decrypt a message. The encryption key (public key) need not be kept secret and can be published. The decryption or private key must be kept secret to maintain confidentiality. Public keys are often distributed in a signed public key certificate.
* pre-placed key - (NSA) large numbers of keys (perhaps a year's supply) that are loaded into an encryption device allowing frequent key change without refill.
* RED key - (NSA) symmetric key in a format that can be easily copied, e.g. "paper key" or unencrypted "electronic key". Opposite of "BLACK" or "benign key".
* revoked key - a public key that should no longer be used, typically because its owner is no longer in the role for which it was issued or because it may have been compromised. Such keys are placed on a
certificate revocation listor CRL.
session key- key used for one message or an entire communications session. See "traffic encryption key."
* symmetric key - a key that is used both to encrypt and decrypt a message. Symmetric keys are typically used with a cipher and must be kept secret to maintain confidentiality.
* traffic encryption key (TEK) - a symmetric key that is used to encrypt messages. TEKs are typically changed frequently, in some systems daily and in others for every message. See "session key".
* transmission security key (TSK) - (NSA) seed for a
pseudorandom number generatorthat is used to control a radio in frequency hoppingor direct-sequence spread spectrummodes. "See" SINCGARS, electronic warfare.
* seed key - (NSA) a key used to initialize a cryptographic device so it can accept operational keys using benign transfer techniques. Also a key used to initialize a
pseudorandom number generatorto generate other keys.
* signature key -
public key cryptographycan also be used to electronically sign messages. The private key is used to create the electronic signature, the public key is used to verify the signature. Separate public/private key pairs must be used for signing and encryption. The former is called signature keys.
* stream key - the output of a
stream cipheras opposed to the key (or "cryptovariable" in NSA parlance) that controls the cipher
* training key - (NSA) un
classifiedkey used for instruction and practice exercises.
* Type 1 key - (NSA) keys used to protect
classifiedinformation. "See" Type 1 product.
* Type 2 key - (NSA) keys used to protect sensitive but unclassified (SBU) information. "See"
Type 2 product.
* Vernam key - Type of key invented by
Gilbert Vernamin 1918. "See stream key".
* zeroized key - key that has been erased (see
Wikimedia Foundation. 2010.
Look at other dictionaries:
Glossary of cryptographic key types — This glossary lists types of keys as the term is used in cryptography, as opposed to door locks. Terms that are primarily used by the U.S. National Security Agency are marked (NSA). For classification of keys according to their usage see… … Wikipedia
List of DNS record types — This List of DNS record types provides an overview of types of resource records (database records) stored in the zone files of the Domain Name System (DNS). The DNS implements a distributed, hierarchical, and redundant database for information… … Wikipedia
Key management — is a term used to describe two different fields; (1) cryptography, and (2) physical key management (or electronic key management) within building or campus access control.In cryptography, key management includes all of the provisions made in a… … Wikipedia
Cryptographic hash function — A cryptographic hash function (specifically, SHA 1) at work. Note that even small changes in the source input (here in the word over ) drastically change the resulting output, by the so called avalanche effect. A cryptographic hash function is a… … Wikipedia
List of IBM products — The following is a list of notable products from the International Business Machines (IBM) Corporation and its predecessor corporations, beginning in the 1890s, and spanning punched card machinery, time clocks, and typewriters, via mainframe… … Wikipedia
List of distributed computing projects — A list of distributed computing projects. Berkeley Open Infrastructure for Network Computing (BOINC) The Berkeley Open Infrastructure for Network Computing (BOINC) platform is currently the most popular volunteer based distributed computing… … Wikipedia
Session key — A session key is a single use symmetric key used for encrypting all messages in one communication session. A closely related term is traffic encryption key or TEK, which refers to any key used to encrypt messages as opposed to different uses,… … Wikipedia
S/KEY — is a one time password system developed for authentication to Unix like operating systems, especially from dumb terminals or untrusted public computers on which one does not want to type a long term password. A user s real password is combined in … Wikipedia
Public key certificate — Diagram of an example usage of digital certificate In cryptography, a public key certificate (also known as a digital certificate or identity certificate) is an electronic document which uses a digital signature to bind a public key with an… … Wikipedia
Fill device — KY 57 voice encryptor. Note fill port in center. A fill device is an electronic module used to load cryptographic keys into electronic encryption machines. Fill devices are usually hand held and battery operated. Older mechanical encryption… … Wikipedia