All >
Technology >
Security - A widely used authentication protocol developed at the Massachusetts Institute of Technology (MIT). In classic Kerberos, users share a secret password with a Key Distribution Center (KDC). The user, Alice, who wishes to communicate with another user, Bob, authenticates to the KDC and is furnished a ticket by the KDC to use to authenticate with Bob. When Kerberos authentication is based on passwords, the protocol is known to be vulnerable to off-line dictionary attacks by eavesdroppers who capture the initial user-to-KDC exchange.
NIST - Cite This Source - This Definition - Browse Related Terms: Authentication protocol, Challenge-Response Protocol, Dynamic Host Configuration Protocol (DHCP), Proof of Possession Protocol (PoP Protocol), Protocol Data Unit, Protocol Run, Secure Communication Protocol, Shared Secret, Transport Layer Security (TLS), Tunneled Password Protocol
Also listed in
All >
Technology >
Security - A value used to control cryptographic operations, such as decryption, encryption, signature generation or signature verification.
NIST - Cite This Source - This Definition - Browse Related Terms: Asymmetric Keys, Cryptographic Key, Cryptography, Key Pair, private key, Public (Asymmetric) Key Encryption, public key, Public Key (Asymmetric) Cryptographic Algorithm
Also listed in
All >
Technology >
Security - The three cryptographic keys (Key1, Key2, Key3) that are used with a Triple Data Encryption Algorithm mode.
NIST - Cite This Source - This Definition - Browse Related Terms: Cryptology, Data Encryption Algorithm (DEA), Data Encryption Standard (DES), Encrypted Key, Encrypted Network, encryption, End to End Encryption, Escrow, Initialization Vector (IV), Link Encryption, Payload, Rijndael, Triple DES
Also listed in
All >
Technology >
Security - The processes of managing (e.g., generating, storing, transferring, auditing) the two components of a cryptographic key by two key component holders.
NIST - Cite This Source - This Definition - A deposit of the private key of a subscriber and other pertinent information pursuant to an escrow agreement or similar contract binding upon the subscriber, the terms of which require one or more agents to hold the subscriber's private key for the benefit of the subscriber, an employer, or other party, upon provisions set forth in the agreement.
NIST - Cite This Source - This Definition - Browse Related Terms: Electronic Evidence, Electronic Key Entry, Key Escrow System, Key Management, Technical non-repudiation, Zeroization
Also listed in
All >
Technology >
Security - The process by which cryptographic keys are securely distributed among cryptographic modules using manual transport methods (e.g., key loaders), automated methods (e.g., key transport and/or key agreement protocols), or a combination of automated and manual methods (consists of key transport plus key agreement).
NIST - Cite This Source - This Definition - Browse Related Terms: Automated Key Transport, Ephemeral Keys, IP Security (IPsec), Key Exchange, Key Loader, Key Transport, Manual Key Transport, Plaintext Key, Secure Socket Layer and Transport Layer Security (SSL and TSL), Static Keys
Also listed in
All >
Technology >
Security - Random numbers, pseudo-random numbers, and cryptographic parameters used in generating cryptographic keys.
NIST - Cite This Source - This Definition - Browse Related Terms: Automated Password Generator, FIPS Approved Security Method, Nonce, Pseudorandom number generator (PRNG), Public Seed, Random Number Generator (RNG), SALT, Secret Seed, User Initialization
All >
Technology >
Security - A self-contained unit that is capable of storing at least one plaintext or encrypted cryptographic key or key component that can be transferred, upon request, into a cryptographic module.
NIST - Cite This Source - This Definition - Browse Related Terms: Automated Key Transport, Ephemeral Keys, IP Security (IPsec), Key Establishment, Key Exchange, Key Transport, Manual Key Transport, Plaintext Key, Secure Socket Layer and Transport Layer Security (SSL and TSL), Static Keys
Also listed in
All >
Technology >
Security - The activities involving the handling of cryptographic keys and other related security parameters (e.g., IVs and passwords) during the entire life cycle of the keys, including their generation, storage, establishment, entry and output, and zeroization.
NIST - Cite This Source - This Definition - Browse Related Terms: Electronic Evidence, Electronic Key Entry, Key Escrow, Key Escrow System, Technical non-repudiation, Zeroization
Also listed in
All >
Technology >
Security >
Biometrics - A biometric modality that uses the cadence of an individual's typing pattern for recognition.
NSTC Subcommittee on Biometrics - Cite This Source - This Definition - Browse Related Terms: Face Recognition, Hand Geometry Recognition, Infrared, Iris Recognition, IrisCode©, Modality, Palm Print Recognition, Recognition, Speaker Recognition, Speech Recognition, Voice Recognition