Advanced Encryption Standard (AES): A symmetric-key encryption standard adopted by the U.S. government in 2002. The standard uses three, 128-bit, block ciphers with 128-, 192-, and 256-bit keys. Published by the U.S. National Institute of Standards and Technology (NIST): FIPS 197.
Certificate: A certificate provides evidence that a public key is authentic, genuine. A certificate is an electronic file that holds a public key, identifies the owner of the key, and provides a signature to assure that the key does indeed belong to the person identified. An X.509 certificate can hold just one identity and one signature. An OpenPGP certificate can identify the key owner in multiple ways (like a work address and a home address) and include multiple signatures, each one authenticating one or more of the identities.
Certificate Request: A message asking a certificate authority to create an X.509 certificate for a given public key and owner identity. Does not apply to OpenPGP certificates.
Cipher, Ciphertext: A cipher is a mathematical function that takes in a key and a body of plain text, then outputs encrypted ciphertext. The same algorithm processing the same plain text, but with different keys, yields different ciphertext.
Clear Text, Plain Text: Data that is not encrypted–whether it’s ASCII, EBCDIC, binary, or anything else.
Compression: The process of describing patterns in a body of data and so reproducing the same data in a smaller-size file–common practice because it eases storage and transmission. For encryption it has an added advantage: Compressing a file before encrypting it further disguises the patterns in the original data, making it harder to decrypt without the right keys and tools.
Data Encryption Standard (DES): A symmetric-key encryption standard adopted by the U.S. government in 1976. DES uses 56-bit key.
Hash: A hash, also called a checksum, provides a way to judge the integrity of data. A hash algorithm processes a body of data and generates a value unique to that data. A truncated, tampered with, or otherwise damaged body of data will no longer yield the same hash value. See the hash algorithms utilized by E-Business Server.
A hash value encrypted into a signature provides a way to test the integrity of the signed message.
A hash value for a certificate is its fingerprint. To evaluate the authenticity of a certificate, ask the owner to give you the fingerprint by some other route, then match it to the fingerprint of the certificate you have in hand.