PKCS#11
|
| Cryptographic Token Interface Standard |
PKCS#11 |
| AES | Advanced Encryption Standard, as defined in FIPS PUB 197. |
| API | Application programming interface. |
| ASN.1 | Abstract Syntax Notation One, as defined in X.680. |
| Application | Any computer program that calls the Cryptoki interface. |
| Attribute | A characteristic of an object. |
| BATON | MISSI's BATON block cipher. |
| BER | Basic Encoding Rules, as defined in X.690. |
| BLOWFISH | The Blowfish Encryption Algorithm of Bruce Schneier, www.schneier.com. |
| CAMELLIA | The Camellia encryption algorithm, as defined in RFC 3713. |
| CAST | Entrust Technologies' proprietary symmetric block cipher. |
| CAST128 | Entrust Technologies' symmetric block cipher. |
| CAST3 | Entrust Technologies' proprietary symmetric block cipher. |
| CAST5 | Another name for Entrust Technologies' symmetric block cipher CAST128. CAST128 is the preferred name. |
| CBC | Cipher-Block Chaining mode, as defined in FIPS PUB 81. |
| CDMF | Commercial Data Masking Facility, a block encipherment method specified by International Business Machines Corporation and based on DES. |
| CMAC | Cipher-based Message Authenticate Code as defined in [NIST sp800-38b] and [RFC 4493]. |
| CMS | Cryptographic Message Syntax (see RFC 2630) |
| CT-KIP | Cryptographic Token Key Initialization Protocol (as defined in [CT-KIP]3) |
| Certificate | A signed message binding a subject name and a public key, or a subject name and a set of attributes. |
| Cryptographic Device | A device storing cryptographic information and possibly performing cryptographic functions. May be implemented as a smart card, smart disk, PCMCIA card, or with some other technology, including software-only. |
| Cryptoki | The Cryptographic Token Interface defined in this standard. |
| Cryptoki library | A library that implements the functions specified in this standard. |
| DER | Distinguished Encoding Rules, as defined in X.690. |
| DES | Data Encryption Standard, as defined in FIPS PUB 46-3. |
| DES | Data Encryption Standard, as defined in FIPS PUB 46-3. |
| DSA | Digital Signature Algorithm, as defined in FIPS PUB 186-2. |
| EC | Elliptic Curve |
| ECB | Electronic Codebook mode, as defined in FIPS PUB 81. |
| ECDH | Elliptic Curve Diffie-Hellman. |
| ECDSA | Elliptic Curve DSA, as in ANSI X9.62. |
| ECMQV | Elliptic Curve Menezes-Qu-Vanstone |
| FASTHASH | MISSI's FASTHASH message-digesting algorithm. |
| GOST 28147-89 | The encryption algorithm, as defined in Part 2 [GOST 28147-89] and [RFC 4357] [RFC 4490], and RFC [4491]. |
| GOST R 34.10-2001 | The digital signature algorithm, as defined in [GOST R 34.10-2001] and [RFC 4357], [RFC 4490], and [RFC 4491]. |
| GOST R 34.11-94 | Hash algorithm, as defined in [GOST R 34.11-94] and [RFC 4357], [RFC 4490], and [RFC 4491]. |
| IDEA | Ascom Systec's symmetric block cipher. |
| IV | Initialization Vector. |
| JUNIPER | MISSI's JUNIPER block cipher. |
| KEA | MISSI's Key Exchange Algorithm. |
| LYNKS | A smart card manufactured by SPYRUS. |
| MAC | Message Authentication Code. |
| MD2 | RSA Security's MD2 message-digest algorithm, as defined in RFC 1319. |
| MD5 | RSA Security's MD5 message-digest algorithm, as defined in RFC 1321. |
| MQV | Menezes-Qu-Vanstone |
| Mechanism | A process for implementing a cryptographic operation. |
| OAEP | Optimal Asymmetric Encryption Padding for RSA. |
| Object | An item that is stored on a token. May be data, a certificate, or a key. |
| PIN | Personal Identification Number. |
| PKCS | Public-Key Cryptography Standards. |
| PRF | Pseudo random function. |
| PTD | Personal Trusted Device, as defined in MeT-PTD |
| RC2 | RSA Security's RC2 symmetric block cipher. |
| RC4 | RSA Security's proprietary RC4 symmetric stream cipher. |
| RC5 | RSA Security's RC5 symmetric block cipher. |
| RSA | The RSA public-key cryptosystem. |
| Reader | The means by which information is exchanged with a device. |
| SET | The Secure Electronic Transaction protocol. |
| SHA-1 | The (revised) Secure Hash Algorithm with a 160-bit message digest, as defined in FIPS PUB 180-2. |
| SHA-224 | The Secure Hash Algorithm with a 224-bit message digest, as defined in RFC 3874. Also defined in FIPS PUB 180-2 with Change Notice 1. |
| SHA-256 | The Secure Hash Algorithm with a 256-bit message digest, as defined in FIPS PUB 180-2. |
| SHA-384 | The Secure Hash Algorithm with a 384-bit message digest, as defined in FIPS PUB 180-2. |
| SHA-512 | The Secure Hash Algorithm with a 512-bit message digest, as defined in FIPS PUB 180-2. |
| SKIPJACK | MISSI's SKIPJACK block cipher. |
| SO | A Security Officer user. |
| SSL | The Secure Sockets Layer 3.0 protocol. |
| Session | A logical connection between an application and a token. |
| Slot | A logical reader that potentially contains a token. |
| Subject Name | The X.500 distinguished name of the entity to which a key is assigned. |
| TLS | Transport Layer Security. |
| Token | The logical view of a cryptographic device defined by Cryptoki. |
| UTF-8 | Universal Character Set (UCS) transformation format (UTF) that represents ISO 10646 and UNICODE strings with a variable number of octets. |
| User | The person using an application that interfaces to Cryptoki. |
| WIM | Wireless Identification Module. |
| WTLS | Wireless Transport Layer Security. |