For many of these articles, I am the main or only writer to date.
General crypto & security
- Block cipher: A symmetric cipher that operates on fixed-size blocks of plaintext, giving a block of ciphertext for each
- Stream cipher: A cipher that encrypts data by mixing it with the output of a pseudorandom number generator controlled by a key; to decrypt, run the same generator with the same key to get the same pseudorandom data, then reverse the mixing step.
- Kerckhoffs' Principle: The principle, formulated by Auguste Kerckhoffs, that security in a cipher should not depend on keeping the details of the cipher secret; it should depend only on keeping the key secret.
- Cypherpunk: People interested in cryptography as a tool for privacy, anonymity and social change.
- FreeSWAN: A Linux implementation of the IPsec protocols, intended to make wholesale monitoring of the Internet impossible.
- Hash (cryptography): An algorithm that produces a fixed-size digest from an input of essentially arbitrary size.
- AES competition: A competition run by the US National Institute of Standards and Technology to chose a block cipher to become the Advanced Encryption Standard.
- RSA algorithm: A widely used public key encryption algorithm whose strength depends on the difficulty of integer factorisation.
- Diffie-Hellman: A technique that allows two parties to safely establish a shared secret for use as a cryptographic key, even if someone is eavesdropping on their interaction. It requires that the parties have some means of authentication to be sure they are talking to the right person.
- Digital signature: A technique based on public key cryptography to allow people to "sign" documents using their private keys.
- Hybrid cryptosystem: A system that combines public key with secret key methods; usually with a cryptographic hash for authentication as well.
- Alice and Bob: Traditional names for A and B, the two players, in discussion of cryptography or coding theory.
- Wired Equivalent Privacy: The original standard for encryption of wireless networks, fatally flawed.
- Wi-Fi Protected Access: WPA, the encryption used in later versions of IEEE 802.11 wireless networking.
- Challenge-response protocol: An authentication method involving a random challenge, different each time.
- Snake oil (cryptography): Describes the manufacture and sale of information security products which instill in the consumer a false sense of security, because in reality the product does not make the information any more secure
- Active attack: An attack on a communications system in which the attacker creates, alters, replaces, re-routes or blocks messages; this contrasts with a passive attack in which he only reads them.
- Passive attack: An attack on a communications system in which the attacker reads messages he is not supposed to but does not alter them.
- Brute force attack: An attempt to break a cipher by trying all possible keys; long enough keys make this impractical.
- Algebraic attack: Attacking a cipher by writing equations that describe its operation, then solving for the key.
- Code book attack: Attacking a block cipher by creating a code book, collecting plaintext/ciphertext pairs.
- Birthday attack: An attack on a cryptographic system that works by finding two identical outputs from the system.
- Meet-in-the-middle attack: An attack on a block cipher in which the attacker can calculate possible values of the same intermediate variable (the middle) in two independent ways, starting either from the input of the cipher (plaintext) or from the output ( ciphertext); he calculates some possible values each way and compares the results.
- Man-in-the-middle attack: An attack on a communications system in which the attacker deceives the communicating parties so they both talk to him while believing they are talking to each other.
- Dictionary attack: Attacking a password system by encrypting an entire dictionary and then checking if any stored passwords match
- Traffic analysis: Traffic analysis is a branch of signals intelligence, inferring useful information from messages without actually reading them.
Many of these are only stubs.
- CAST (cipher): A general procedure for constructing a family of block ciphers.
- Rivest ciphers: A set of symmetric-key encryption algorithms invented by Ron Rivest.
- International Data Encryption Algorithm: A block cipher designed by James Massey and Xuejia Lai in 1991, intended as a replacement for the Data Encryption Standard.
- Serpent (cipher): A block cipher which was a finalist in the Advanced Encryption Standard (AES) contest, designed by Ross Anderson, Eli Biham, and Lars Knudsen.
- Blowfish (cipher): A block cipher, designed in 1993 by Bruce Schneier and included in a large number of cipher suites and encryption products.
- MARS (cipher): A block cipher that was IBM's submission to the Advanced Encryption Standard process.
- Twofish (cipher): A bock cipher from Schneier and others that was a finalist in the AES competition.
- GOST cipher: A Soviet and Russian government standard symmetric key block cipher; also based on this block cipher is the GOST hash function.
- Skipjack (cipher): A block cipher developed by the U.S. National Security Agency (NSA); initially classified, it was originally intended for use in the controversial Clipper chip.
- LOKI (cipher): Block ciphers (LOKI89 and LOKI91) designed as possible replacements for the Data Encryption Standard (DES).
- SAFER (cipher): A family of block ciphers designed primarily by James Massey (one of the designers of IDEA) on behalf of Cylink Corporation.
- De-correlated Fast Cipher: A block cipher which was created in 1998 by a group of researchers from École Normale Supérieure, CNRS, and France Télécom, and submitted to the AES competition.
- Tiny Encryption Algorithm: A block cipher notable for its simplicity of description and implementation (typically a few lines of code), designed by David Wheeler and Roger Needham.
- Hasty Pudding (cipher): A variable-block-size block cipher designed by Richard Schroeppel, which has its input block size and key length variable, and an input parameter called the 'spice'.
- DEAL (cipher): A block cipher derived from the Data Encryption Standard (DES), from a design proposed in a report by Lars Knudsen in 1998.
- E2 (cipher): A block cipher which was created in 1998 by NTT and submitted to the AES competition.
- Camellia (cipher): A block cipher developed jointly by Mitsubishi and NTT in 2000, which has similar design elements to earlier block ciphers MISTY1 and E2.
- CRYPTON (cipher): A block cipher efficient in hardware implementations, designed by Chae Hoon Lim of Future Systems Inc.
- MAGENTA (cipher): A block cipher developed by Michael Jacobson Jr. and Klaus Huber for Deutsche Telekom.
- SEED (cipher): A block cipher developed by the Korean Information Security Agency, used broadly throughout South Korean industry, but seldom found elsewhere.
- FROG (cipher): A block cipher authored by Georgoudis, Leroux and Chaves, which can work with any block size between 8 and 128 bytes, and supports key sizes between 5 and 125 bytes.
- Triple DES: The common name for the Triple Data Encryption Algorithm (TDEA) block cipher, named because it applies the Data Encryption Standard (DES) cipher algorithm three times to each data block.
Others I have contributed substantially to:
- Cryptography: A field at the intersection of mathematics and computer science that is concerned with the security of information, typically the confidentiality, integrity and authenticity of some message.
- Cryptanalysis: The sub-field of cryptology which deals with breaking into existing codes and ciphers.
- Random number generator: A member of a sequence of which the successive values cannot be predicted, produced by measurement of physical phenomena, appropriate algorithms, or a combination of the two
- Politics of cryptography: Political and legal controversy over the use and export of cryptography
- Data Encryption Standard: A block cipher specification issued by the U.S. government in 1976, intended for sensitive but unclassified data. It is now obsolescent, succeeded by the Advanced Encryption Standard, but still used in commercial systems.
- Advanced Encryption Standard: A US government standard issued in 2002 for a stronger block cipher to succeed the earlier Data Encryption Standard.
- One-time pad: A cipher system in which the cryptographic key, i.e. the secret used to encrypt and decrypt messages, is a sequence of random values, each one of which is only ever used once, and only to encrypt one particular letter or word.
- IPsec: Internet Protocl security is a set of protocols for providing encryption and/or authentication services for Internet packets.
- Digital rights management: Legal and technical techniques used by media publishers in an attempt to control distribution and usage of distributed video, audio, ebooks, and similar electronic media.
- Denial of service: An attack on a computer or communications system that tries to prevent the system delivering its normal services to its users,
- Botnet: A set of compromised computers which can collectively provide services to a "bot herder".
- Steganography: The study of techniques for hiding a secret message within an apparently innocent message.