Terminology
-
Data content type*
A base content type defined by PKCS #7. Data content is simply an octet (byte) string.
*http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secgloss/security/security_glossary.asp -
Data Encryption Standard
(DES) A block cipher that encrypts data in 64-bit blocks. DES is a symmetric algorithm that uses the same algorithm and key for encryption and decryption.
Developed in the early 1970s, DES is also known as the DEA (Data Encryption Algorithm) by ANSI and the DEA-1 by ISO. -
Datagram
A communication channel that uses information routed through a packet-switching network. This information includes separate packets of information and the delivery information associated with those packets, such as the destination address. In a packet-switching network, data packets are routed independently of one another and may follow different routes. They may also arrive in a different order from the one in which they were sent.
-
Decoding
The process of translating an encoded object (such as a certificate) or data back to its original format.
In general terms, data is decoded by the Encoding/Decoding layer of the communication protocol. Certificates are decoded by a call to the CryptDecodeObject function. -
Decoding
The process of translating an encoded object (such as a certificate) or data back to its original format.
In general terms, data is decoded by the Encoding/Decoding layer of the communication protocol. Certificates are decoded by a call to the CryptDecodeObject function. -
Decryption
The process of converting ciphertext to plaintext. Decryption is the opposite of encryption.
-
Default mode
Default settings, such as the block encryption cipher mode or the block encryption padding method.
-
Derived key
A cryptographic key created by a call to the CryptDeriveKey function. A derived key can be created from a password, or any other user data. Derived keys allow applications to create session keys as needed, eliminating the need to store a particular key.
-
DH_KEYX
The CryptoAPI algorithm name for the Diffie-Hellman key-exchange algorithm.
-
Dialer*
A dialing software used to make calls or access services through a modem or Internet connection. It may cause unexpected toll calls to be made and charged to the user or may allow access to desired services.
*Anti-Spyware Coalition Definitions and Supporting Documents -
Diffie-Hellman (ephemeral) key-exchange algorithm
A Diffie-Hellman algorithm where the exchange key value is purged from the CSP when the key handle is destroyed.
-
Diffie-Hellman (store and forward) key-exchange algorithm
A Diffie-Hellman algorithm where the exchange key values are retained (in the CSP) after the key handle has been destroyed.
-
Diffie-Hellman algorithm
(DH) A public key algorithm used for secure key exchange. Diffie-Hellman cannot be used for data encryption. This algorithm is specified as the key exchange algorithm for PROV_DSS_DH provider types.
-
Digested data
A data content type defined by PKCS #7 that consists of any type of data plus a message hash (digest) of the content.
-
Digital envelope
Private messages encrypted using the recipient`s public key. Enveloped messages can only be decrypted by using the recipient`s private key, allowing only the recipient to understand the message.
-
Digital signature
Data that binds a sender`s identity to the information being sent. A digital signature may be bundled with any message, file, or other digitally encoded information, or transmitted separately. Digital signatures are used in public key environments and provide authentication and integrity services.
-
Digital Signature Algorithm
(DSA) A public key algorithm specified by Digital Signature Standard (DSS). DSA is only used to generate digital signatures. It cannot be used for data encryption.
-
Digital Signature Standard
(DSS) A standard that specifies the Digital Signature Algorithm (DSA) for its signature algorithm and SHA-1 as its message hash algorithm. DSA is a public key cipher that is only used to generate digital signatures and cannot be used for data encryption. DSS is specified by PROV_DSS, PROV_DSS_DH, and PROV_FORTEZZA provider types.
-
Discretionary access control list
(DACL) An access control list that is controlled by the owner of an object and that specifies the access particular users or groups can have to the object.
-
Distinguished Encoding Rules
(DER) A set of rules for encoding ASN.1 defined data as a stream of bits for external storage or transmission. Every ASN.1 object has exactly one corresponding DER encoding. DER is defined in CCITT Recommendation X.509, Section 8.7. This is one of two encoding methods currently used by CryptoAPI.
-
Dynamic-link library
(DLL) A file that contains executable routines that can be called from other applications.