Glossary

AAA

Authentication, Authorisation and Accounting. Classification of common security goals and mechanisms.

ACK

Acknowledgement. Packet or frame type usually sent upon successful receipt of data.

ADSL

Asymmetric Digital Subscriber Line. Technology used on telephone lines to provide home Internet access.

AES

Advanced Encryption Standard. Symmetric key cipher. Recommended for use.

ARP

Address Resolution Protocol. Maps IP addresses to MAC addresses.

ANSI

American National Standards Institute. Standards organisation.

AP

Access Point. Device in wireless LAN that bridges wired and wireless segments.

ASCII

American Standard Code for Information Interchange. Format for mapping English characters to 7 bit values.

ASD

Australian Signals Directorate. Australian government agency responsible for signals intelligence and cyber security.

ATM

Asynchronous Transfer Mode. Wired technology used in core and access networks.

BGP

Border Gateway Protocol. Exterior routing protocol for exchanging information between autonomous systems.

BOOTP

Bootstrap Protocol. Used for automatically configuring computers upon boot. Replaced by DHCP.

BSD

Berkeley Software Distribution. The original open source variant of Unix, now a popular Linux alternative for servers.

BSSID

Basic Service Set Identifier. Unique to a wireless LAN AP; normally the AP MAC address.

CA

Certificate Authority. Entity for signing and issuing certificates in public key cryptographic systems.

CBC

Cipher Block Chaining. Mode of operation used to allow symmetric block ciphers to encrypt data larger than a block size.

CCA

Chosen Ciphertext Attack. Attack category where the attacker can select ciphertext values and learn the corresponding plaintext values.

CFB

Cipher Feedback mode. Mode of operation used to allow symmetric block ciphers to encrypt data larger than a block size

CIA

Confidentiality, Integrity and Availability. Three broad protections expected in many computer systems.

CLI

Command Line Interface. User interface to a computer that involves typing text based commands.

CPA

Chosen Plaintext Attack. Attack category where the attacker can select plaintext and obtain the corresponding ciphertext.

CPU

Central Processing Unit. The “brains” of a computer.

CSRF

Cross Site Request Forgery. Web application attack.

CS

Computer Science. Field of study.

CSS

Cascading Style Sheets. Defines formatting of content in HTML.

CTR

Counter mode. Mode of operation used to allow symmetric block ciphers to encrypt data larger than a block size

CTS

Clear To Send. Wireless LAN control from sent in response to RTS.

CVS

Concurrent Versions System. Version control software.

DES

Data Encryption Standard. Symmetric key cipher. Not recommended for use.

DDoS

Distributed Denial of Service. DoS attack coming from many computers.

DH

Diffie-Hellman. Public key cryptography algorithm, primarily for sharing secrets.

DHCP

Dynamic Host Configuration Protocol. Used for automatically configuring network interfaces of computers in a LAN.

DHKE

Diffie-Hellman Key Exchange. Public key cryptography algorithm, primarily for sharing secrets.

DNS

Domain Name System. Maps human friendly domain names to computer readable IP addresses.

DoS

Denial of Service. Attack on server or network the prevents normal users from access the service.

EC

Elliptic Curve. A mathematical curve used in ECC.

ECB

Electronic Code Book. Mode of operation used to allow symmetric block ciphers to encrypt data larger than a block size.

ECC

Elliptic Curve Cryptography. Public key cryptography approach performing operations on an elliptic curve.

ECDH

Elliptic Curve Diffie-Hellman. Diffie-Hellman key exchange algorithm using ECC.

ECDSA

Elliptic Curve Digital Signature Algorithm. Digital signature algorithm using ECC.

ECIES

Elliptic Curve Integrated Encryption Scheme. Combines ECDH for key exchange with symmetric key data encryption.

EC-KCDSA

Elliptic Curve Korean Certificated-based Digital Signature Algorithm. Digital signature algorithm using ECC.

ECMQV

Elliptic Curve Menezes–Qu–Vanstone. Key agreement scheme based on ECC.

EFF

Electronics Frontiers Foundation. Organisation that promotes rights and freedoms in technology.

ESSID

Extended Service Set Identifier. Name given to wireless LAN network; multiple APs may be in the same network.

FPGA

Field Programmable Gate Array. An integrated circuit that can be programmed by the end user (as opposed by the manufacturer).

FTP

File Transfer Protocol. Application layer protocol for transferring files between client and server. Uses TCP.

FSF

Free Software Foundation. Organisation that promotes the use of free (as in freedom), open source software.

GCHQ

Government Communications Headquarters. UK government signals intelligence agency.

GUI

Graphical User Interface. User interface to a computer that involves windows, mouse, buttons etc.

GNU

GNU’s Not Unix. A free operating system, using free, open source software. Often combined with Linux kernel to produce GNU/Linux.

HMAC

Hash-based MAC. Message authentication code function that uses existing hash algorithms. That is, converts hash functions into MAC functions.

HTML

HyperText Markup Language. Language for defining how content is displayed in a web browser.

HTTP

HyperText Transfer Protocol. Application layer protocol for transferring web pages from server to client. Uses TCP.

HTTPS

HTTP Secure. HTTP on top of SSL/TLS, to provide secure web browsing.

IACR

International Association for Cryptologic Research. Non-profit scientific organisation that publishes latest cryptology research in journals and conferences.

IANA

Internet Assigned Numbers Authority. Organisation that defines the use of Internet numbers such as ports and protocol numbers.

ICMP

Internet Control Message Protocol. Protocol for testing and diagnostics in the Internet. Used by ping.

IDE

Integrated Development Environment. Software application used for developing, testing and debugging software.

IEEE

Institute of Electrical and Electronic Engineers. Organisation that defines electrical, communications and computer standards, including for LANs and WLANs.

IETF

Internet Engineering Task Force. Organisation that defines standards for Internet technologies, including IP, TCP and HTTP.

IP

Internet Protocol. Network layer protocol used for internetworking. Core protocol of the Internet. Two versions: IPv4 and IPv6.

IPsec

Internet Protocol Security. Extensions to IP that include security mechanisms. Optional whan using IPv4.

ISAKMP

Internet Security Association and Key Protocol. Security protocol for key exchange.

ISP

Internet Service Provider. Organisation that provides Internet access to customers.

IT

Information Technology. Field of study.

IV

Initialisation Vector/Value. Value used to initialise cryptographic algorithms. Often chosen by user similar to a key.

KPA

Known Plaintext Attack. Attack category where the attacker knows pairs of plaintext/tciphertext.

LAN

Local Area Network. Network covering usually offices, homes and buildings. Layer 1 and 2 technology.

LCG

Linear Congruential Generator. Pseudo random number generator.

LTS

Long Term Support. Assigned to selected versions of software, such as Ubuntu operating system, to indicate that version will be supported for a long period than other versions.

MAC

Message Authentication Code or Medium Access Control

MDC

Modification Detection Code. The functionality provided by unkeyed hash functions in data authentication.

MD5

Message Digest 5 hash function. Cryptographic hash function that is still widely used, but no longer considered secure for many purposes.

MITM

Man-in-the-Middle. An attack where an attackerintercepts messages between two parties, masquerading as those two communicating parties.

NAT

Network Address Translation. Technique used in networks to convert private, internal IP addresses into public, external IP addresses.

NIC

Network Interface Card. Device in a computer that connects the computer to a network.

NIST

National Institute of Standards and Technology. US standards organisation that includes key standards and processes in security and cryptography.

NTP

Network Time Protocol. Protocol for clients to synchronise their clocks to more accurate time servers.

NSA

National Security Agency. US government agency responsible for signals intelligence and cryptography.

OFB

Output Feedback mode. Mode of operation used to allow symmetric block ciphers to encrypt data larger than a block size

OS

Operating System. Software that provides services for operating a computer, hiding computers details from applications.

OSI

Open Systems Interconnection. Standard for connecting different networks together. No longer widely used by the OSI 7 layer model still referred to.

OSPF

Open Shortest Path First. Internal routing protocol.

OTP

One-Time Pad. Unbreakable, but often impractical, cipher.

OWASP

Open Web Application Security Project. Project that keeps track of common attacks on web applications and provides advice on securing apps.

PAM

Pluggable Authentication Modules. Linux modules that allow application to use different authentication techniques.

PHP

PHP: Hypertext Preprocessor. Programming language primarily used to create dynamic web sites.

PHY

Physical Layer. Lowest layer in Internet and OSI layer architectures. Deals with transmitting bits as signals.

PRNG

Pseudo Random Number Generator. Algorithm for outputting random numbers. Not a true random number generator, but commonly used for convenience.

PSEC

Provably Secure Elliptic Curve Encryption. Data encryption using ECC.

PSK

Pre-Shared Key. Secret cryptographic key that two parties have exchanged in advance.

QKD

Quantum Key Distribution. A secret key sharing protocol based on quantum technology.

RAM

Random Access Memory. Short term, volatile storage area for computers.

RFC

Request For Comment. Type of standard used by IETF. The standards for IP, TCP and DNS are RFCs.

RIP

Routing Information Protocol. Internal routing protocol.

RSA

Rivest Shamir Adleman cipher. Public key cryptographic cipher used for confidentiality, authentication and digital signatures.

RTS

Request To Send. Type of WLAN frame.

RTT

Round Trip Time. Time for a message to travel from source to destination and then back to the source.

S-AES

Simplified Advanced Encryption Standard. An educational cipher that mimics AES but using smaller values that allow calculation by hand.

SCP

Secure Copy. Command and protocol for transferring files securely from one computer to another.

S-DES

Simplified Data Encryption Standard. An educational cipher that mimics DES but using smaller values that allow calculation by hand.

SDH

Synchronous Digital Hierarchy. Wide area network technology used across cities and countries.

SHA

Secure Hash Algorithm. Cryptographic hash algorithm. Different variants including SHA, SHA2 and SHA3.

SMTP

Simple Mail Transfer Protocol. Application layer protocol for transferring email between computers.

SPI

Stateful Packet Inspection. Technique that allows a firewall to make decisions on packets based on past packets in a connection.

SQL

Structured Query Language. Language for querying databases.

SSH

Secure Shell. Application for remotely logging in to a computer.

SSID

Service Set Identifier. Same as a ESSID.

SSL

Secure Sockets Layer. Protocol for securing application data that uses TCP for communications. Replaced by TLS but still referred to.

SVN

Subversion. Version control system.

SYN

Syncrhonise. Type of TCP segment, used during connection establishment phase.

TCP

Transmission Control Protocol. Transport layer protocol that provides reliable, connection-oriented data transfer. Used by many applications in the Internet.

TFTP

Trivial File Transfer Protocol. Application layer protocol for transferring files. Very lightweight, compared to FTP.

TLS

Transport Layer Security. Replaced SSL.

Tor

The Onion Router. System for private networking, whereby it is very difficult for someone to know who you are communicating with.

TTL

Time To Live. Value often given to packets so that after a certain time those packets are discarded/deleted. Usually measures in router hops, rather than seconds.

UDP

User Datagram Protocol. Transport layer protocol that provides unreliable, connection-less data transfer. Used by applications that require simplicity and/or fast data transfer. Alterative to TCP.

URL

Uniform Resource Locator. Identifies a resource in the Internet, such as a web page. E.g. http://www.example.com/dir/page.html

VM

Virtual Machine. Software implemtnation of a computer, virtualising the typical hardware components of a computer.

vn

virtnet. Software for quickly deploying Linux based virtual machines in a virtual network.

VPN

Virtual Private Network. Technology for private communications from a client to server.

W3C

World Wide Web Consortium. Organisation that sets standards for web browsing and applications, such as HTML.

WAN

Wide Area Network. Network that covers cities and countries, usually owned by telecom operators or ISPs.

WiFi

Wireless Fidelity . Marketing name for WLAN.

WLAN

Wireless Local Area Network. Technology for wireless communications on a LAN.

WPA

WiFi Protected Access. Encryption and authentication protocol for WLANs.

WSL

Windows Subsystem for Linux. Software that allows command-line based Linux operating systems to run as an application in Windows.

XML

eXtensible Markup Language. Language for defining other languages that define the structure/organisation of content.

XSS

Cross Site Scripting. Web application attack.