Course: ———

Editor(s): Eileen Hargraves

Last modified: May 16, 2019

The z/OS Cryptographic Services ICSF Application Programmer's Guide glossary is a great place to begin searching for
common terminology:
https://www.ibm.com/support/knowledgecenter/en/SSLTBW_2.1.0/com.ibm.zos.v2r1.csfb400/gloss.htm#gloss

“NSA Cryptography” on Wikipedia offers a helpful overview of NSA cipher titles:

https://en.wikipedia.org/wiki/NSA_cryptography. Note—the cipher names may or may not be followed by “cipher.” Often
they are not.

Terminology
• ADFGVX cipher
• affine cipher
• Atbash cipher
• birthday attack
• Blowfish cipher
• brute-force attack (“brute force” if it isn’t used adjectivally)
• Caesar cipher
• Challenge-Handshake Authentication Protocol (CHAP)
• certificate authority (CA)
• cipher block chaining (CBC)
• cipher disk
• ciphertext
• CrypTool
• Diffie-Hellman (officially Diffie–Hellman Key Exchange (DH))
• electronic codebook (ECB)
• Enigma machine
• Extensible Authentication Protocol (EAP)
• FASTHASH: Type 1 Product NSA cipher
• Feistel _______ (“cipher,” “function,” or “network)
• Fish cipher (FISH also appears to be acceptable, but I have not used it)
• hashing
• homophonic substitution
• Invisible Secrets
• JUNIPER: Type 1 Product NSA cipher
• KEA cipher
• Kerckhoffs’s principle
• Layer 2 Tunneling Protocol (L2TP)
• Lucifer cipher
• man-in-the-middle attack (opt. “MITM”)
• MAYFLY cipher
• Mersenne prime
• Monoalphabetic substitution
• MP3Stego
• Nonrepudiation
• null cipher
• Password Authentication Protocol (PAP)
• PEGASUS cipher
• Pike cipher
• plaintext attack
• Playfair cipher
• Point-to-Point Tunneling Protocol (PPTP)
 • polyalphabetic substitution cipher
• Pretty Good Privacy (PGP)
• Product types (NSA): See “Type 1,” “Type 2,” etc. in the National Information Assurance Glossary,
https://www.dni.gov/files/NCSC/documents/nittf/CNSSI-4009_National_Information_Assurance.pdf
• propagating cipher block chaining (PCBC)
• public key infrastructure (PKI)
• QuickStego
• rail fence cipher
• rainbow table
• registration authority (RA)
• Rot13 cipher
• scytale
• Serpent cipher
• Shiva Password Authentication Protocol (SPAP)
• single substitution weakness
• Skipjack cipher
• SNOW
• Stealth Files 4
• steganalysis
• steganography
• steganophony
• StegDetect
• StegSecret
• StegSpy
• swap files
• Twofish cipher
• Vigenère cipher
• WALBURN cipher
• X.509

Do Not Spell Out (better known by their abbreviations, according to SMEs):

• 3DES (Triple DES—officially Triple Data Encryption Algorithm (TDEA or 3DEA))
• AES (Advanced Encryption Standard)
• AND
• DES (Data Encryption Standard)
• IDEA (International Data Encryption Algorithm)
• MD5
• NSA
• OR
• RC4
• SHA (there is also SHA-1, SHA-2, SHA-3)
• SSL/TLS
• WEP
• WPA
• WPA2
• WPA2 Enterprise
• WPA3
• XOR (exclusive OR; the SMEs also use XOR’d as a verb)
• Yarrow

Other
You may see items with the names “Bob” and “Alice.” The cryptography community uses these names. It’s an industry
standard or tradition. (See https://en.wikipedia.org/wiki/Alice_and_Bob.) Do not change these to names on the fake name
list or rewrite the names out unless you get permission from the AD/SMEs.