Chosen text attack (CTA): Less common in occurrence and includes four types of attacks such as CPA, ACPA, CCA, and ACCA.

Chosen plaintext attack (CPA): The attacker knows the plaintext and the corresponding ciphertext and algorithm, but does not know the key. He has selected the plaintext together with its corresponding encrypted ciphertext generated with the secret key. This type of attack is harder but still possible. The CPA attack occurs when a private key is used to decrypt a message. The key is deduced to decrypt any new messages encrypted with the same key. A countermeasure is to use a one-way hash function. The CPA attack against DES occurs when bit-wise complement keys are used to encrypt the complement of the plaintext block into the complement of the ciphertext block. A solution is to not use the complement keys.

Adaptive CPA attack (ACPA): A variation of the CPA attack where the selection of the plaintext is changed based on the previous attack results.

Chosen ciphertext attack (CCA): The attacker selected the ciphertext together with its corresponding decrypted plaintext generated with the secret key.

Adaptive CCA attack (ACCA): A variation of the CCA attack where the selection of the ciphertext is changed based on the previous attack results.

Cryptographic algorithm

A well-defined computational procedure that takes variable inputs, including a cryptographic key, and produces an output. The cryptographic algorithms can be implemented in either hardware for speed or software for flexibility.

Cryptographic boundary

An explicitly defined continuous perimeter that establishes the physical bounds of a cryptographic module and contains all the hardware, software, and/or firmware components of a cryptographic module.

Cryptographic authentication

The use of encryption-related techniques to provide authentication.

Cryptographic checksum

A checksum computed by an algorithm that provides a unique value for each possible data value of the object.

Cryptographic function

A set of mathematical procedures that provide various algorithms for key generation, random number generation, encryption, decryption, and message digesting.

Cryptographic hash function

A mathematical function that maps a bit string of arbitrary length to a fixed length bit string. The function satisfies the following properties: (1) it is computationally infeasible to find any input which maps to any pre-specified output (one-way) and (2) it is computationally infeasible to find any two distinct inputs that map to the same output (collision collision-resistant).

Cryptographic key

(1) A value used to control cryptographic operations, such as decryption, encryption, signature generation, or signature verification. (2) A parameter used in connection with a cryptographic algorithm that determines its operation in such a way that an entity with knowledge of the key can reproduce or reverse the operation, while an entity without knowledge of the key cannot. Seven examples include (i) the transformation of plaintext data into ciphertext data, (ii) the transformation of ciphertext data into plaintext data, (iii) the computation of a digital signature from data, (iv) the verification of a digital signature, (v) the computation of an authentication code from data, (vi) the verification of an authentication code from data and a received authentication code, and (vii) the computation of a shared secret that is used to derive keying material.

Cryptographic key management system (CKMS)

A set of components that is designed to protect, manage, and distribute cryptographic keys and bound metadata.

Cryptographic module

The set of hardware, software, firmware, or some combination thereof that implements approved security functions such as cryptographic logic or processes (including cryptographic algorithms and key generation) and is contained within the cryptographic boundary of the module.

Cryptographic strength

A measure of the expected number of operations required to defeat a cryptographic mechanism. This term is defined to mean that breaking or reversing an operation is at least as difficult computationally as finding the key of an 80-bit block cipher by key exhaustion that is it requires at least on the order of 279 operations.

Cryptographic token

A token where the secret is a cryptographic key.

Cryptography

(1) The discipline that embodies the principles, means, and methods for the transformation of data in order to hide their semantic content, prevent their unauthorized use, or prevent their undetected modification. (2) The discipline that embodies principles, means, and methods for providing information security, including confidentiality, data integrity, non-repudiation, and authenticity. (3) It creates a high degree of trust in the electronic world.

Cryptology

The field that encompasses both cryptography and cryptanalysis. The science that deals with hidden, disguised, or encrypted communications. It includes communications security and communications intelligence.

Crypto-operation

The functional application of cryptographic methods. (1) Off-line encryption or decryption performed as a self-contained operation distinct from the transmission of the encrypted text, as by hand or by machines not electrically connected to a signal line. (2) Online the use of crypto-equipment that is directly connected to a signal line, making continuous processes of encryption and transmission or reception and decryption.

Crypto-period

The time span during which a specific key is authorized for use or in which the keys for a given system may remain in effect.

Cryptophthora

It is a degradation of secret key material resulting from the side channel leakage where an attacker breaks down the operation of a cryptosystem to reveal the contents of a cryptographic key.

Crypto-security

The security or protection resulting from the proper use of technically sound crypto-systems.

Cyber attack

An attack, via cyberspace, targeting an organization’s use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing infrastructure. This also includes destroying the integrity of the data or stealing controlled information.

Cyber infrastructure

The scope includes computer systems, control systems, networks (e.g., the Internet), and cyber services (e.g., managed security services).

Cyber security

The ability to protect or defend the use of cyberspace from cyber attacks.

Cyberspace

A global domain within the information environment consisting of the interdependent network of information systems infrastructures including the Internet, telecommunications network, computer systems, and embedded processors and controllers.

Cyclic redundancy check (CRC)

(1) A method to ensure data has not been altered after being sent through a communication channel. It uses an algorithm for generating error detection bits in a data link protocol. The receiving station performs the same calculation as done by the transmitting station. If the results differ, then one or more bits are in error. (2) Error checking mechanism that verifies data integrity by computing a polynomial algorithm based checksum. This is a technical and detective control.