Glossary

Certification Authority (CA or AC): Trust entity in charge of issuing, delivery, archival, and revocation of digital certificates.

Digital Certificate: The electronic equivalent of an ID card. The identity of its holder is linked to the public key through the certification authority signature. This identity may consist of a name or a network attribute (IP address or URL).

Encipherment: Mathemathical operations that map intelligible data to non-intelligible data to guarantee their confidentiality.

Symmetric cryptography (or secret key cryptography) : a single key is needed to encipher and decipher information.

Asymmetric key cryptography (or public key cryptography) : a pair of keys is used to encipher and decipher data. Data encihphered by one key can only be deciphered by the other one.

Private Key : A part of the asymmetric key pair that must be kept secret by its holder. It may be stored on the hard disk of a personal computer or on a secure cryptographic device (smartcard, token). A private key must be protected by a password. It is used for generating digital signatures and deciphering electronic documents.

Public Key : A part of the asymmetric key pair that is made available by the creator of the pair in a public repository. It is used for verifying digital signatures and enciphering electronic documents.

Public Key Infrastructure (PKI) : the combination of software, hardware, personnel and procedures that enables enterprises to protect the security of their communications and business transactions on the Internet through the generation and management of keys and certificates. A PKI aims to meet the requirements of data confidentiality, anthentication, access control, non repudiation, and data integrity.

Certificate Revocation List (CRL) : A list generated and updated by a Certificate Authority. It contains Digital Certificates that have been revoked prior to their expiry date.

Digital Signature : The result of a transformation of a message by means of a cryptographic system using keys such that a Relying Party can determine:
1. whether the transformation was created using the private key that corresponds to the public key in the signer's digital certificate; and
2. whether the message has been altered since the signature creation.