Glossary of Encryption and Cryptography Terms
Encryption and cryptography rely on a precise, discipline-specific vocabulary that governs how professionals specify, implement, audit, and communicate security controls. This glossary covers the foundational terms, technical constructs, and regulatory labels used across encryption types and algorithms, key management frameworks, and compliance obligations in the United States. Understanding the correct scope and boundary of each term is essential for practitioners evaluating vendors, regulators assessing compliance posture, and researchers navigating published standards from bodies such as NIST, ISO, and the IETF.
Definition and scope
Cryptographic terminology spans three overlapping domains: mathematical constructs (algorithms, functions, proofs), engineering implementations (protocols, hardware modules, key stores), and regulatory labels (approved modes, validated modules, permissible key lengths). A term like "encryption" is both a mathematical operation and a compliance artifact — FIPS 140-3, published by NIST, defines validated encryption modules with binding specificity, while the broader computer-science literature uses the same word with far looser boundaries.
The glossary below is organized by conceptual category rather than alphabetically, which reflects how practitioners actually encounter these terms: first in the context of a protocol or threat model, then in the context of a compliance framework.
How it works
Cryptographic terms acquire operational meaning through their relationship to four structural components:
- Primitives — The atomic building blocks: block ciphers, stream ciphers, hash functions, and pseudorandom number generators.
- Schemes — Compositions of primitives that achieve a security goal (e.g., authenticated encryption, digital signatures).
- Protocols — Agreed-upon sequences of scheme interactions between parties (e.g., TLS 1.3, SSH, IPsec).
- Standards — Normative documents that specify which primitives, schemes, and protocols are permissible in regulated contexts (e.g., FIPS 140-3, NIST SP 800-175B).
Each term in the glossary below maps to at least one of these layers, and confusion between layers is a documented source of implementation error. For instance, "AES" names a primitive (FIPS 197), while "AES-GCM" names a scheme (AES in Galois/Counter Mode), and "AES-128-GCM in TLS 1.3" names a protocol-specific instantiation.
Common scenarios
The terms below represent the core vocabulary used across the service sector, regulatory filings, and published cryptographic standards.
Core cryptographic primitives and constructs
| Term | Definition | Authority/Source |
|---|---|---|
| Plaintext | Data in unencrypted, human- or machine-readable form before any cipher is applied. | NIST SP 800-175B |
| Ciphertext | The output of an encryption operation applied to plaintext using a key and algorithm. | NIST SP 800-175B |
| Key | A value used as an input to a cryptographic algorithm to control the transformation of data. | NIST SP 800-57 Part 1 |
| Algorithm | A defined mathematical procedure for performing encryption, decryption, hashing, or signing. | NIST SP 800-175B |
| Block cipher | A symmetric cipher that operates on fixed-size blocks of data; AES (FIPS 197) is the NIST-approved standard. | FIPS 197 |
| Stream cipher | A symmetric cipher that encrypts data one bit or byte at a time, using a keystream. | NIST SP 800-175B |
| Hash function | A one-way function that produces a fixed-length digest from variable-length input; SHA-256 and SHA-3 are FIPS-approved (FIPS 180-4, FIPS 202). | FIPS 180-4, FIPS 202 |
| MAC (Message Authentication Code) | A short tag computed from a message and a shared secret key to verify integrity and authenticity. | NIST SP 800-38B |
| Digital signature | An asymmetric scheme that binds a signer's identity to a message using a private key; verifiable with the corresponding public key. Covered under FIPS 186-5. | FIPS 186-5 |
| Entropy | A measure of unpredictability in a data source, critical to key generation and random number generation. | NIST SP 800-90B |
Asymmetric and symmetric constructs
Symmetric encryption uses a single shared key for both encryption and decryption. Asymmetric encryption uses a mathematically linked key pair — a public key for encryption or signature verification, and a private key for decryption or signing. RSA and elliptic-curve cryptography (ECC) are the two dominant asymmetric families in active deployment, with ECC achieving equivalent security at shorter key lengths: a 256-bit ECC key is considered comparable in strength to a 3072-bit RSA key (NIST SP 800-57 Part 1).
| Term | Definition |
|---|---|
| Public key | The shareable component of an asymmetric key pair, used for encryption or signature verification. |
| Private key | The secret component of an asymmetric key pair, never shared, used for decryption or signing. |
| Key pair | The combined public and private key generated together under an asymmetric algorithm. |
| Key encapsulation mechanism (KEM) | A method for establishing a shared secret by encrypting a key under a recipient's public key. |
| Diffie-Hellman (DH) key exchange | A protocol allowing two parties to establish a shared secret over an insecure channel without transmitting the secret itself. |
| Forward secrecy (Perfect Forward Secrecy, PFS) | A property ensuring that compromise of long-term keys does not retroactively expose past session keys. |
Protocol and infrastructure terms
| Term | Definition |
|---|---|
| TLS (Transport Layer Security) | The primary protocol for encrypting data in transit over networks; TLS 1.3 is the current IETF standard (RFC 8446). |
| SSL (Secure Sockets Layer) | The deprecated predecessor to TLS; SSLv3 and earlier versions are prohibited under PCI DSS v4.0. |
| PKI (Public Key Infrastructure) | The system of certificate authorities, registration authorities, policies, and procedures that govern the issuance and management of digital certificates. |
| Certificate Authority (CA) | An entity that issues and vouches for the authenticity of digital certificates; CAs are governed by the CA/Browser Forum Baseline Requirements. |
| X.509 | The ITU-T standard defining the format of public key certificates used in TLS and PKI. |
| Certificate Revocation List (CRL) | A published list of certificates that have been revoked before their expiration date. |
| OCSP (Online Certificate Status Protocol) | A real-time protocol for checking the revocation status of a specific certificate, defined in RFC 6960. |
| HSM (Hardware Security Module) | A physical computing device that safeguards and manages cryptographic keys; FIPS 140-3 Level 3 validation is a common procurement requirement. |
Compliance and regulatory terms
| Term | Definition |
|---|---|
| FIPS 140-3 | The current U.S. federal standard for cryptographic module validation, administered by NIST's Cryptographic Module Validation Program (CMVP). |
| Approved algorithm | An algorithm explicitly listed as acceptable in a normative NIST publication for use in federal systems. |
| Key management | The full lifecycle of cryptographic key operations: generation, distribution, storage, use, archival, and destruction, as defined in NIST SP 800-57. |
| Data at rest | Stored data, as opposed to data moving across a network; encryption requirements differ across HIPAA, PCI DSS, and FISMA. |
| Data in transit | Data actively moving across a network or communication channel. |
| Tokenization | The substitution of sensitive data with a non-sensitive placeholder (token); distinct from encryption in that the token cannot be reversed without access to a separate token vault. |
Post-quantum and advanced constructs
| Term | Definition |
|---|---|
| Post-quantum cryptography (PQC) | Cryptographic algorithms designed to resist attacks from quantum computers; NIST finalized the first PQC standards in 2024 (FIPS 203, FIPS 204, FIPS 205). |
| Lattice-based cryptography | A family of PQC algorithms whose security relies on the hardness of lattice problems; ML-KEM ( |