A | B | C | D | E | F | G | H | I | J | K | L | M |
N | O | P | Q | R | S | T | U

Padding
Extra bits concatenated with a key, password, or plaintext.

Password
A protected and private character string used to authenticate an AIS user.

Personnel Security
The procedures established to ensure that all personnel who have access to any sensitive information have all required authorities or appropriate security authorizations.

PGP Certificate
Digital certificates similar to X.509 self-signed (root) certificates, except there can be more than one signature on PGP certificates.

Physical Security
The application of physical barriers and control procedures as preventative measures or safeguards against threats to resources and information.

PKCS
Public-Key Cryptography Standards. A series of cryptographic standards dealing with public-key issues, published by RSA Laboratories.

Plaintext
The data to be encrypted.

Plaintext-ciphertext Pair
Ciphertext and its corresponding plaintext. These paired communications give cryptanalysts clues to determine the meaning of other messages encrypted by the same method.

Polling
A certificate revocation list (CRL) delivery model which requires the certificate user to request the current CRL whenever verifying a digital certificate. One polling problem is the time delay between certificate authority (CA) certificate revocation and CA publication of a new CRL.

Precomputation Attack
An attack where the adversary precomputes a look-up table of values used to crack encryption or passwords. See also dictionary attack.

Pre-master Secret
A 48-byte random value generated in the beginning of electronic exchanges using Secure Socket Layer (SSL). It is used along with other exchanged random values and a pseudo-random function (PRF) to independently and simultaneously generate a master secret which in turn is used to make six shared secret keys. After this, the pre-master secret is no longer needed and should, for security reasons, be deleted.

Pretty Good Privacy (PGP)
A secure email application.

Privacy Act of 1974
A US law permitting citizens to examine and make corrections to records the government maintains. It requires that Federal agencies adhere to certain procedures in their record keeping and interagency information transfers. Reference: FIPS Pub. 41, 05/30/75 (Implementing the Privacy Act of 1975), and the Privacy Act of 1974, As Amended. See also: System of Records.

Private Branch Exchange
Private Branch eXchange (PBX) is a telephone switch providing speech connections within an organization, while also allowing users access to both public switches and private network facilities outside the organization. The terms PABX, PBX, and PABX are used interchangeably.

Private Key
Concealed key held by only one person in public key cryptography. It is never shared.

Proactive Security
A property of a cryptographic protocol or structure which minimizes potential security compromises by refreshing a shared key or secret.

Process Owner
The official who defines the process parameters and its relationship to other Customs processes. The process owner has Accrediting Authority (AA) to decide on accepting the security safeguards prescribed for the MIS process and is responsible for issuing an accreditation statement that records the decision to accept those safeguards. See also: Application Owner

Product Ciphers
Ciphers that use both confusion and diffusion like the Data Encryption Standard (DES).

Protocol
An attribute in Internet Protocol Security (IPsec) that controls if confidentiality and/or message integrity are used to protect a data packet. The protocol choices are formally called Encapsulating Security Protection (ESP) and Authentication Header (AH). An IPsec data packet must be protected by either a protocol or a mode.

Pseudo-random Function (PRF)
A mathematical method that creates a pseudo-random number.

Pseudo-random Numbers
Numbers with as little detectable pattern as possible but not truly random. Computer programs make pseudo-random numbers because they can't make truly random numbers.

Public Key
A key in asymmetric ciphers used to encrypt a message that can only be decrypted by the matching private key. Public keys can be openly shared because knowledge of the public key doesn’t help quickly cryptanalyze a public key encrypted message or figure out the private key. Although public keys don’t need to be concealed they must nevertheless be protected (see man-in-the-middle attack).

Public Key Infrastructures (PKI)
Digital certificate administrative frameworks (scaffolding). The two major PKI frameworks are called x.509 and Pretty Good Privacy (PGP).

Public Key Method
Modern encryption method where one person has the private key and one or more people have the matching public key. Although all public key methods have public and private keys, they are called public key methods.

Public Law 100-235
Established minimal acceptable standards for the government in computer security and information privacy. See also: Computer Security Act of 1987

Pushing
A certificate revocation list (CRL) delivery model in which the certificate authority (CA) delivers users new CRLs as soon as it revokes a certificate. A pushing problem is the computer time used just to receive and process revoked certificates even if there aren’t any relevant revoked certificates on the CRL. Also, since the CRL is pushed, the CA and the user must ensure BlackHat doesn’t intercept and delete the pushed CRL even before it reaches the user.