
# SID	@(#) glossary.txt 3.11 25/10/04 00:27:50

# acronym | description
#------+----------------------------------------------------------------------+
0-Length OpenSSL	invalid MAC, valid padding with 0-length record (variant of POODLE exploit)
0-RTT	zero Round-Trip Time
3Fish	see Threefish
3SHAKE	sometimes for: TLS Triple Handshake Attack
A5/X	Stream ciphers used in mobile phone protocols
AA	Attribute Authority
AAD	Additional Authenticated Data
ABE	Attribute Based Encryption
ACME	Automated Certificate Management Environment
ACL	Access Control List
Achterbahn	80-, 128-bit key stream cipher (2006)
ACHTERBAHN-80	see Achterbahn
ACHTERBAHN-128	see Achterbahn
Adiantum	ChaCha stream cipher with Poly1305 and XChaCha12
ADH	Anonymous Diffie-Hellman
Adler32	hash function
AE	Authenticated Encryption
AEAD	Authenticated Encryption with Additional Data
AECDHE	Anonymous Ephemeral ECDH
AEGIS	A Fast Authenticated Encryption Algorithm (with AEAD), stream or block cipher
AEGIS-128L	AEGIS cipher
AEGIS-128X	AEGIS cipher
AEGIS-128X2	AEGIS cipher
AEGIS-128X4	AEGIS cipher
AEGIS-256	AEGIS cipher
AEGIS-256X	AEGIS cipher
AEGIS-256X2	AEGIS cipher
AEGIS-256X4	AEGIS cipher
AEM	Authenticated Encryption Mode (aka Advanced Encryption Mode, aka OCB3)
AES	Advanced Encryption Standard, symmetric block cipher
AESKW	A Key Wrap Scheme
AESCCM	AES with CCM
AESCCM8	AES with CCM8
AESGCM	AEAD algorithms AEAD_AES_128_GCM and AEAD_AES_256_GCM
AES-CCM	alias for AESCCM
AES-GCM	alias for AESGCM
# AES-GCM	AES-GCM is an authenticated encryption mode that uses the AES block cipher in counter mode with a polynomial MAC based on Galois field multiplication.
AES-GCM-SIV	Nonce Misuse-Resistant Authenticated Encryption (RFC8452)
AES-CBC	?
AES-CTR	?
AES-XTS	?
AIA	Authority Information Access (certificate extension)
AKA	Authentication and Key Agreement
AKW1	A Key Wrap Scheme
AKW2	A Key Wrap Scheme
AKC	Agreement with Key Confirmation
AKID	Authority Key IDentifier
ALPN	Application Layer Protocol Negotiation
ALPACA	Application Layer and Content Confusion Attack	(Exploit SSL/TLS)
AMAC	ANSI Retail MAC
AMASTRID	stream cipher
ANSI	American National Standards Institute
Anubis	128-bit symmetric block cipher
ARC4	Alleged RC4 (see RC4)
ARCFOUR	alias for ARC4
Argon2	Password hashing function (J. Aumasson, 2014)
Argon2d	variant of Argon2
Argon2i	variant of Argon2
Argon2id	variant of Argon2
ARIA	128-bit symmetric block cipher
ARX	add–rotate–xor
ASN	Autonomous System Number
ASN.1	Abstract Syntax Notation number One
AtE	Authenticate-then-Encrypt (see also MtE)
BACPA	Blockwise-Adaptive Chosen-Plaintext Attack
BADA55	"locate weak cryptography somewhere", Bernstein, Lange, et al.
BADA55-VPR-224	improved verifiably pseudorandom 224-bit curve
BADA55-VR-224	curve using the same prime as NIST P-224
BADA55-VR-256	curve using the same prime as NIST P-256
BADA55-VR-384	curve using the same prime as NIST P-384
Bar Mitzvah	vulnerabilty of TLS sessions protected with RC4
BB	Boneh–Boyen (ID based encryption)
BDH	Bilinear Diffie-Hellman
BEAR	block cipher combining stream cipher and hash function
BEAST	Browser Exploit Against SSL/TLS	(Exploit SSL/TLS)
BEAST .	fast block cipher for arbitrary blocksizes (rarely)
BER	Basic Encoding Rules
BF	Boneh–Franklin (ID based encryption)
BGP	Boorder Gateway Protocol
bcrypt	hash function (Niels Provos, David Mazières, 1999)
BLAKE	hash function (Jean-Philippe Aumasson, Luca Henzen, Willi Meier, Raphael C.-W. Phan, 2008)
BLAKE2	fast secure hashing function (2012)
BLAKE2b	see BLAKE (64 bit)
BLAKE2s-128	see BLAKE (32 bit)
BLAKE3	fast secure hashing function (20??)
BLAKE3	??
BLAKE-32	see BLAKE (32 bit)
BLAKE-64	see BLAKE (64 bit)
BLAKE-224	see BLAKE (224 bit)
BLAKE-256	see BLAKE (256 bit)
BLAKE-384	see BLAKE (384 bit)
BLAKE-512	see BLAKE (512 bit)
Blowfish	64-bit symmetric block cipher (1993)
boomerang attack	attack on BLAKE
BPA	Branch Prediction Analysis
BPP	Binary Packet Protocol
Brainpool	signature algorithm, from BSI
BREACH	Browser Reconnaissance & Exfiltration via Adaptive Compression of Hypertext; a variant of CRIME	(Exploit SSL/TLS)
Bullrun	NSA program to break encrypted communication
CAESAR	Competition for Authenticated Encryption: Security, Applicability, an
CAMELLIA	encryption algorithm (by Mitsubishi and NTT), 128-bit symmetric block cipher
CAST	Carlisle Adams and Stafford Tavares, symmetric block cipher
CAST-128	Carlisle Adams and Stafford Tavares, 64-bit symmetric block cipher
CAST5	alias for CAST-128
CAST-256	Carlisle Adams and Stafford Tavares, 128-bit symmetric block cipher
CAST6	alias for CAST-256
cipher suite	cipher suite is a named combination of authentication, encryption, and message authentication code algorithms
CA	Certificate Authority (aka root CA)
CAA	Certificate Authority Authorization
CAA RR	CAA Resource Record
CBC	Cyclic Block Chaining
CBC 	Cipher Block Chaining (sometimes)
CBC  	Ciplier Block Chaining (sometimes)
CBC-MAC	Cipher Block Chaining - Message Authentication Code
CBC-MAC-ELB	Cipher Block Chaining - Message Authentication Code - Encrypt Last Block
CBC3	alias for Tripple DES (sometimes, used in cipher suite names)
CBOR	Concise Binary Object Representation, hash algorithms
CCA	Chosen Ciphertext Attack
CCM	Counter with CBC-MAC Mode (authenticated encryption block cipher mode) (with 16-octet authentication tag)
CCM-8	Counter with CBC-MAC Mode (authenticated encryption block cipher mode) (with 8-octet authentication tag)
CCS	Change Cipher Spec (protocol)
CDH	?  Diffie-Hellman
CDP	CRL Distribution Points
CECPQ1	key-agreement algorithm; Combined elliptic Curve and Post-Quantum Cryptography Key Exchange
CECPQ2	Combined elliptic Curve and Post-Quantum Cryptography Key Exchange
CEK	Content Encryption Key
CFB	Cipher Feedback
CFB3	Cipher Feedback
CFBx	Cipher Feedback x bit mode
CFRG	Crypto Forum Research Group
CGN	Carrier- Grade NAT (RFC6598)
ChaCha	256-bit key stream cipher
ChaCha8	see ChaCha
ChaCha12	see ChaCha (aka 12-round ChaCha)
ChaCha20	see ChaCha (aka 20-round ChaCha)
ChaCha-Poly1305	Authenticated Encryption with Associated Data (AEAD)
CHAP	Challenge Handshake Authentication Protocol
CLEFIA	lightweight 128-bit block cipher
CKA	(PKCS#11)
CKK	(PKCS#11)
CKM	(PKCS#11)
CMA	Chosen Message Attack
CMAC	Cipher-based MAC
CMC	CBC-mask-CBC
CMP	X509 Certificate Management Protocol
CMS	Cryptographic Message Syntax
CMVP	Cryptographic Module Validation Program (NIST)
CN	Common Name
CNT_IMIT	cipher suite
CT	Certificate-Transparency
CTR_OMAC	cipher suite (GOST R 34.12-2015 aka GOST3412-2015)
COSE	CBOR Object Signing and Encryption
CP	Certificate Policy (certificate extension)
CPA	Chosen Plaintext Attack
CPD	Certificate Policy Definitions
CPS	Certification Practice Statement
CRC	Cyclic Redundancy Check
CRC8	CRC with polynomial length 8
CRC16	CRC with polynomial length 16
CRC32	CRC with polynomial length 32
CRC64	CRC with polynomial length 64
CRAM	Challenge Response Authentication Mechanism
CRIME	Compression Ratio Info-leak Made Easy	(Exploit SSL/TLS)
CRL	Certificate Revocation List
CRYPTON	128-bit block cipher (1998)
CRYPTREC	Cryptography Research and Evaluation Committees
CRYSTALS	post-quantum hash function, signature
CRYSTALS-Dilithium	is now ML-DSA
CRYSTALS-Kyber	is now ML-KEM
CSP	Certificate Service Provider
CSP 	Cryptographic Service Provider
CSP  	Critical Security Parameter (used in FIPS 140-2)
CSP:	Content Security Policy (used as HTTP header)
CSR	Certificate Signing Request
CSPRNG	Cryptographically Secure Pseudo-Random Number Generator
CT	Certificate Transparency
CTL	Certificate Trust Line
CTR	Counter Mode (sometimes: CM; block cipher mode)
CTS	Cipher Text Stealing
Curve448	signature algorithm (aka Goldilocks (224 bit))
Curve25519	signature algorithm by Dan J. Bernstein (ca. 128 bit)
CVA	Ciphertext Validity Attack
CWC	Carter-Wegman  Counter (aka CWC Mode: Carter-Wegman + CTR mode; block cipher mode)
CyaSSL	formerly name of wolfSSL
DAA	Data Authentication Algorithm
DAC	Data Authentication Code
DACL	Discretionary Access Control List
DANE	DNS-based Authentication of Named Entities
DDH	Decisional Diffie-Hellman (Problem)
DEA	Data Encryption Algorithm (sometimes a synonym for DES)
DEAL	128-bit symmetric block cipher (Lars Knudsen, 1998)
DECIPHER	synonym for decryption
DEK	Data Encryption Key
DEM	Data Encapsulation Mechanism
DER	Distinguished Encoding Rules
DES	Data Encryption Standard
DESede	alias for 3DES ?java only?
DESX	extended DES
3DES	Tripple DES (168 bit)
3DES-EDE	alias for 3DES
3TDEA	Three-key  Tripple DEA (sometimes: Tripple DES; 168 bit)
2TDEA	Double-key Tripple DEA (sometimes: Double DES; 112 bit)
D5	Verhoeff's Dihedral Group D5 Check
DH	Diffie-Hellman
DHE	Diffie-Hellman ephemeral (historic acronym, often used, mainly in openssl)
Dilithium	digital signature scheme
Dilithium2-AES	alias for Dilithium
Dilithium3-AES	alias for Dilithium
Dilithium5-AES	alias for Dilithium
DLIES	Discrete Logarithm Integrated Encryption Scheme
DLP	Discrete Logarithm Problem
DN	Distinguished Name
DNSSEC	DNS Security Extension
DPA	Dynamic Passcode Authentication (see CAP)
DRAGON	stream cipher (2007)
DRBG	Deterministic Random Bit Generator
DRG	Deterministic Random Generator
DRIP	Secure Hash Algorithm?
DROWN	Decrypting RSA with Obsolete and Weakened eNcryption	(Exploit SSL/TLS)
DSA	Digital Signature Algorithm
DSCP	Differentiated Services Code Point
DSPR	?
DSS	Digital Signature Standard
DTLS	Datagram TLS
DTLSv1	Datagram TLS 1.0
DTLSv1.3	Datagram TLS 1.3
DTLSv13	alias for DTLSv1.3
Dual EC DBRG	Dual Elliptic Curve Deterministic Random Bit Generator (NIST)
Dual_EC_DBRG	Dual Elliptic Curve Deterministic Random Bit Generator (NIST)
DV	Domain Validation
DV-SSL	Domain Validated Certificate
E0	A stream cipher used in Bluetooth
EAL	Evaluation Assurance Level
EAP	Extensible Authentication Protocol
EAP-PSK	Extensible Authentication Protocol using a Pre-Shared Key
EAX	Encrypt-then-Authenticate-then-Translate
EAX 	EAX Mode (block cipher mode)
EAXprime	alias for EAX Mode
EBC	Edge Boundery Controller
EC	Elliptic Curve
EC-DSA	alias for ECDSA
EC-GDSA	Elliptic Curve German DSA
EC-FSDSA	Elliptic Curve Full Schnorr DSA
EC-KCDSA	Elliptic Curve KCDSA
EC-RDSA	Elliptic Curve RDSA
EC-SDSA	Elliptic Curve Schnorr DSA
EC-Schnorr	Elliptic Curve Based Schnorr Signature Algorithm
ECB	Electronic Code Book mode (block cipher mode)
ECC 	Error Corection Code
ECC	Elliptic Curve Cryptography
ECCSI	Elliptic Curve-Based Certificateless Signatures for Identity-Based Encryption
ECDH	Elliptic Curve Diffie-Hellman
ECDHE	Ephemeral ECDH
ECDHE_ECDSA	Ephemeral ECDH with ECDSA or EdDSA signatures
ECDHE_RSA	Ephemeral ECDH with RSA signatures
ECDH_anon	Anonymous ephemeral ECDH, no signatures
ECDLP	Elliptic Curve Discrete Logarithm Problem
ECDSA	Elliptic Curve Digital Signature Algorithm
ECDSA-256	Elliptic Curve Digital Signature Algorithm (256 bits)
ECDSA-384	Elliptic Curve Digital Signature Algorithm (384 bits)
ECDSA-521	Elliptic Curve Digital Signature Algorithm (521 bits)
ECGDSA	alias for EC-GDSA
ECHO	hash function (Ryad Benadjila, Olivier Billet, Henri Gilbert, Gilles Macario-Rat, Thomas Peyrin, Matt Robshaw, Yannick Seurin, 2010)
ECIES	Elliptic Curve Integrated Encryption Scheme
ECKA	Elliptic Curve Key Agreement
ECKA-EG	Elliptic Curve Key Agreement of ElGamal Type
ECKCDSA	alias for EC-KCDSA
ECKDSA	probably a typo meaning EC-KCDSA
ECMQV	Elliptic Curve Menezes-Qu-Vanstone
ECN	Explicit Congestion Notification
ECOH	Elliptic Curve only hash
# ECRYPT	??
ECSVDP-DH	Elliptic Curve Secret Value Derivation Primitive, Diffie-Hellman version
Ed25519	alias for Curve25519
Ed25519ctx	alias for ?
Ed25519ph	alias for ?
Ed448	alias for Curve448
Ed448ph	alias for ?
edwards25519	alias for Curve25519
edwards448	alias for Curve448
EdDSA	Edwards curve DSA
#	alias for signatures using public key and private key formats, like Curve448 and Curve25519
EDE	Encryption-Decryption-Encryption
EDH	Ephemeral Diffie-Hellman
EDHOC	Ephemeral Diffie-Hellman Over COSE
EEA	EPS Encryption Algorithm
EGADS	Entropy Gathering and Distribution System
EGD	Entropy Gathering Daemon
EIA	EPS Integrity Algorithm
EKA	Encrypted Key Exchange
EKU	Extended Key Usage
ELB	Encrypt Last Block
ElGamal	asymmetric block cipher
EMAC	Encrypted CBC-MAC
ENCIPHER	synonym for encryption
EME	ECB-mask-ECB (mode)
EME 	Encoding Method for Encryption
EME-OAEP 	Encoding Method for Encryption Optimal Asymmetric Encryption Padding
EMS 	Extended Master Secret (sometimes)
EMS 	Encrypted Master Secret
ESNI	Encrypted Server Name Indication
ESP	Encapsulating Security Payload
ESSIV	Encrypted salt-sector initialization vector
EtA	Encrypt-then-Authenticate (see also EtM)
E&A	Encrypt-and-Authenticate (see also E&M)
E&M	Encrypt-and-MAC (see also E&A)
EtM	Encrypt-then-MAC (see also EtA)
eTLS	Enterprise TLS (social attack on privacy by ETSI; renamed to ETS)
ETS	Enterprise Transport Security (renamed from eTLS)
ETSI-TS	European Telecommunications Standards Institute - Technical Specification
EUF-CMA	existential unforgeable under chosen message attack
EV	Extended Validation
EV-SSL	Extended Validation Certificate
FALCON	Fast-Fourier Lattice-based Compact Signatures over NTRU; post-quantum signature
FDH	Full Domain Hash
FHE	Fully Homomorphic Encryption
FEAL	Fast Data Encryption Algorithm
FFC	Finite Field Cryptography
FFT	Fast Fourier Transform
FIPS	Federal Information Processing Standard
FIPS46-2	FIPS Data Encryption Standard (DES)
FIPS73	FIPS Guidelines for Security of Computer Applications
FIPS140-2	FIPS Security Requirements for Cryptographic Modules
FIPS140-3	proposed revision of FIPS 140-2
FIPS180-3	FIPS Secure Hash Standard
FIPS186-3	FIPS Digital Signature Standard (DSS)
FIPS197	FIPS Advanced Encryption Standard (AES)
FIPS198-1	FIPS The Keyed-Hash Message Authentication Code (HMAC)
FREAK	Factoring Attack on RSA-EXPORT Keys	(Exploit SSL/TLS)
FrodoKEM	(key exchanged based on KEM?)
FROST	Secure Hash Algorithm?
FQDN	Fully-qualified Domain Name
FSB	Fast Syndrome Based Hash
FSM	Finite State Machine
FZA	FORTEZZA
G-DES	??? DES
GCM	Galois/Counter Mode (authenticated encryption block cipher mode)
GDSA	German Digital Signature Algorithm
GHASH	Hash funtion used in GCM
GMAC	MAC for GCM
Grøstl	hash function (Lars Knudsen, 2010)
GOLDENPOODLE	valid padding with an invalid MAC (variant of POODLE exploit)
Goldilocks	see Curve448
GOST	Gossudarstwenny Standard, 64-bit symmetric block cipher (1994)
GOST 	hash function (used in GOST cipher suite)
GOST28147-89	block cipher (RFC5830)
GOST3410-2012	signature algorithm
GOST3411-2012	hash algorithm
GOST3412-2015	block cipher
GOST3413-2015	modes of operation for block ciphers
GOST3431095	see GOST28147-89
GOST3431004	see GOST28147-89
GOST3431195	see GOST28147-89
GOSTR341001	see GOST28147-89
GOSTR341094	see GOST28147-89
GOSTR341194	see GOST28147-89
GOSTR341122015	GOST R 34.12-2015 (RFC7801, RFC8891), see GOST28147-89
Grainv1	stream cipher (64-bit IV)
Grainv128	stream cipher (96-bit IV)
GREASE	Generate Random Extensions And Sustain Extensibility
GRØSTL256	hash function
GRØSTL512	hash function
GROESTL256	alias for GRØSTL256
GROESTL512	alias for GRØSTL512
HAIFA	HAsh Iterative FrAmework
hash127	fast hash function (by Dan Bernstein)
HAVAL	one-way hashing
HAS-160	hash function
HAS-V	hash function
HC128	alias for HC128
HC256	alias for HC256
HC-128	128-bit key stream cipher (2004)
HC-256	256-bit key stream cipher (2004)
HCH	Hash-Coputer-Hash
HCTR	a variable-input-length encryption mode
HEARTBLEED	attack against TLS extension heartbeat
HEIST	HTTP Encrypted Information can be Stolen through TCP-windows
HIBE	hierarchical identity-based encryption
HKDF	HMAC-based Extract-and-Expand Key Derivation Function
HNF-256	hash function (Harshvardhan Tiwari, Krishna Asawa, 2014)
HMAC	keyed-Hash Message Authentication Code (aka Hashed MAC)
HMQV	h? Menezes-Qu-Vanstone
HPC	Hasty Putting Cipher
HPKP	HTTP Public Key Pinning
HPolyC	ChaCha stream cipher with Poly1305 and XChaCha12, XChaCha20
HRSS	encryption algorithm
HSM	Hardware Security Module
HSR	Header + Secret + Random
HSS	? hash function
HSTS	HTTP Strict Transport Security
HTOP	HMAC-Based One-Time Password
IAPM	Integrity Aware Parallelizable Mode (block cipher mode of operation)
IBE	Identity-Based Encryption
ICM	Integer Counter Mode (alias for CTR)
IDP	Issuing Distribution Points
IDEA	International Data Encryption Algorithm (by James Massey and Xuejia Lai)
IEC	International Electrotechnical Commission
IESG	Internet Engineering Steering Group
IETF	Internet Engineering Task Force
IFC	Integer Factorization Cryptography
IGE	Infinite Garble Extension
IKE	Internet Key Exchange
IKEv2	IKE version 2
IND	Indistinguishability of Encryptions
IND-BACPA	Indistinguishability of encryptions under blockwise-adaptive chosen-plaintext attack
IND-CCA	Indistinguishability of encryptions under chosen-cipgertext attack
IND-CPA	Indistinguishability of encryptions under chosen-plaintext attack
INT-CTXT	Integrity of ciphertext
INT-PTXT	Integrity of plaintext
IRTF	Internet Research Task Force
ISAKMP	Internet Security Association and Key Management Protocol
IP-TFS	IP Traffic Flow Security
IV	Initialization Vector
J-PAKE	Password Authenticated Key Exchange by Juggling
JH	hash function (Hongjun Wu, 2011)
JITTER	?
JH-224	see JH (224 bits)
JH-256	see JH (256 bits)
JH-384	see JH (384 bits)
JH-512	see JH (512 bits)
Jolkit-BC	tweakable block cipher
JSSE	Java Secure Socket Extension
KATAN	lightweight block cipher
KAS2	?
KASUMI	64-bit symmetric block cipher (successor of MISTY1, broken 2005)
KLEIN	lightweight block cipher
Keccak	hash function (Guido Bertoni, Joan Daemen, Michaël Peeters und Gilles Van Assche, 2012)
KCDSA	Korean Certificate-based DSA
KCI	Key Compromise Impersonation
KDC	Key Distribution Center (mainly Kerberos)
KDF	Key Derivation Function
KDSA	Korean Digital Signature Algorithm
KEA	Key Exchange Algorithm (alias for FORTEZZA-KEA)
KEK	Key Encryption Key
KEM	Key Encapsulation Mechanisms
KMA	Known Message Attack
KMAC	Secure Hash Algorithm?
KMS	Key Management Service
KOA	Key Only Attack
KPAK	KMS Public Authentication Key
KRB	Key Exchange Kerberos
KRB5	Key Exchange Kerberos 5
KSAK	KMS Secret Authentication Key
KSK	Key Signing Key (DNSSEC)
KU	Key Usage
Kuznyechik	block cipher  (used in GOST)
KW	AES Key Wrap
KWP	AES Key Wrap with Padding
Magma	block cipher  (used in GOST)
LAKE	hash function (Jean-Philippe Aumasson, Willi Meier, Raphael C.-W. Phan, 2008)
LEA	? algorithm
LEA-128	see LEA
LEA-256	see LEA
LED	lightweight block cipher
LEXv2	stream cipher
LFSR	Linear Feedback Shift Register
LION	variable block-length symmetric block cipher (2007)
LION 	hash function (2007)
LLL	Lenstra–Lenstra–Lovász, lattice basis reduction algorithm
LM hash	LAN Manager hash (aka LanMan hash)
LMS	? hash function
LogJam	Attack to force server to downgrade to export ciphers	(Exploit SSL/TLS)
Logjam	see LogJam
LRA	Local Registration Authority
LRW	Liskov, Rivest, and Wagner (block encryption)
LSN	large-scale NAT (same as CGN)
LWE	Learning with Errors
Lucifer	block cipher (developed at IBM in the 1970s)
Lucky13	Break SSL/TLS Protocol with ciphers using CBC-mode	(Exploit SSL/TLS)
Lucky 13	Break SSL/TLS Protocol	(Exploit SSL/TLS)
Lucky Thirteen	see Lucky 13
Magenta	128-bit symmetric block cipher (Deutsche Telekom 1990, broken 1998)
MANTIS	block cipher, low-latency variant of SKINNY
MARS	128-bit symmetric block cipher (developed at IBM)
MAC	Message Authentication Code
McEliece	more exactly "Classic McEliece" (key exchanged based on KEM?)
MCF	Modular Crypt Format
MDC	Modification Detection Code
MDC2	Modification Detection Code 2 (aka Meyer-Schilling)
MDC-2	same as MDC2
MD2	Message Digest 2
MD4	Message Digest 4
MD5	Message Digest 5
MEE	MAC-then-Encode-then-Encrypt (see also MtE, AtE)
MEK	Message Encryption Key
MECAI	Mutually Endorsing CA Infrastrukture
MGF	Mask Generation Function
MIDORI	lightweight 64-, 128-bit block cipher (2015)
Midori64	see MIDORI
Midori128	see MIDORI
MISTY	Mitsubishi Improved Security Technology (aka Matsui, Ischikawa, Sorimachi, Yamagishi)
MISTY1	64-bit symmetric block cipher (1995)
MISTY2	?
ML-DSA	Module-Lattice-Based Digital Signature Algorithm; post-quantum hash function
ML-KEM	Module Lattice-Based Key-Encapsulation Mechanism; post-quantum hash function, signature
ML-KEM-512	?
MLS	Message Layer Security
MOV	Menezes–Okamoto–Vanstone (attack)
MPQS	Multiple Polynomial Quadratic Sieve
MQV	Menezes-Qu-Vanstone (authentecated key agreement)
MS-SSTP	see SSTP
MtE	MAC-then-encrypt (see also AtE)
NaCl	"Salt", crypto library (by D. Bernstein, Tanja Lange, Peter Schwabe)
NCP	Normalized Certification Policy (according TS 102 042)
NOEKEON	128-bit symmetric block cipher (2000)
Neokeon	see NOEKEON (probaly typo)
NewHope	post-quantum key exchange
nistp192	alias for P-192
nistp224	alias for P-224
nistp256	alias for P-256
nistp384	alias for P-384
nistp521	alias for P-521
NLSv2	stream cipher
nonce	(arbitrary) number used only once
NPN	Next Protocol Negotiation
NPTRNG	none-physical none-deterministic Random Number Generator
NSS	Network Security Services
NTG	none-Deterministic Random Generator
NTLM	NT Lan Manager. Microsoft Windows challenge-response authentication method.
NTRU	asymmetric cipher using lattice reduction (1996); post-quantum encryption algorith
NTRUEncrypt	alias for NTRU
NOMORE	Numerous Occurrence MOnitoring & Recovery Exploit (aka RC4 NOMORE)
NULL	no encryption
NUMS	nothing up my sleeve numbers
OAEP	Optimal Asymmetric Encryption Padding
OCB	Offset Codebook Mode (block cipher mode of operation)
OCB1	same as OCB
OCB2	improved OCB (aka AEM)
OCB3	improved OCB2
OCELOT1	stream cipher
OCELOT2	stream cipher
OCSP	Online Certificate Status Protocol
OCSP stapling	formerly known as: TLS Certificate Status Request
OFB	Output Feedback
OFBx	Output Feedback x bit mode
OID	Object Identifier
OMAC	One-Key CMAC (aka CBC-MAC)
OMAC1	same as CMAC
OMAC2	same as OMAC
OPE	Order Preserving Encryption
OPIE	One-time pad Password system
OPRF	Secure Hash Algorithm?
ORAM	Oblivious Random Access Memory
ORYX	96-bit key stream cipher (broken 1998)
OSPF	Open Shortest Path First
OTP	One Time Pad
OV	Organisational Validation
OV-SSL	Organisational Validated Certificate
P12	see PKCS#12
P7B	see PKCS#7
P-192	Elliptic Curve used in FIPS 186-4 (NIST)
P-224	Elliptic Curve used in FIPS 186-4 (NIST)
P-256	Elliptic Curve used in FIPS 186-4 (NIST)
P-384	Elliptic Curve used in FIPS 186-4 (NIST)
P-521	Elliptic Curve used in FIPS 186-4 (NIST)
PACE	Password Authenticated Connection Establishment
PAD	Peer Authorization Database
PAKE	Password Authenticated Key Exchange
Panama	256-bit key stream cipher (1998)
Panama 	hash funcrion (1998, broken 2001)
PCN	Pre-Congestion Notification
PBE	Password Based Encryption
PBKDF2	Password Based Key Derivation Function
PC	Policy Constraints (certificate extension)
PCBC	Propagating Cipher Block Chaining
PCFB	Periodic Cipher Feedback Mode
PCT	Private Communications Transport
PDS	PKI Disclosure Statements (part of EV TLS certificates)
PEKS	Public Key Encryption Keyword Search
PEM	Privacy Enhanced Mail
PES	Proposed Encryption Standard
PFS	Perfect Forward Secrecy
PFX	see PKCS#12 (Personal Information Exchange)
PGP	Pretty Good Privacy
PII	Personally Identifiable Information
PIN	Personal Identification Number
Picollo	lightweight block cipher
PKCS	Public Key Cryptography Standards
PKCS1	PKCS #1: RSA Encryption Standard
PKCS3	PKCS #3: RSA Encryption Standard on how to implement the Diffie-Hellman key exchange protocol
PKCS5	PKCS #5: RSA Encryption Standard on how to derive cryptographic keys from a password
PKCS6	PKCS #6: RSA Extended Certificate Syntax Standard
PKCS7	PKCS #7: RSA Cryptographic Message Syntax Standard
PKCS8	PKCS #8: RSA Private-Key Information Syntax Standard
PKCS10	PKCS #10: Describes a standard syntax for certification requests
PKCS11	PKCS #11: RSA Cryptographic Token Interface Standard (keys in hardware devices, cards)
PKCS12	PKCS #12: RSA Personal Information Exchange Syntax Standard (public + private key stored in files)
PKE	Public Key Enablement
PKI	Public Key Infrastructure
PKIX	Internet Public Key Infrastructure Using X.509
PKP	Public-Key-Pins
PM	Policy Mappings (certificate extension)
PMAC	Parallelizable MAC (by Phillip Rogaway)
PMS	Pre-Master Secret
POLYVAL	(polynomial used in GCM)
Poly1305	Authenticator (MAC)
Poly1305-AES	MAC (by D. Bernstein)
POP	Proof of Possession
POODLE	Padding Oracle On Downgraded Legacy Encryption	(Exploit SSL/TLS)
POR	Proofs Of Retrievability
PQC	Post-Quantum Cryptography
PRESENT	64-bit block symmetric cipher (2007)
PRF	Pseudo-Random Function
PRNG	Pseudo Random Number Generator
PRP	Pseudo-Random Permutation
PRINCE	low-latency 64-bit symmetric block cipher (2012)
prime192v1	alias for P-192
prime224v1	alias for P-224
prime256v1	alias for P-256
prime384v1	alias for P-384
prime521v1	alias for P-521
PRNG	Pseudo-Random Number Generator
PSEC	Provable Secure Elliptic Curve (encryption)
PSK	Pre-shared Key
PSKC	Portable Symmetric Key Container
PSS	Probabilistic Signature Scheme
PTG	Physical Random Generator
PVT	Public Validation Token
PWKE	Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography
QARMA	Qualcomm ARM Authenticator, lightweight 64-, 128-bit block cipher (2016)
QARMA-64	see QARMA
QARMA-128	see QARMA
QKD	Quantum Key Distribution
QUAD	80-bit key stream cipher (2002)
QUARTZ	signature scheme ??
QUIC	Quick UDP Internet Connection
QWAC	Qualified Certificates for Website Authentication (EV TLS certificates contains QCStatement)
RA	Registration Authority (aka Registration CA)
Rabbit	128-bit key stream cipher (2003)
RACCOON	Timing vulnerability in TLS' DH key exchange	(Exploit SSL/TLS)
RADIUS	Remote Authentication Dial-In User Service
Radix-64	alias for Base-64
RAINBOW	post-quantum signature (broken 2/2022)
RBG	Random Bit Generator
RC2	Rivest Cipher 2, 64-bit symmetric block cipher by Ron Rivest
RC4	Rivest Cipher 4, stream cipher (aka Ron's Code)
RC5	Rivest Cipher 5, 32-bit symmetric block cipher
RC5-64	Rivest Cipher 5, 64-bit symmetric block cipher
RC6	Rivest Cipher 6, 128-bit symmetric block cipher
RCSU	Reuters' Compression Scheme for Unicode (aka SCSU)
RDSA	Russian Digital Signature Algorithm (aka GOST 34.10, RFC 7091)
RFC	Request for Comments
Rijndael	symmetric block cipher (AES)
RIPEMD	RACE Integrity Primitives Evaluation Message Digest
RIPE-MD	alias for RIPEMD
RLWE	Ring Learning-with-Errors
RMAC	Randomized MAC (block cipher authentication mode)
RMD	
RNG	Random Number Generator
ROCA	Return of the Coppersmith Attack	(Exploit SSL/TLS)
ROT-13	see XOR
ROBOT	Return Of Bleichenbacher's Oracle Threat	(Exploit SSL/TLS)
RTP	Real-time Transport Protocol
RSASSA-PSS	RSA Probabilistic Signature Scheme
RSA	Rivest Sharmir Adelman (public key cryptographic algorithm)
RSS-14	Reduced Space Symbology, see GS1
RTN	Routing transit number
S/KEY	One-time pad Password system
SA	Subordinate Authority (aka Subordinate CA)
SACL	System Access Control List
SAD	Security Association Database
SAE	Simultaneous Authentication of Equals
SAFER	Secure And Fast Encryption Routine, 64-bit symmetric block cipher (1993)
SAFER+	128-bit symmetric block cipher (1998)
SAFER++	128-bit symmetric block cipher (1998)
Salsa20	stream cipher (by D. Bernstein, 2005), see ChaCha20
Salsa20/8	see scrypt
Salsa20/12	see Salsa20
Salsa20/20	see Salsa20
SAM	syriac abbreviation mark
SAN	Subject Alternate Name
Sarmal	hash function
SAX	Symmetric Authenticated eXchange
SBCS	single-byte character set
SBPA	Simple Branch Prediction Analysis
SCA	Selfsigned CA Signature
SCA	Side Channel Attack
SCEP	Simple Certificate Enrollment Protocol
SCREAM	tweakable word-based stream cipher (2002)
scrypt	password based key derivation function (Colin Percival)
SCSU	Standard Compression Scheme for Unicode (compressed UTF-16)
SCSV	Signaling Cipher Suite Value
SCVP	Server-Based Certificate Validation Protocol
SCT	Signed Certificate Timestamp
SDES	Security Description Protokol
secp192r1	alias for P-192
secp224r1	alias for P-224
secp256r1	alias for P-256
secp384r1	alias for P-384
secp521r1	alias for P-521
SEAL	Software-Optimized Encryption Algorithm; 32-bit word stream cipher (1994)
SEED	128-bit symmetric block cipher (1998)
Serpent	128-bit symmetric block cipher (1998)
SGC	Server-Gated Cryptography
SGCM	Sophie Germain Counter Mode (authenticated encryption block cipher mode)
SIV	Synthetic Initialization Vector
SA	Security Association
SHA	Secure Hash Algorithm
SHA-0	Secure Hash Algorithm (insecure version before 1995)
SHA-1	Secure Hash Algorithm (since 1995)
SHA-2	Secure Hash Algorithm (since 2002)
SHA-3	Secure Hash Algorithm (since 2015), see Keccak also
SHA-128	Secure Hash Algorithm (128 bit)
SHA-224	Secure Hash Algorithm (224 bit)
SHA-256	Secure Hash Algorithm (256 bit)
SHA-384	Secure Hash Algorithm (384 bit)
SHA-512	Secure Hash Algorithm (512 bit)
SHA1	alias for SHA-1 (160 bit)
SHA2	alias for SHA-2 (128, 224, 256, 384 or 512 bit)
SHA3	alias for SHA-3 (224, 256, 384 or 512 bit)
SHA3256	alias for SHA3-256
SHA3-224	Secure Hash Algorithm (224 bit)
SHA3-256	Secure Hash Algorithm (256 bit)
SHA3-384	Secure Hash Algorithm (384 bit)
SHA3-512	Secure Hash Algorithm (512 bit)
SHAKE128	Secure Hash Algorithm (variable bit)
SHAKE256	Secure Hash Algorithm (variable bit)
SHAttered	The first concrete collision attack against SHA1	(Exploit SSL/TLS)
SHAvite-3	hash function (Eli Biham, Orr Dunkelman, 2009)
SHS	Secure Hash Standard
SIA	Subject Information Access (certificate extension)
SIC	Segmented Integer Counter (alias for CTR)
SIDH	Supersingular Isogeny Diffie-Hellman (key exchange)
SIKE	post-quantum hash function, signature (broken 7/2022)
SIKEp434	post-quantum hash function, signature (broken 7/2022)
SIKEp503	post-quantum hash function, signature (broken 7/2022)
SIKEp610	post-quantum hash function, signature (broken 7/2022)
SIKEp751	post-quantum hash function, signature (broken 7/2022)
SIMD	Single Instruction Multiple Data
SIMON	lightweight 32-, 48-, 64-, 96-, 128-bit symmetric block cipher (NSA algorithm, questionable security) (2013)
SipHash	hash function (J. Aumasson, Daniel Bernstein, 2012)
SIV	Synthetic Initialization Vector
SK	Sakai–Kasahara (ID-based encryption)
Skein	hash function (Niels Ferguson, Stefan Lucks, Bruce Schneier, Doug Whiting, Mihir Bellare, Tadayoshi Kohno, Jon Callas, Jesse Walker, 2010)
Skein-256-256	see Skein (256 bits)
Skein-512-256	see Skein (256 bits)
Skein-512-512	see Skein (512 bits)
Skein-1024-1024	see Skein (1024 bits)
SKID	Subject Key ID (certificate extension)
SKINNY	SPN tweakable block cipher
SKINNY-128-256	see SLINNY
SKIP	Message Skipping Attacks on TLS	(Exploit SSL/TLS)
SKIP-TLS	see SKIP
Skipjack	64-bit block cipher (part of the Fortezza) (1998, partially brocken)
Sleeping POODLE	invalid padding with valid MAC (variant of POODLE exploit)
SLH-DSA	Stateless hash-based Digital Signature Algorithm; post-quantum hash function, signature
SLOTH	Security Losses from Obsolete and Truncated Transcript Hashes	(Exploit SSL/TLS)
SM2	ShangMi authentication function
SM3	ShangMi hash function
SM4	ShangMi block cipher (Chinese gouvernment algorithm, questionable but no objections yet)
SM4CCM	AEAD algorithms AEAD_SM4_CCM
SM4GCM	AEAD algorithms AEAD_SM4_GCM
SMS4	see SM4
SMACK	State Machine AttaCKs	(Exploit SSL/TLS)
Snefu	hash function
Snow20	see SNOW
SNI	Server Name Indication
SNOW	32-bit word synchronous stream ciphers (by Thomas Johansson and Patrik Ekdahl )
SNOW 1.0	see SNOW
SNOW 2.0	see SNOW
SNOW 3G	see SNOW
SNOW-V	see SNOW
SNOW-Vi	see SNOW
Snuffle 2005	see Salsa20
Snuffle 2008	see ChaCha
Sosemanuk	128-bit stream cipher (2005)
SOBER	Seventeen Octet Byte Enabled Register, 8-, 16-, 32-bit key stream cipher (1997)
SOBER-2	see SOBER
SOBER-t8	see SOBER
SOBER-t16	see SOBER
SOBER-t32	see SOBER
SOBER-128	see SOBER
SPAKE	Single-Party Public-Key Authenticated Key Exchange
SPARX	? algorithm
SPD	Security Policy Database
SPECK	lightweight 16-, 24-, 32-, 48-, 64-bit symmetric block cipher (NSA algorithm, questionable security) (2013, broken 2018)
Speck64	see SPECK
Speck128	see SPECK
Speck256	see SPECK
Speck256-XTS	see SPECK
SPD	Security Policy Database
SPDY	Google's application-layer protocol on top of SSL
SPHINCS	Stateless hash-based signatures, post-quantum hash function, signature
SPHINCS-256	alias for SPHINCS
SPHINCS-SHAKE256	alias for SPHINCS
SPHINCS-SHA-256	alias for SPHINCS
SPHINCS+	SPHINCS (aka SLH-DSA)
SPI	Security Parameters Index
SPKI	Subject Public Key Infrastructure
SPN	Substitution-Permutation Network
SPN	(Kerberos) Service Principal Names
SPRP	Strong Pseudo-Random Permutation
Square	128-bit symmetric block cipher (1997, broken with Square attack))
SRI	Subresource Integrity
SRP	Secure Remote Password protocol
SRTP	Secure RTP
SSCD	Secure Signature Creation Device
SSE	Symmetric Searchable Encryption
SSEE	Sichere Signaturerstellungseinheit (same as SSCD)
SSK	Secret Signing Key
SSL	Secure Sockets Layer
SSLv2	Secure Sockets Layer Version 2
SSLv3	Secure Sockets Layer Version 3
SSP	Security Support Provider
SSPI	Security Support Provider Interface
SST	Serialized Certificate Store format
SSTP	Secure Socket Tunneling Protocol
STES	stream cipher
STH	Signed Tree Head
Streebog	hash function
Streebog-256	see Streebog
Streebog-512	see Streebog
STS	Strict Transport Security
STS 	Station-to-Station protocol
SUF-CMA	Strong UnForgeability against Chosen-Message Attacks
Sweet32	Birthday attacks on 64-bit block ciphers in TLS and OpenVPN	(Exploit SSL/TLS)
SWIFFT	hash function (Vadim Lyubashevsky, Daniele Micciancio, Chris Peikert, Alon Rosen, 2008)
SWIFFTX	see SWIFFT
TA	Trust Agent
TACK	Trust Assertions for Certificate Keys
TCB	Trusted Computing Base
TDEA	Tripple DEA
TDKW	A Key Wrap Scheme
TEA	Tiny Encryption Algorithm
TEK	Traffic Encryption Key
TET	?
TFS	Traffic Flow Security
TGS	Ticket Granting Service (mainly Kerberos)
TGT	Ticket Granting Ticket (mainly Kerberos)
Tiger	hash function
TIME	Timing Info-leak Made Easy	(Exploit SSL/TLS)
TIME 	A Perfect CRIME? TIME Will Tell
Threefish	256-, 512-, 1024-bit symmetric block cipher (part of Skein hash function) (2008)
TKW	Triple-DEA Key Wrap
TLS	Transport Layer Security
TLSA	TLS Trust Anchors
TLSv1	Transport Layer Security version 1
TLSA RR	TLSA resource Record
TMAC	Two-Key CMAC, variant of CBC-MAC
TOCTOU	Time-of-check, time-of-use
TOFU	Trust on First Use
TR-02102	Technische Richtlinie 02102 (des BSI)
TR-03116	Technische Richtlinie 03116 (des BSI)
Trivium	80-bit key synchronous stream cipher (2005, broken 4/2015)
TRNG	True Random Number Generator
TSK	Transmission Security Key
TSK 	TACK signing key
TSP	trust-Management Service Provider
TSS	Time Stamp Service
TTP	trusted Third Party
TupleHash	Secure Hash Algorithm?
Twofish	128-bit symmetric block cipher (1998)
UC 	Unified Capabilities
UC	Unified Communications (SSL Certificate using SAN)
UCC	Unified Communications Certificate (rarley used)
UMAC	Message Authentication Code based on universal hashing (aka universal hashing MAC; optimized for 32-bit architectures)
URI	Uniform Resource Identifier
URL	Uniform Resource Locator
UUF	universal unforgeable
VEST	Very Efficient Substitution Transposition, cipher with T-functions (2005, brocken 2007)
VEST-4	see VEST
VEST-8	see VEST
VEST-16	see VEST
VEST-32	see VEST
VMAC	Universal hashing MAC; 64-bit variant of UMAC (by Ted Krovetz and Wei Dai)
VMPC	Variably Modified Permutation Composition, stream cipher (2007)
VR-224	alias for BADA55-VR-224
VR-256	alias for BADA55-VR-256
VR-384	alias for BADA55-VR-384
WAKE	32-bit word stream cipher (1993, broken)
WHIRLPOOL	hash function
WPAD	Web Proxy Auto-Discovery
wolfSSL	SSL library mainly intended and used for embedded and real-time systems
X.680	X.680: ASN.1
X.509	X.509: The Directory - Authentication Framework
X25519	alias for Curve25519 ?
X448	alias for Curve448 ?
X680	X.680: ASN.1
X509	X.509: The Directory - Authentication Framework
X3DH	Extended Triple Diffie-Hellman
XCBC	eXtended CBC-MAC
XCBC-MAC	same as XCBC
XChaCha	eXtended-nonce ChaCha, 512-bit key stream cipher
XChaCha12	see ChaCha (aka 12-round XChaCha)
XChaCha20	see ChaCha (aka 20-round XChaCha)
XEX	XOR Encrypt XOR
XKMS	XML Key Management Specification
XMACC	counter-based XOR-MAC
XMACR	radomized XOR-MAC
XMLSIG	XML-Signature Syntax and Processing
XMSS	eXtended Merkle Signature Scheme, hash function
XSalsa2	variant of Salsa20
XTEA	extended Tiny Encryption Algorithm
XTS	XEX-based tweaked-codebook mode with ciphertext stealing
XUDA	Xcert Universal Database API
XXTEA	enhanced/corrected Tiny Encryption Algorithm
yaSSL	same as CyaSSL
ZLIB	Lossless compression file format
Zombie POODLE	invalid padding with valid MAC (variant of POODLE exploit)
ZRTP	SRTP for VoIP
ZSK	Zone Signing Key (DNSSEC)

