Common use of Cryptographic Key Material Clause in Contracts

Cryptographic Key Material. Any parameter passed to an encryption cipher which influences the output of the algorithm (with the exception of the message itself). Cryptographic Software Software used to protect the confidentiality, integrity, authenticity or accountability of information systems, or software used to generate cryptographic key material to be used for the above. Digital Signature The result of a cryptographic transformation of data that, when properly implemented with a supporting infrastructure and policy, provides the services of: 1. Origin authentication; 2. Data integrity authentication; 3. Signer non-repudiation. Encrypt-then- MAC The plaintext is first encrypted, and then a Message Authentication Code (MAC) is produced based on the resulting ciphertext. Antonymous to MAC-then-encrypt and encrypt-and-MAC. Ephemeral Key A key generated at each individual execution of a key exchange process. The opposite of a static or persistent key. FIPS 140-2 A cryptographic standard created by the American National Institute of Standards and Technology (NIST) used to certify cryptographic modules against four increasing security levels. Where later versions of FIPS 140 are approved for use by NIST, e.g. FIPS 140-3, we will also accept these certifications as equivalent. Hash (also known as: Cryptographic Hash, Message Digest, Digest) The result of a cryptographic hash function, an algorithm with the following properties: 1. Variable size input; 2. Fixed size output; 3. Efficient; 4. Pre-image resistance (the function is computationally difficult to reverse); 5. Second pre-image resistance (Given a message, it is computationally difficult to find a message with the same cryptographic hash); 6. Collision resistance (it is computationally difficult to find any two messages with the same cryptographic hash).

Cryptographic Key Material. Any parameter passed to an encryption cipher which influences the output of the algorithm (with the exception of the message itself). Cryptographic Software Software used to protect the confidentiality, integrity, authenticity or accountability of information systems, or software used to generate cryptographic key material to be used for the above. Digital Signature The result of a cryptographic transformation of data that, when properly implemented with a supporting infrastructure and policy, provides the services of: 1. Origin authentication; authentication 2. Data integrity authentication; authentication 3. Signer non-repudiation. Encrypt-then- MAC The plaintext is first encrypted, and then a Message Authentication Code (MAC) is produced based on the resulting ciphertext. Antonymous to MAC-then-encrypt and encrypt-and-MAC. Ephemeral Key A key generated at each individual execution of a key exchange process. The opposite of a static or persistent key. FIPS 140-2 A cryptographic standard created by the American National Institute of Standards and Technology (NIST) used to certify cryptographic modules against four increasing security levels. Where later versions of FIPS 140 are approved for use by NIST, e.g. for example. FIPS 140-3, we will also accept these certifications as equivalent. Hash (also known as: Cryptographic Hash, Message Digest, Digest) The result of a cryptographic hash function, an algorithm with the following properties: 1. Variable size input; input 2. Fixed size output; output 3. Efficient; 4. Pre-image resistance (the function is computationally difficult to reverse); ) 5. Second pre-image resistance (Given a message, it is computationally difficult to find a message with the same cryptographic hash); ) 6. Collision resistance (it is computationally difficult to find any two messages with the same cryptographic hash).