Data Encryption Standard - See DES.

decryption - The inverse (reverse) of encryption.

DES - Data Encryption Standard, a block cipher developed by IBM and the U.S. government in the 1970's as an official standard. See also block cipher.

dictionary attack - A brute force attack that tries passwords and or keys from a precompiled list of values. This is often done as a precomputation attack.

Diffie-Hellman key exchange - A key exchange protocol allowing the participants to agree on a key over an insecure channel.

differential cryptanalysis - A chosen plaintext attack relying on the analysis of the evolution of the differences between two plaintexts.

digest - Commonly used to refer to the output of a hash function, e.g. message digest refers to the hash of a message.

digital envelope - A key exchange protocol that uses a public-key cryptosystem to encrypt a secret key for a secret-key cryptosystem.

digital fingerprint - See digital signature.

digital signature - The encryption of a message digest with a private key.

digital timestamp - A record mathematically linking a document to a time and date.

discrete logarithm - Given two elements d, g, in a group such that there is an integer r satisfying g ** r = d, r is called the discrete logarithm.

discrete logarithm problem - The problem of given d and g in a group, to find r such that g ** r = d. For some groups, the discrete log problem is a hard problem that can be used in public-key cryptography.

distributed key - A key that is split up into many parts and shared (distributed) among different participants. See also secret sharing.

DMS - Defense Messaging Service.

DOD - Department of Defense.

DSA - Digital Signature Algorithm. DSA is a public-key method based on the discrete log problem.

DSS - Digital Signature Standard. DSA is the Digital Signature Standard.

ECC - Elliptic Curve Cryptosystem; A public-key cryptosystem based on the properties of elliptic curves.

ECDL - See elliptic curve discrete logarithm.

EDI - Electronic (business) Data Interchange.

electronic commerce (e-commerce) - Business transactions conducted over the Internet.

electronic mail (e-mail) - Messages sent electronically form one person to another via the Internet.

elliptic curve - The set of points (x,y) satisfying an equation of the form y ** 2 = x ** 3 + ax + b, for variables x, y and constants a, b.

elliptic curve cryptosystem - See ECC.

elliptic curve discrete logarithm (ECDL) problem - The problem of given two points P and Q on an elliptic curve, to find m satisfying mP = Q, assuming such and m exists.

elliptic curve (factoring) method - A special-purpose factoring algorithm that attempts to find a prime factor p of an integer n my finding an elliptic curve shows number of points modulo p is divisible by only small primes.

encryption - The transformation of plaintext into an apparently less readable form (called ciphertext) through a mathematical process. The ciphertext may be read by anyone who has the key that decrypts (undoes the encryption) the ciphertext.

exclusive or - See XOR.

exhaustive search - Checking every possibility individually till the right value is found. See also attack.

expiration date - Certificates and keys may have a limited lifetime; expiration dates are used to monitor this.

exponential function - A function where the variable is in the exponent of some base, for example, b ** N where N is the variable, and b is some constant.

export encryption - Encryption, in any form, which leaves its country of origin. For example, encrypted information or a computer disk holding encryption algorithms that is sent out of the country.