public key cryptography: a commented bilingual terminology...
TRANSCRIPT
Public Key Cryptography:
A Commented Bilingual Terminology File
Submitted for the Degree of
Master of Arts in Translation
by
Carolina Herrera
Supervisors:
Ingrid Meyer, Ph.D.
Clara Foz, Ph.D.
University of Ottawa
School of Translation and Interpretation
2001
® Carolina Herrera, Ottawa, Canada, 2001
Public Key Cryptography: A Commented Terminology File
ACKNOWLEDGEMENTS
I would like to express my sincere thanks to my thesis supervisor, Dr. Ingrid Meyer, for her prompt and insightful feedback, as well as for her support and patience. I would also like to thank my co-director, Dr. Clara Foz, for her detailed and valuable comments, and her encouragement and trust. I am grateful to the University of Ottawa for providing me with a scholarship that made it possible for me to undertake this challenge. Many thanks to Dr. Lynne Bowker and Dr. Stan Matwin who listened to my ideas and provided helpful comments that served as starting points for this project. I am fortunate in having had the enthusiastic support of friends and colleagues at the School of Translation and Interpretation. In particular, I would like to thank Elizabeth Marshman for her constructive comments and suggestions. My family is a constant and endless source of strength and moral support. Without their love and encouragement, this project could not have been completed. Thanks.
Carolina Herrera
AGRADECIMIENTOS
Quiero expresar mi más sincera gratitud a mi supervisora de tesis, Dra. Ingrid Meyer, por sus valiosas y acertadas enseñanzas, así como por su apoyo y paciencia. Asímismo, quiero agradecer a mi co-directora, Dra. Clara Foz, por sus preciados y detallados comentarios, y por darme en todo momento aliento y confianza. Estoy muy agradecida con la Universidad de Ottawa por la beca que me otorgó, gracias a ella pude emprender este desafío. Gracias a la Dra. Lynne Bowker y al Dr. Stan Matwin por escuchar mis ideas y brindarme sus valiosos comentarios, los cuales sirvieron de punto de partida para este proyecto. Gracias a mis amigas y colegas de la Escuela de Traducción e Interpretación por su entusiasta apoyo. En especial, quisiera agradecer a Elizabeth Marshman por sus interesantes comentarios y sugerencias. Mi familia es una fuente constante e infinita de fuerza y apoyo moral. Sin su amor y aliento, yo no hubiera podido culminar este trabajo. Gracias.
Public Key Cryptography: A Commented Terminology File 4
Carolina Herrera
ABSTRACT
The objectives of this terminological file are to 1) produce records for the fundamental
English and Spanish terminology in the subject field of public key cryptography; 2) guide the
user in choosing terms and avoiding the use of pseudo-synonyms, and indicate spelling or
syntactic variants that could create confusion, and 3) discuss a number of terminological
difficulties in the field.
This work provides theoretical and practical insight on terminological research. The
theoretical aspects include the criteria for evaluation of documentation, the process of
identification and selection of concepts and terms, the representation of the conceptual system in
English and Spanish, and the discussion of the main terminological challenges encountered
during the elaboration of this project. The practical aspects consist of the production of the
English-Spanish term records, which provide not only descriptive information but also
suggestions on the use of variants.
The conclusion drawn from this research is that the field of public key cryptography
poses considerable challenges for English/Spanish terminologists and translators. Among these
challenges are the constant evolution of the terms and concepts and the different communicative
situations in which they are used. Moreover, the arbitrary creation of variants is a serious
obstacle to communication as it opens the doors to several alternative terms used simultaneously.
Public Key Cryptography: A Commented Terminology File
RÉSUMÉ
Les objectifs de ce fichier terminologique sont 1) fournir une série de fiches bilingues
dans le domaine de la cryptographie à clé publique; 2) guider les usagers dans le choix des
termes, en évitant l�usage de pseudo-synonymes, et en indiquant les variantes orthographiques et
syntaxiques sources de confusion, et 3) analyser les principales difficultés terminologiques de ce
champ.
Ce travail présente des aspects théoriques et pratiques. La partie théorique comprend les
critères d�évaluation de la documentation, les procédés d�identification et de sélection des
concepts et des termes, la création d�un arbre conceptuel en anglais et espagnol et la discussion
des plus importants problèmes terminologiques rencontrés pendant l�élaboration de ce travail. La
partie pratique traite de la préparation des fiches terminologiques anglais-espagnol qui
fournissent des renseignements descriptifs et offrent des suggestions sur l�usage des variantes.
Mes recherches me permettent de conclure que le champ de la cryptographie à clé
publique pose des défis considérables pour les terminologues et traducteurs anglais ou espagnols.
Parmi ces défis, on trouve l�évolution constante des notions et des termes et les différentes
situations de communication dans lesquelles ces termes sont utilisés. Par ailleurs, la création
arbitraire de variantes constitue également un obstacle pour la communication, étant donné
qu�elle peut mener à plusieurs termes alternatifs utilisés simultanément.
Carolina Herrera
SÍNTESIS
Los objetivos de este fichero terminológico son 1) elaborar una serie de fichas bilingües
en el campo de la criptografía de clave pública; 2) guiar a los usuarios en la elección de términos,
evitando el uso de pseudo-sinónimos, e indicar las variantes ortográficas y sintácticas que
pueden causar confusión, y 3) analizar las principales dificultades terminológicas de este campo.
Este trabajo presenta aspectos teóricos y prácticos de la investigación terminológica. La
parte teórica comprende los criterios de evaluación de la documentación, los procesos de
identificación y selección de conceptos y términos, la creación de un árbol conceptual en inglés y
español y la discusión de los más importantes problemas terminológicos que se presentaron
durante la elaboración de este trabajo. La parte práctica trata de la preparación de las fichas
terminológicas inglés-español, las cuales proporcionan información descriptiva y ofrecen
sugerencias sobre el uso de las variantes.
Mi investigación me permite concluir que el campo de la criptografía de clave pública
presenta desafíos considerables. Entre estos desafíos se encuentran la constante evolución de
conceptos y términos y las diferentes situaciones de comunicación en que se utilizan los términos.
Además, la existencia de términos concurrentes utilizados simultáneamente, constituye
igualmente un problema para terminólogos y traductores en inglés o español.
Public Key Cryptography: A Commented Terminology File
TABLE OF CONTENTS
INTRODUCTION ...................................................................................................................... i
Objectives............................................................................................................................ ii Fundamental Concepts......................................................................................................... ii Content ............................................................................................................................... iii
PART I .......................................................................................................................................4
CHAPTER ONE UNDERSTANDING PUBLIC KEY CRYPTOGRAPHY ...........................................................5
CHAPTER TWO DOCUMENTATION..................................................................................................................7
2.1 Hard Copy Documentation.............................................................................................7 2.2 On-line Documentation ..................................................................................................8 2.3 Specialists ....................................................................................................................10
CHAPTER THREE METHODOLOGY....................................................................................................................11
3.1 Understanding and Delimiting the Field of Public Key Cryptography...........................11 3.2 Term Identification and Selection.................................................................................12 3.3 Concept Diagram .........................................................................................................13 3.4 Record Preparation.......................................................................................................16
3.4.1 Presentation of the Term Records...........................................................................16
PART II ....................................................................................................................................19
CHAPTER FOUR PROBLEMS ENCOUNTERED................................................................................................20
4.1 Multidimensionality .....................................................................................................20 4.2 Definition Construction ................................................................................................21 4.3 Proliferation of New Lexical Entities............................................................................22 4.4 Use of Variants ............................................................................................................26
4.4.1 Use of True Synonyms...........................................................................................27 4.4.2 Use of Pseudo-Synonyms ......................................................................................27 4.4.3 Use of Syntactic Variants.......................................................................................30 4.4.4 Use of Spelling Variants ........................................................................................31
4.5 Proposal of the Term aceptación obligatoria as the Equivalent of nonrepudiation........32 PART III...................................................................................................................................35
CHAPTER FIVE ORGANIZATION OF THE TERM FILE .................................................................................36
5.1 Term Records Organization..........................................................................................36 TERMINOLOGY FILE ............................................................................................................37
Carolina Herrera 9
CONCLUSION.........................................................................................................................64
BIBLIOGRAPHY.....................................................................................................................65
1 Terminology....................................................................................................................65 1.1 Works Cited..............................................................................................................65 1.2 Reference Works.......................................................................................................65 1.3 Terminological Files .................................................................................................66
2 Public Key Cryptography ................................................................................................66 2.1 English Sources.........................................................................................................66 2.2 Spanish Sources ........................................................................................................69
APPENDIX I � INDEX OF ENGLISH TERMS .......................................................................72
APPENDIX II � INDEX OF SPANISH TERMS ......................................................................73
APPENDIX III � INDEX OF ENGLISH AND SPANISH TERMS ..........................................74
Public Key Cryptography: A Commented Terminology File
INTRODUCTION
The world is increasingly turning to the digital medium, and in particular to the Internet,
as a tool for carrying data. However, for sensitive information to be transmitted over the Internet,
a secure environment is essential. As more and more organizations, including private companies
and government, attempt to use electronic media whenever possible, the importance of
cryptography and other information security tools has increased. Cryptography was initially
developed as a means of disguising written messages. Today, however, its principles are applied
to the encryption of facsimile and television signals. More importantly, cryptography is pivotal
for securing data communications between computers and for authenticating such transmissions,
i.e. providing assurance to the authorized receiver that the message is not a forgery.
Different approaches to and applications of systems in this field have created
inconsistency in the use of concepts and terms. Moreover, as a result of new communication
technologies such as the Internet, concepts are constantly being introduced into Spanish-speaking
communities, often more quickly than equivalents can be developed.
This terminological file will address the problems encountered while producing records
for the fundamental English and Spanish terminology in the field of public key cryptography.
Carolina Herrera ii
Objectives
The objectives of this terminology file are as follows:
1- To produce records for the fundamental English and Spanish terminology in the subject
field of public key cryptography.
2- To guide the user in choosing terms and avoiding the use of pseudo-synonyms, and to
indicate spelling or syntactic variants that could create confusion.
3- To discuss a number of terminological difficulties in the field of public key
cryptography.
Fundamental Concepts1
The following concepts will occur frequently in this work:
True synonym: A term designating the same concept as another in the same language and which
can be used interchangeably with the other term in all contexts. Example: encryption,
encipherment.
Quasi-synonym: A term that designates the same concept as another, but which is not
interchangeable with the other term in all contexts as its use is limited to certain communication
situations. Also called partial synonym. Example: decryption and code-breaking.
Pseudo-synonym: A designation incorrectly used for a given concept as a result of
misunderstanding correct usage, confusion between a generic and a specific, etc. Example:
encryption instead of cryptography.
Spelling variant: A term whose spelling differs only slightly from that of another term
designating the same concept. Example: nonrepudiation and non repudiation.
1 H. Picht, Terminology: an Introduction, pp. 101-103.
Public Key Cryptography: A Commented Terminology File iii
Syntactic variant: A term whose syntactic form differs only slightly from that of another term
designating the same concept. Example: authentication of origin, origin authentication.
Content
The terminological file will be divided into three main parts. Part I consists of three
chapters. Chapter 1 is intended to provide the background information necessary for
understanding the field of public key cryptography, chapter 2 describes and comments on the
documentation used, and chapter 3 explains the terminological method followed. Part II
examines the main terminological challenges encountered in the terminological research and
presents the solutions adopted (chapter 4). Finally, Part III consists of the organization of the
term records and the terminological file itself (chapter 5).
Carolina Herrera
PART I
Public Key Cryptography: A Commented Terminology File
CHAPTER ONE
UNDERSTANDING PUBLIC KEY CRYPTOGRAPHY
Cryptology is the science concerned with communications in a secure and usually secret
form. The term cryptology is derived from the Greek kryptós, �hidden�, and logos, �word�. In
order to transmit information, the sender transforms the information into a cipher by using a key,
i.e. a piece of information known only to him. The cipher is inscrutable and often unforgeable to
anyone without this secret key, the authorized receiver can then either decrypt the cipher to
recover the hidden information or verify that it was sent by someone possessing the key.
Cryptology encompasses the study of cryptography and cryptanalysis. Cryptography
(from the Greek kryptós and gráphen, �to write�) is the study of the principles and techniques by
which information can be concealed in ciphers and later revealed by legitimate users employing
the secret key. Cryptanalysis (from the Greek kryptós and analýein, �to loosen� or �to untie�) is
the science of recovering information from ciphers without knowledge of the key.
In the practical use of cryptography, a problem that has been addressed in the last decades
is the communication of the key between the sender A and the receiver B. Using cryptography
has been compared with using a strongbox with a double-acting dead bolt on it2. Since A and B
are physically apart, in order to securely transmit sensitive information they must enclose the
data in the strongbox, which is locked and unlocked using the key. Encryption would be
analogous to locking the box and decryption to unlocking the box. Cryptography makes it
possible to electronically exchange documents securely between parties who do not even know
each other. It provides assurance that:
2 Encyclopaedia Britannica, �Cryptography.� [www.britannica.com]
Carolina Herrera 6
1) the parties are who they say they are, known also as authentication;
2) the messages exchanged between them have not been altered, known as data
integrity;
3) the parties cannot deny having sent them, known also as nonrepudiation; and,
4) no persons other than the parties could read them, known as confidentiality.
In a symmetric cryptosystem, encryption and decryption keys are either the same, or one
can be easily computed with information of the other. In an asymmetric cryptosystem, also called
a public key cryptosystem, there is also a pair of keys. The difference is that one of them�the
public key�is known to everyone taking part in the communications network, and the other�
the private key�is known only to the receiver of the message. It is virtually impossible to
recover the private key even if one knows the corresponding public key. Moreover, only the
public key can be used to encrypt messages on the communications network, and only the private
key can be used to decrypt them.
Another important element to understand in the field of public key cryptography is the
concept of a digital signature. This is analogous to a hand-written signature because a sender can
sign data, but any number of receivers can read the signature and verify its accuracy. Any digital
signature operation involves the use of a private key and a public key, therefore a public key
cryptosystem is required. The comprehensive system that provides public key encryption and
digital signature services is known as public key infrastructure, also called PKI.
After having understood the main concepts of public key cryptography, in the following
chapter I will explain the process of selection of documentation followed in this project.
Public Key Cryptography: A Commented Terminology File
CHAPTER TWO
DOCUMENTATION
As stated by Wayne D. Cole3, the first step in any terminological research project is to
become familiar with the subject field. In order to do this, I consulted official documents
(standards and recommendations), as well as terminological works. Encyclopaedias, technical
manuals, proceedings of conferences and specialized periodicals were also consulted.
At this stage I was able to select the documents, classify them and prepare an inventory
of sources. The criteria followed for this classification were the following4:
− language of origin of the documents and reputation of the author;
− nature of the text (specialized or educational, official or informal, encyclopaedia,
promotional material, etc.);
− organization of the information (presence of glossaries and indexes to concepts appearing in
the document); and,
− linguistic quality of the text.
2.1 Hard Copy Documentation
Documents containing information about cryptography range from technical and highly
specialized books and textbooks to brochures and promotional material. Since this work is
targeted to a generally educated public, I decided to avoid definitions and textual supports
3 W.D. Cole, Terminology: Principles and Methods, p. 79. 4 S. Pavel, Handbook of Terminology, p. 35.
Carolina Herrera 8
extracted from highly specialized journals and books. Encyclopaedias, specialized dictionaries
and introductory books were available at the Morisset Library (University of Ottawa).
The main sources of information were recommendations and standards on information
security. Although no standards exist for public key cryptography terminology specifically,
valuable information was found in technical specification standards for cryptographic systems5.
The Library of the Standards Council of Canada (SCC) provided valuable support.
Spanish material in printed form was hard to find locally. In Spanish speaking countries,
it is not easy to find books on public key cryptography originally written in this language.
Through the websites of two Spanish specialized magazines, namely Kriptópolis and
Criptonomicón, I obtained access to books and specialized magazines in PDF format. I also
consulted technical manuals published by the CERES project (Certificación Española - Spanish
Certification) led by the Fábrica Nacional de Moneda y Timbre (National Mint)6.
I found no books, bilingual glossaries or termbanks solely devoted to cryptography
terminology. This might be due, among other factors, to the ever-evolving technology on
information security. This situation becomes more marked in Spanish terminology, where the
lack of harmonization represented one of the main problems encountered while working on this
terminological collection. This point will be discussed further in chapter 3.
2.2 On-line Documentation
Undoubtedly, the WWW is a rich source of reliable documents written in both English
and Spanish. With the growth of e-commerce, public key cryptography and digital signatures are
5 Recommendations issued by ITU (International Telecommunications Union) and ISO Standards. 6 The CERES project is concerned with establishing a Public Certification Authority that will ensure and authenticate the confidentiality of communications through open communication networks between citizens, companies or other institutions and public administrations. [www.cert.fnmt.es]
Public Key Cryptography: A Commented Terminology File 9
being used in more and more countries. International organizations are also concerned about
information security, as a result, the production of legal documentation in this field has increased
noticeably and such texts could not be excluded from the corpora. Web pages and search engines
of international organizations such as the European Union (EU), the International Organization
for Standardization7 (ISO), and the International Telecommunications Union (ITU) were helpful
links to the main institutions working on these issues around the world.
Since the most representative documents in the field of cryptography in Spanish come
from Spain, the inventoried documentation is mainly from this country. Spain is the Spanish
speaking country that has been most active in information security research and standardization
of terminology use. However, it is worth mentioning that the geographical variation in the use of
Spanish terms was not considered to be relevant and thus was not a factor in selecting the
documentation. This problem will be addressed later in chapter 4. (See 4.3 Proliferation of New
Lexical Entities).
The ITU Telecommunication Standardization Sector develops Recommendations
(standards) for the various fields of international telecommunications. TERMITE 8 is the
terminology database of the ITU consisting of approximately 59,000 entries. It is maintained by
the Terminology, References and Computer Aids to Translation Section (Conference Department,
General Secretariat). TERMITE contains all the terms which appeared in ITU printed glossaries
since 1980, as well as more recent entries relating to the different activities of the Union.
TERMITE was the main English-Spanish database consulted for this work.
7 There is a seeming lack of correspondence between the official title in full, International Organization for Standardization, and the short form, ISO. The word "ISO" was derived from the Greek isos, meaning �equal�. The link between "equal" and "standard" inspired the adoption of "ISO" as the official abbreviation for the organization�s name. 8 [www.itu.in/search/wais/Termite] Accessed: July 31, 2001.
Carolina Herrera 10
2.3 Specialists
At the School of Information Technology and Engineering of the University of Ottawa, I
consulted Dr. Stan Matwin, Director of the Graduate Certificate in Electronic Commerce. His
valuable help has been an important element from the first stages of this project. He helped to
clarify how different viewpoints affect the conceptual system, a problem that will be addressed
later in section 4.1 Multidimensionality.
Public Key Cryptography: A Commented Terminology File
CHAPTER THREE
METHODOLOGY
The stages involved in this terminological collection were the following: determining the
objectives and scope of the research; accumulating and evaluating documentation; understanding
and delimiting the subject field; identifying and selecting the concepts; elaborating a conceptual
system, and entering the terms and the related textual supports on records9.
3.1 Understanding and Delimiting the Field of Public Key Cryptography
My first contact with the field of cryptography was in the context of a practicum carried
out in Peru, in the translation department of a company devoted to the development and
distribution of information security tools and solutions. During this practicum, I received training
from specialists on the concepts of this field.
Delimiting the domain required a great deal of research. One of the main obstacles
encountered at this stage was the multidimensionality of the domain. As defined by Lynne
Bowker in her M.A. thesis, multidimensionality is �a phenomenon that occurs when an object
can be classified according to more than one characteristic at the same level of a classification10.�
Multidimensionality complicates the delimitation of a domain, since the various subfields of the
domain will vary depending on what characteristics are used. Only after a closer study of the
compiled documentation, and with the assistance of specialists, was a specific sub-field for
research delimited.
9 H. Picht, Terminology: an Introduction, p. 164. 10 L. Bowker, Guidelines for Handling Multidimensionality, p. xvi.
Carolina Herrera 12
Within the field of cryptography, there are several sub-fields that may pose difficulties to
terminologists and translators. For instance, the different types of attacks that can be made on a
cryptographic system can be classified into several aspects: the technique applied, the attacked
party, the results obtained by the attacker, etc. Due to time constraints, this sub-field will not be
covered in this project; however, it may be considered for further research.
The main factor that made us decide to focus on the sub-field of public key cryptography
was its challenging content of terminological synonymy, together with the relevance that public
key cryptography is acquiring in the international context. Unlike symmetric cryptography,
which has been employed for hundreds of years, public key cryptography is a relatively recent
development, having received serious consideration since about the mid-1970s. Due to the on-
going development of new applications that make public key cryptography possible, there is a
continuous need for new terms to designate new concepts.
3.2 Term Identification and Selection
Terms were first identified using the term-extraction tool TermBase11, which produces a
base list of terms with high frequency of use and relatively fixed contextual surroundings. These
base lists were compared to some specialized glossaries in both languages in order to: 1)
eliminate the noise (pseudo-terminological units, or terms belonging to other fields); and 2)
insert missing concepts12.
The criteria for the selection of terms for the present collection were as follows: the
relevance of terms to the domain being covered by this research, the terminological difficulty
11 Developed by MultiCorpora Translation Tools. 12 S. Pavel, Handbook of Terminology, p. 45.
Public Key Cryptography: A Commented Terminology File 13
posed by the term, the frequency with which the terms appeared, and the existence and quality of
definitions and contextual definitions available for the terms.
3.3 Concept Diagram
Picht and Draskau 13 highlight the importance of systems of concepts and their
representation: �the concept may not be viewed as an isolated unit in terminology.� In
multilingual terminology records, it is important to establish relationships between semantic
features of the concepts in each language14. Hence, the concept system helped to establish the
conceptual match when drafting the definitions for the records. At this stage, collaboration with
specialists was particularly important in order to achieve a consistent system of concepts.
Since the term records are organized by concept to form concept clusters, I decided to
include the concept diagrams in English and Spanish in order to facilitate the use of the term
records in both languages. The concept diagrams are shown below.
13 H. Picht, Terminology: an Introduction, p. 62. 14 S. Pavel. Handbook of Terminology, p. 18.
Carolina Herrera 14
TREE DIAGRAM OF CONCEPTS
Public Key Cryptography
digital signature
public key algorithm
key
private key
public key
certificate
key management key distribution
key storage element
certification authority
sender
receiver
eavesdropperparticipant
messageplaintext
ciphertext
public key
cryptosystem
public key infrastructure
process
encryption
decryption
authenticationconfidentiality nonrepudiation
data integrity
requirement
key generation
session key
attribute certificate
trusted third party
entity authentication
data origin authentication
certification authority certificate
encryption key
decryption key
By user
By function
Legend
Subfield Solid arrow Generic-specific relation, arrow
points to the generic concept Italics Terms included in the collection
Public Key Cryptography: A Commented Terminology File 15
ÁRBOL DE CONCEPTOS
Criptografía de Clave Pública
firma digital
algoritmo de clave pública
clave
clave privada
clave pública
certificado
gestión de claves distribución de claves
almacenamiento de claves
elemento
autoridad de certificación
emisor
receptor
fisgón participante
mensaje texto en claro
texto cifrado
criptosistemade clave pública
infraestructura de clave pública
proceso
cifrado
descifrado
autenticaciónconfidenciaildad no repudio
integridad de datos
requisito
generación de claves
clave desesión
Leyenda
Subcampo Flecha sólida Relación Genérico-específico,
la flecha indica el concepto genérico
Itálicas Términos incluidos en la colección
certificado de atributos
tercera parte fiable
autenticación de entidad
autenticación del origen de los datos
certificado de autoridad de certificación
clave de cifrado
clave de descifrado
Por usuario
Por función
Carolina Herrera 16
Deciding on the classifying criteria governing the ordering of the system was a difficult
step. Again, multidimensionality was an obstacle that made it difficult to determine the type of
relations between the various concepts. Certain concepts seemed to share the same genus and
some characteristics differentiating them were identified. In other cases, some associative
relations (action-tool, cause-effect, etc.) were easy to determine. The concept of public key
cryptography is explained as a process using certain devices to achieve specific requirements;
hence, I classified concepts according to the function they play in this process. (See 4.1
Multidimensionality).
3.4 Record Preparation
3.4.1 Presentation of the Term Records
When designing the term records, I decided to follow the model used by the Terminology
and Standardization Directorate for their terminological data bank TERMIUM®. As in
TERMIUM®, each term record covers only one concept. The description of the elements to be
found on most of the term records is as follows:
1. Field: primary subject field
2. Sub-field: field of application
3. Language identifier
4. Main entry, sources and usage parameters (see list below). The main entry is the preferred
term, expression or official title, which is entered first among the entries of the language
module.
Public Key Cryptography: A Commented Terminology File 17
5. Abbreviation of the main entry, sources and usage parameters.
6. Secondary entry, sources and usage parameters. Secondary entry terms are terms, expressions
or official titles that are different from the main entry but that designate the same concept or
entity. When the secondary entries are all equally popular, as may be the case with some
spelling and syntactic variants, they are listed in alphabetical order. In those cases where
there are differences in usage (frequency, level of language, etc.), these are indicated using
the parameters (labels).
7. Abbreviation of secondary entries, sources and usage parameters.
8. Textual support identifier, textual support and sources. The main types of textual support are
the definition (identifier DEF), explanatory context (identifier CONT), usage example
(identifier EX), supplementary terminological, and administrative or technical information
(identifier OBS).
9. Sources: In the case of sources I decided to provide the user with information about the
sources directly on each record, instead of in a separate document. For many of the terms, a
ready-made definition did not exist. Therefore, the definitions on the records consist mainly
of modified contexts, translations or original creations. In these cases the source indicated is
the author of this terminological collection (�Carolina Herrera�). For some terms, where one
or more sources were used in the definitions, the sources are indicated as *a, b, meaning that
the definition comes from two sources represented by those codes. When a definition has
been modified from the original source, this is indicated by *a (modified).
Carolina Herrera 18
Parameters: I will apply TERMIUM®�s classification of labels.
Category English Label Code Spanish Label Code
Avoid AVOID Evitar EVITAR Acceptability
rating Correct CORRECT Correcto CORRECTO
Proposed PROPOSED Propuesto PROPUESTO
Reference See record SEE RECORD Ver ficha VER FICHA
Femenino FEM Gender
Masculino MASC
Frequency Less common LESS COMMON Menos frecuente MENOS FRECUENTE
Official status15 Standardized STANDARDIZED Normalizado NORMALIZADO
Officially
approved
OFFICIALLY
APPROVED Uniformizado UNIFORMIZADO
15 In the present collection of terms, standardized terms were extracted from ISO standards and ITU Recommendations. The labels of �STANDARDIZED� and �NORMALIZADO� were assigned in these cases. When a term was found in documents such as government white papers, I labelled it as �OFFICIALLY APPROVED� or �UNIFORMIZADO�, meaning that it is included in terminology works produced by a working group or committee, though not for standardization purposes. In order to be consistent with usage in the terminological data bank TERMIUM®, I used the Spanish label �UNIFORMIZADO�. However, I do not completely agree with it and I consider that the label �ADOPTADO� would be more appropriate.
Public Key Cryptography: A Commented Terminology File 19
PART II
Carolina Herrera
CHAPTER FOUR
PROBLEMS ENCOUNTERED
As with any work in terminology, problems arose at various stages of the project. The
main problems are outlined below in the order in which they were encountered:
− Multidimensionality
− Definition Construction
− Proliferation of New Lexical Entities
− Use of variants
− Proposal of the term aceptación obligatoria as the equivalent of nonrepudiation
4.1 Multidimensionality
In her M.A. thesis, Lynne Bowker16 defines multidimensionality as �the phenomenon that
occurs when an object can be classified according to more than one characteristic at the same
level of a classification.� She gives the example of a VEHICLE that can be classified into LAND
VEHICLE, AIR VEHICLE, and WATER VEHICLE (according to the characteristic place of
transportation), or into MOTORIZED VEHICLE and NON-MOTORIZED VEHICLE
(according to the characteristic type of propulsion). According to Bowker, there are several
causes of multidimensionality: viewpoint, opinion, scientific theory, purpose, changing
organization of the reality and of the subject field describing it, and language and culture. The
cause of multidimensionality in this study is viewpoint.
16 L. Bowker, Guidelines for Handling Multidimensionality, p. xvi.
Public Key Cryptography: A Commented Terminology File 21
As I explained in chapter 3, establishing the concept diagram was a challenge since
multidimensionality made it difficult to determine how the domain should be organized. Public
key cryptography can be classified according to: 1) hardware and software elements, as well as
cryptographic and interface technologies (from a technological viewpoint); 2) entities and
institutions whose function is to operate within an infrastructure (from a business viewpoint); 3)
requirements that must be fulfilled in order to balance risks and liabilities among entities (from a
legal viewpoint)17. Many viewpoints were considered before deciding on the one underlying the
concept diagram presented here. Since this term file is addressed to non-specialist readers, I
decided to explain the concept of public key cryptography from a user�s viewpoint, as a process
with participants (e.g. sender, Certification Authority, etc.) using certain devices (e.g. digital
signature, certificate, etc.) to achieve specific requirements.
4.2 Definition Construction
Once I had completed the research phase, I evaluated the different types of definitions
retrieved. This stage was also not without its problems. One of the main difficulties in selecting
the English and Spanish definitions for the records was the question of how to delimit the scope
of definitions, i.e. how technical the language used in the definition should be. The
documentation contained different types of definitions, as we can see in the following examples:
encryption: An encryption scheme consists of the sets of encryption and decryption transformations {Ee : e ∈ K} and {Dd : d ∈ K}, respectively. The encryption method is said to be a public-key encryption scheme if for each associated encryption/decryption pair (e,d), one key e (the public key) is made publicly available, while the other d (the private key) is kept secret18.
17 Usertrust Network, What is PKI. [http://www.usertrust.com/pki/perspective_legal.asp] Accessed: July14, 2001. 18 A. Menezes et. al, Handbook of Applied Cryptography, p. 25.
Carolina Herrera 22
encryption: Process of transformation of data by a cryptographic algorithm to produce ciphertext, in order to hide the information content of the data19. The first definition for encryption was difficult to understand since it included formulas
and variables, a feature that is characteristic of definitions in this field. The second definition was
less technical, and it included information that was more useful from a terminologist�s viewpoint.
Therefore, the question of how much and what kind of information to include had to be solved.
Definitions including formulas and diagrams were not useful since the target readers of this work
are non-specialists. The decision-making process was based on the type of definitions found in
the English ISO standards and ITU Recommendations consulted. Most of the concepts in these
documents are defined in such a way as to provide only the essential characteristics to single out
the intension and to delineate the extension by reference to other terms in the field.
4.3 Proliferation of New Lexical Entities
When working on the term encryption, I found that many variants of this term and its
Spanish equivalent were currently in use. The most commonly found were encipherment,
enciphering, ciphering, and data encryption. As for the Spanish equivalents for encryption, the
terms being used are cifrado, encriptación, encripción, and criptación. In the term records, I
decided to use textual supports�observations�in order to prevent confusion and to guide the
user in the choice of terms. One difficulty I had in doing so was the discussion of whether the
Spanish term encriptación was an anglicized word and if it should be labeled as such.
19 ISO 7498-2:1989.
Public Key Cryptography: A Commented Terminology File 23
According to Sager20, neologisms in science and technology result from the need to name
new concepts. He makes a distinction between terminology creation which accompanies
scientific and technological innovation in any one linguistic community, and that which
accompanies the transfer of knowledge from one linguistic community to another. Therefore,
based on this explanation of terminology creation, I made the following brief analysis.
Encipher vs. Encrypt: The modern English term cryptography can be traced back to the
seventeenth century new Latin word cryptographia to designate the study of the principles and
techniques by which information can be concealed in ciphers. Since cryptography is the art of
concealing data in ciphers, then the action of converting (a message) into cipher was given the
name encipher.
It was not until after World War II that cryptography literature began to appear in the
mainstream as this science started to gain more importance in non-military applications.
Electronics made possible the practical realization of far more complex cryptographic functions
than had previously been feasible. Hence, as is common in the technical and scientific languages,
a series of new concepts and terms became part of the field. Simultaneously, some other
concepts changed in both form and meaning because of changes in principles, methods of
application, viewpoints, etc.
An example is the term encrypt, which is formed by the prefix en-, meaning �to put into
or onto�; and the root crypt (from the Greek kryptos) meaning �hidden�. This term started to be
increasingly used and it replaced the �old� term encipher, for no apparent reason other than to
keep a closer link to the word cryptography, �the science that studies the processes of encryption
20 J. Sager, Terminology Processing, p. 79.
Carolina Herrera 24
and decryption of data. 21 � The same phenomenon occurred with the term decrypt, which
replaced decipher.
Cifrar vs. Encriptar: New scientific and technical terms created in one linguistic community
spread quickly to the international scientific community by means of conferences, articles in
journals, and the WWW. Sager identifies several methods of secondary interlingual term
formation�e.g. direct borrowing, loan translation, paraphrase, parallel formation, adaptation,
and complete new creation�which may be used simultaneously or sequentially22. The main
problem encountered in the Spanish terminology was the existence of different forms and
degrees of adaptation of Spanish terms.
Cryptography is a science that has been developed mainly in English-speaking countries.
As it became an important element for international communication, scientists from other
linguistic communities were affected by an onslaught of English terms that influenced the
creation of Spanish terminology. Cryptography terminology in Spanish has a high number of
anglicized terms such as encriptar (to encrypt), desencriptar (to decrypt), no repudio
(nonrepudiation), and tercera parte confiable (trusted third party).
Nowadays, Spanish-speaking countries are trying to re-perform the term formation
process and some actions are being carried out not only by academies of the language but also by
scientists and specialists, as we can see in the following quotations:
En muchos libros sobre Criptografía aparecen términos como encriptar y desencriptar, adoptados con toda probabilidad del verbo anglosajón encrypt. El lector podrá comprobar que este tipo de expresiones ha sido evitado en el presente texto, debido a la existencia de palabras perfectamente válidas que pertenecen al idioma castellano, como son cifrar y descifrar, y codificar y decodificar (o descodificar). La opinión del autor es que sólo
21 Communications Security Establishment. Government of Canada PKI � White Paper. [http://www.cse-cst.gc.ca/cse/english/gov.html] Accessed: July 14, 2001. 22 J. Sager, Terminology Processing, p. 79.
Public Key Cryptography: A Commented Terminology File 25
deben emplearse términos foráneos cuando nuestro riquísimo idioma carezca de expresiones adecuadas para expresar las ideas en cuestión23. Si en el momento en que nace el nuevo concepto o cuando éste se introduce en nuestra comunidad científica acompañado de la denominación original (habitualmente, por qué no decirlo, inglesa) se crea una alternativa autóctona, que se asocie ya desde un principio al concepto, ésta podrá luchar de igual a igual con el préstamo, que quizás ya no llegará a ser tal. De esta manera se hace posible que la fuente del neologismo sea una institución especializada que, como hemos dicho, goza de más confianza entre los técnicos que los organismos lingüísticos de normalización24. The debate is about the extent to which English should be present in Spanish terminology,
and most of the time it provides an opportunity for several alternative and competing terms to be
used simultaneously. Take the Spanish synonyms cifrar (to encipher) and encriptar (to encrypt).
The argument about these terms in Spanish is that there is no need to use English-based terms
such as encriptar (and its antonym desencriptar) when there are two perfectly accepted Spanish
terms (cifrar/descifrar) to designate those concepts. This is a phenomenon in which terms
developed opposite directions in two languages. In English the term encipher evolved into the
term encrypt, a neologism that was accepted possibly because it better reflects the characteristics
of the concept it designates. In Spanish, on the other hand, the term developed with the importing
of the term encriptar, which is increasingly being replaced by the term cifrar.
The arbitrary creation of variants is a serious obstacle to communication as it opens the
doors to several alternative or competing terms, and it may be several years before Spanish
terminology stabilizes. To judge from an analysis of the frequency of occurrence of the Spanish
term encriptar (and its derived terms), we can theorize that in some years it may become
obsolete and will consequently disappear.
23 M. Lucena, Criptografía y Seguridad en Computadores, p. 25. 24 J. Bover, Proceedings of the Conference on Co-operation in the field of terminology. [http://www.eaft-aet.net] Accessed: August 3, 2001.
Carolina Herrera 26
4.4 Use of Variants
In their study of terminological variants, Daille et al.25 state that even though terms are
supposed to be labels for precise concepts within a sublanguage, they are prone to variation.
They add that the conception of terms as fixed sequences is obviously idealised. As I explained
in the introduction, there are different types of variants, e.g. true synonyms, pseudo-synonyms,
syntactic variants, etc., since terms are subject to different kinds of changes. After a brief
analysis of terms in different text types, I reached the conclusion that the variation of terms is
motivated by the text type and communicative situation in which they are used.
Sager26 affirms that at the first stage of terminology creation, the scientific community
that deals with the creation of new concepts is relatively small and educationally homogeneous.
Problems occur when the scientific community addresses other groups. This communicative
situation requires an intermediate language between scientific and general.
In Sager�s view, relatively little serious research exists into these complex processes. The
main reason is that subject specialists who are capable of distinguishing between variants are not
usually interested in, or linguistically trained to undertake, this work; linguists, on the other hand,
rarely have the detailed subject knowledge to produce reliable evidence for determining the
regularities underlying these processes of term variation.
The questions surrounding this topic are some of the reasons cryptography terminology is
being researched and documented here. Nevertheless, due to time constraints, the present
terminology work will not make a deep analysis of the use of variants and other alternative forms
in different communicative situations. This subject may be considered for further research.
25 B. Daille, �Empirical Observation of Term Variations and Principles for their Description�, Terminology Journal 3 (2), p. 198. 26 J. Sager, Terminology Processing, p. 81.
Public Key Cryptography: A Commented Terminology File 27
Since the initial list of terms revealing the existence and use of variants was too large for
the practical constraints of the term file, the most representative examples had to be chosen so as
to give an overview of the situation.
4.4.1 Use of True Synonyms
As defined in the Introduction, a true synonym designates the same concept as another
term in the same language. Some examples of true synonyms in English are the pairs:
! encryption / encipherment
! decryption / decipherment
! public key cryptography / asymmetric cryptography
! key storage / key backup
Since all these terms are currently circulating in cryptography documents, I have used
labels to justify the preference for a specific term (or terms). These labels were assigned
according to the official status of the term, the acceptability rating, and the frequency of
occurrence. (See 3.4.1 Presentation of the Term Records).
4.4.2 Use of Pseudo-Synonyms
As we have seen, pseudo-synonymy occurs when a given concept is incorrectly used as a
result of confusion between a generic and a specific, the whole and a part, the cause and the
effect, etc. (See Introduction, Fundamental Concepts). The following are examples of terms used
as contextual variants:
Carolina Herrera 28
! public key cryptography / public key encryption: The terminological data bank
TERMIUM® labels these entry terms as CORRECT, which means that they can be used
as true synonyms.
True synonyms are variants which have the exact same meaning and can be used in
exactly the same context. The terms public key cryptography and public key encryption are,
however, not absolute synonyms but pseudo-synonyms, as I explain in the term record:
OBS The notion of cryptography includes a set of principles, means and methods for the transformation of data. Since �encryption� is a cryptographic method, the terms �public key encryption�, �asymmetric encryption� and their syntactic variants are not true synonyms of �public key cryptography�27.
Again in these cases the appropriate labels have been used in the term record to guide the
user in the choice of the preferred term and the possible variants.
27 ISO standard 7498-2:1989.
Public Key Cryptography: A Commented Terminology File 29
! private key / secret key: The same problem arose with these terms as TERMIUM®
presents them as synonyms:
This is another case of pseudo-synonymy and it may be the result of an incorrectly used
designation. Again, an observation was included in the term record to clarify the use of these
terms:
OBS In symmetric algorithms, there is only one key known as the �secret key�, which is used for encryption and decryption purposes. In public key algorithms there are two keys: the decryption (private) key and the encryption (public) key28. The key that is not publicly revealed is generally referred to as a private key, rather than a secret key. This avoids confusion with the secret key of a symmetric cryptographic algorithm and derives from the idea that two people may share a secret, but a single person keeps something private29.
28 Government of Canada: Community Access Program. Community Resources. [http://cap.ic.gc.ca/english/8883.shtml] Accessed: July 30, 2001. 29 L. Adams, Understanding Public-Key Infrastructure, p. 56.
Carolina Herrera 30
Since this term file is addressed to the non-specialist community, I decided to include the
cases of pseudo-synonymy as they occurred in the documentation analyzed, with the objective of
guiding users in the correct choice of variants.
4.4.3 Use of Syntactic Variants
As explained in the Introduction, a syntactic variant is a term whose structure differs only
slightly from that of another term designating the same concept. The following are examples of
syntactic variants:
! Change in the order of words:
data origin authentication / authentication of data origin
entity authentication / authentication of entity
! Abbreviation of compound terms: A variant can also be the result of an abbreviation
process. It is then at times difficult to differentiate between a broader term used
synonymously for a narrower term and a shortened form of the narrower term. In a study of
this phenomenon, C.F.W. Hope30 shows several patterns followed in compound contraction.
Frequently the preferred mode of abbreviation in compound terms is that of omitting one
element, as we may see in the following examples:
data encryption → encryption
user certificate → certificate
digital certificate → certificate
30 J. Sager, Terminology Processing, p. 213. Quoting C.F.W. Hope, Synonymy and Abbreviation in Special-Language Compound Terms. MSc. Thesis, University of Manchester, 1984.
Public Key Cryptography: A Commented Terminology File 31
cryptographic algorithm → algorithm
public key cryptographic system → public key cryptosystem
public key cryptographic algorithm → public key cryptoalgorithm
As Hope states, contextual abbreviation or reduction is pragmatically conditioned.
Certain text types do not permit variation in designation, whereas in others it can be used with a
certain degree of freedom.
4.4.4 Use of Spelling Variants
A term whose spelling differs only slightly from that of another term is considered to be a
spelling variant. (See Introduction, Fundamental Concepts). Take the terms31:
! criptografía de clave pública / criptografía de claves públicas
! encriptación / encripción / criptación
! desencriptación / decripción
! autenticación / autentificación
! tercera parte confiable / tercera parte fiable
Sager 32 states that observation of usage permits the division and categorization of
linguistic variants of terms by text types. His statement was confirmed when I observed that the
longest and most transparent terms occurred in introductory textbooks and encyclopedias,
whereas the greatest proportion of complex and abbreviated terms occurred in highly specialized
texts. These observations are based on a brief analysis of the documentation gathered for this
31 Although much of the discussion and most examples in this section focus on the Spanish terms, the terminological problem and phenomena hold equally true for some English terms. 32 J. Sager, Terminology Processing, p. 213.
Carolina Herrera 32
term file, however, due to time and space constraints, the research into these complex processes
was not undertaken.
4.5 Proposal of the Term aceptación obligatoria as the Equivalent of nonrepudiation
As I have previously explained, new scientific and technical terms created in one
linguistic community spread quickly to the international scientific community. Sager33states that
scientific communities which import scientific and technological knowledge tend to prefer the
use of internationalisms as they facilitate communication by the unambiguous reference to
identical concepts in similar conceptual systems.
Spanish cryptography terminology has a high frequency of borrowings, loan translations
and adaptations. To illustrate this, I will analyze the Spanish equivalent of the term
nonrepudiation. Since the International Telecommunication Union (ITU)34 has recognized and
standardized the term no repudio, I was obliged to keep it in the term record. However, I was not
completely satisfied with it, nor did I agree with the commonly used term no rechazo.
The terms no repudio and no rechazo are literal translations of the term nonrepudiation.
In my opinion, these loan translations do not follow the general rules of Spanish word formation.
Sager provides a list of some criteria and rules for the formation of new vocabulary35. Two of
these criteria are:
! The term must conform to the general rules of word-formation of the language which will also dictate the word order in compounds and phrases.
! Terms should be capable of providing derivatives.
33 J. Sager, Terminology Processing, p. 86. 34 UIT-T, Rec. H.235 (1998). 35 J. Sager, Terminology Processing, p. 89.
Public Key Cryptography: A Commented Terminology File 33
M.T. Cabré36 defines three types of resources for term-formation: formal, functional and
semantic. Formal resources include the process of syntagmatic determination:
La sintagmación, como recurso formal de obtención de unidades léxicas, se basa en la formación de una nueva unidad a partir de una combinación sintáctica jerarquizada de palabras. Las nuevas unidades obtenidas respetan las reglas combinatorias del sistema lingüístico al que pertenecen, e incluyen muy frecuentemente conectores gramaticales.
The ease with which new terms can be created in English poses a problem when trying to
create the same effect in Spanish, which is sometimes less flexible. In order to propose a Spanish
equivalent for the English term nonrepudiation I analyzed it as follows:
While the nominal phrase no rechazo conveys the idea of �impossibility of refusing to
accept something�, it does not necessarily express the concept clearly, nor is it capable of
providing natural derivatives in Spanish, as we can see in the following contexts:
No rechazo: implica la autenticación y la integridad; hace referencia tanto al no rechazo en origen como al no rechazo en destino37. La arquitectura de seguridad de informaciones del SISME será proyectada y puesta en marcha con la utilización de recursos que puedan garantizar el control de acceso a las bases de datos, el no rechazo a los legítimos usuarios, el secreto y la integridad de las informaciones en los Sistemas...38
36 M.T. Cabré, Terminología, p. 188. 37 M.P. Pereira, Hacia la Seguridad en el Comercio Electrónico. [http://publicaciones.derecho.org] Accessed: July 14, 2001. 38 Gobierno de Uruguay, Complementación de la Definición y Configuración del Sistema. [http://www.mrree.gub.uy/Mercosur] Accessed: July 14, 2001.
[non] [to repudiate]
negative to refuse to accept something
(negative meaning)
Carolina Herrera 34
En el caso de no repudio de origen, el remitente del mensaje no puede negar haberlo enviado. En el caso de no repudio de destino, el destinatario del mensaje no puede negar haberlo recibido39.
After an analysis of the contexts where the term usually occurs and of the need of
derivatives of the term, I looked for a term in Spanish that, without sacrificing precision, could
be lexically systematic. The Real Academia Española (RAE) definition of aceptar (to accept) is
as follows: recibir alguien voluntariamente lo que se le da, ofrece o encarga. Although aceptar
is an antonym of rechazar (to repudiate), it does not convey the emphasis of the negative
elements present in the English term, and it leaves an element of choice. Therefore, I decided to
add the determining modifier obligatoria defined by the RAE as follows: dícese de lo que obliga
a su cumplimiento y ejecución. Following the grammatical possibilities of closer determination
explained by Sager, the term that I propose is aceptación obligatoria.
39 Consumo2000, Curso Básico de Comercio Electrónico para Consumidores y Usuarios. [http://www.consumo2000.org/texto.htm] Accessed: July 14, 2001.
Public Key Cryptography: A Commented Terminology File 35
PART III
Carolina Herrera
CHAPTER FIVE
ORGANIZATION OF THE TERM FILE
5.1 Term Records Organization
The term records are organized by concept to form concept clusters (See 3.3 Concept
Diagram). There are four major groupings under the heading of public key cryptography:
Process, Requirement, Element, and Participant. The main grouping, Element, breaks down as
follows: public key infrastructure and public key cryptosystem. The elements belonging to these
groupings should not be seen as strict boundaries between concept clusters because, as explained
in 4.1 Multidimensionality, the sub-fields of public key cryptography tend to overlap. For
example the term encryption key could be considered within the Process group, under the term
encryption, because an encryption key is a type of key used in the transformation of data, and its
function is based on the encryption process. However, for the sake of convenience, and as I
approached the field from a user�s viewpoint, terms like this are included within only one
concept cluster. In this case, encryption key can be found within the Key sub-group because it is
used as an element together with an algorithm, a certificate, etc.
In this term file, there are a total of 26 term records (i.e. 26 concepts), comprising 142 terms,
72 English and 70 Spanish.
Public Key Cryptography: A Commented Terminology File 37
TERMINOLOGY FILE
Carolina Herrera 38 Field: Public key cryptography Campo: Criptografía de claves públicas EN ES public key cryptography *a, b, c, d CORRECT, STANDARDIZED PKC *g, h AVOID, SEE RECORD public-key cryptography *e, f CORRECT asymmetric cryptography *e, f CORRECT two-key cryptography *f CORRECT, LESS COMMON
criptografía de claves públicas *a, b, CORRECTO, NORMALIZADO, FEM criptografía de clave pública *c, d, e, f CORRECTO, FEM criptografía de clave asimétrica *c, CORRECTO, FEM criptografía asimétrica *d, g CORRECTO, FEM
DEF Cryptography that uses two mathematically related keys for each communicating party: a public key that is disclosed to the public, and a corresponding private key that is kept secret. *a
DEF Criptografía que emplea dos claves diferentes relacionadas matemáticamente: una clave pública que se pone a disposición de las entidades en comunicación, y su correspondiente clave privada que se mantiene en secreto. *d, h OBS Public key cryptography: term standardized by ISO
and the ITU. *a
OBS Criptografía de claves públicas: término normalizado por la UIT. *a
OBS The notion of cryptography includes a set of principles, means and methods for the transformation of data. Since �encryption� is a cryptographic method, the terms �public key encryption�, �asymmetric encryption� and their syntactic variants are not true synonyms of �public key cryptography�. *b, i
OBS La noción de criptografía implica un conjunto de principios, medios y métodos para la transformación de información. El �cifrado� es un método criptográfico, por lo tanto los términos �cifrado de clave pública�, �cifrado asimétrico� y sus variantes sintácticas no son sinónimos absolutos de �criptografía de clave pública�. *h
OBS The abbreviation PKC has not been standardized and it is not commonly used. *g, h Sources a* ITU-T, Rec. X.509 (1988). b* ISO 7498-2:1989. c* OECD. Cryptography Policy. d* Industry Canada. Electronic Commerce in Canada. e* NIST. Security in Open Systems. f* Encyclopaedia Britannica. g* International Association for Cryptologic Research. Lecture Notes in Computer Science, vol. 0304. h* World Wide Web Consortium. Digital Qualification. i* Carolina Herrera.
Fuentes a* UIT-T, Rec. X.509 (1988). b* Microsoft TechNet. Introducción a la Infraestructura de Claves Públicas. c* Autoridad Pública de Certificación Española. d* CEMLA. Glosario de Sistema de Pagos. e* Casacuberta, D. Diccionario de Ciberderechos. f* Álvarez, G. PKI o los Cimientos de una Criptografía de Clave Pública. g* Lucena, M. Fisgones. h* Carolina Herrera.
Public Key Cryptography: A Commented Terminology File 39 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Process Subcampo: Proceso EN ES encryption *a, b, c, d, e CORRECT, STANDARDIZED encipherment *a, b, d CORRECT, STANDARDIZED enciphering *a, f, i CORRECT, STANDARDIZED ciphering *g CORRECT data encryption *h CORRECT
cifrado *a, b, c, d CORRECTO, NORMALIZADO, MASC encriptación *e, f CORRECTO, FEM, VER FICHA encripción *g CORRECTO, NORMALIZADO, FEM criptación *a CORRECTO, NORMALIZADO, FEM codificación *h EVITAR, FEM, VER FICHA codificación de datos *i EVITAR, FEM, VER FICHA
DEF Process of transformation of data by a cryptographic algorithm to produce ciphertext, in order to hide the information content of the data. *a
DEF Proceso utilizado para transformar un texto en claro en un texto cifrado por medio de un algoritmo matemático de manera que los datos originales sean ininteligibles para entidades no autorizadas. *c
CONT Computers encrypt data by applying an algorithm to a block of data. A personal encryption key, known only to the transmitter of the message and its intended receiver, is used to control the encryption of the data, thus yielding unique ciphertext that can be decrypted only by using the key. *b
CONT El proceso de cifrado utiliza un algoritmo secreto o un algoritmo público que a su vez utiliza una clave de cifrado, conocida sólo por las personas autorizadas. Esta clave debe ser imprescindible para el cifrado y descifrado. *c OBS Actualmente se observa una tendencia a evitar el término �encriptación� por considerarse un anglicismo innecesario. Sin embargo, su uso es bastante frecuente en el campo de la criptografía. *c OBS Cifrado; criptación; encripción: términos normalizados por la UIT. *a OBS Los términos �codificación� y �codificación de datos� tienen significados específicos en el campo de las telecomunicaciones y no deben usarse como sinónimos absolutos de �cifrado�. El cifrado utiliza un algoritmo, mientras que la codificación (o la codificación de datos) se basa en un diccionario de códigos. *i Fuentes a* UIT-T, Rec. X.841 (2000). b* Autoridad Pública de Certificación Española. c* Álvarez, G. Correo Seguro. d* Casacuberta, D. Diccionario de Ciberderechos. e* CEMLA. Glosario de Sistema de Pagos. f* Pons, M. Criptología. g* Mendivil, I. El ABC de los Documentos Electrónicos Seguros. h* Carlos, B. Criptografía, Maple y RSA. i* UIT-T Rec. V.75 (1996). j* Lucena, M. Criptografía.
OBS encryption; encipherment; enciphering: terms and definition standardized by ISO. Sources a* ISO 7498-2:1989. b* Encyclopaedia Britannica. c* Scientific American. Confidentially yours. d* NIST. Security in Open Systems. e* The International PGP Home Page. How PGP works. f* W. Stallings. Cryptography and Network Security. g* International Association for Cryptologic Research. Lecture Notes in Computer Science, vol. 0304. h* Information Society Technologies. Guide to Information Security. i* ITU-T, Rec. X.841 (2000).
Carolina Herrera 40 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Process Subcampo: Proceso EN ES decryption *a, b, c, d CORRECT, STANDARDIZED decipherment *a, e, f CORRECT, STANDARDIZED deciphering *a CORRECT, STANDARDIZED decrypting *g AVOID, SEE RECORD decoding *b AVOID, SEE RECORD
descifrado *a, b, c, d CORRECTO, NORMALIZADO, MASC desencriptación *e, f CORRECTO, FEM, VER FICHA descriptación *b EVITAR, FEM , VER FICHA decripción *a CORRECTO, NORMALIZADO, FEM
DEF Process of converting enciphered text to the equivalent plain text by means of a cryptographic system. *a OBS The definition of this term does not apply to the field of cryptanalysis. The cryptanalytic process of decryption (also called code breaking) consists in converting encrypted messages to plain text without initial knowledge of the algorithm and/or key employed in the encryption. It does not include solution by cryptanalysis. *b OBS Decryption; decipherment, deciphering: terms standardized by ISO. OBS The use of the term �decoding� as a noun applies to the field of information theory and not to cryptography. *e OBS The use of the term �decrypting� as a noun is not common and should be avoided. *h
Sources a* ISO/IEC 11770-1:1996. b* American National Standard. Telecom Glossary 2000. c* Scientific American. Confidentially Yours. d* The International PGP Home Page. How PGP works. e* Encyclopaedia Britannica. f* NIST. Security in Open Systems. g* Oracle Technology Network. Public Key Infrastructure. h* Carolina Herrera.
DEF Proceso que obtiene un texto original a partir de un texto cifrado por medio de un sistema criptográfico. *b OBS El criptoanálisis es la ciencia que investiga técnicas y métodos para romper (o criptoanalizar) los algoritmos de cifrado creados por la criptografía. El término �descriptar� es el proceso realizado por el criptoanalista, quien cuando tiene éxito es capaz de leer un mensaje cifrado sin conocer la clave. La persona que conoce la clave de cifrado �descifra� los mensajes, mientras que el criptoanalista, que no conoce la clave, los descripta. *b OBS Actualmente se observa una tendencia a evitar el término �desencriptación� por considerarse un anglicismo innecesario. Sin embargo, su uso es bastante frecuente en el campo de la criptografía. *b OBS Descifrado: término normalizado por la UIT. *a Fuentes a* UIT Rec.X.32 (1996). b* Álvarez, G. Correo Seguro. c * Casacuberta, D. Diccionario de Ciberderechos. d* OMPI. Tecnología de los Sistemas Digitales. e* Autoridad Pública de Certificación Española. f* CEMLA. Glosario de Sistema de Pagos.
Public Key Cryptography: A Commented Terminology File 41 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Requirement Subcampo: Requisito EN ES authentication *a, b, c CORRECT, STANDARDIZED entity authentication *d AVOID, SEE RECORD data origin authentication *e AVOID, SEE RECORD
autenticación *a, b, c CORRECTO, NORMALIZADO, FEM autentificación *d, e CORRECTO, FEM autenticación de entidad *f EVITAR, FEM, VER FICHA autenticación del origen de los datos *g EVITAR, FEM, VER FICHA
DEF Service that provides evidence that the sender and source of an electronic message are as claimed. *a
DEF Servicio que permite verificar que el emisor y origen de un mensaje electrónico son legítimos. *a, h
CONT Existen dos tipos de autenticación: de entidad, que asegura la identidad de las entidades participantes en la comunicación, y de origen de información, que asegura que una unidad de información proviene de cierta entidad. *b OBS Término normalizado por la UIT. Fuentes
CONT Authentication applies to entities and information itself and is usually subdivided into two major classes: entity authentication and data origin authentication. *c OBS Term standardized by ISO. Sources a* ISO/IEC 10181-2:1996. b* Industry Canada. Electronic Commerce in Canada. c* Menezes, A. Handbook of Applied Cryptography. d* ITU-T, Rec. X.842 (2000). e* ITU-T, Rec. X.800 (1991).
a* Recomendación X.811 (04/95). b* Álvarez, G. Correo Seguro. c* CEMLA. Glosario de Sistema de Pagos. d* Autoridad Pública de Certificación Española. e* Lucena, M. Criptología. f* UIT-T, Rec. X.842 (2000). g* UIT-T, Rec. X.800 (1991). h* Carolina Herrera.
Carolina Herrera 42 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Requirement > Authentication Subcampo: Requisito > Autenticación EN ES entity authentication *a, b, c, CORRECT, STANDARDIZED
autenticación de entidad *a, b, c, d CORRECTO, NORMALIZADO, FEM DEF Servicio mediante el cual una entidad puede verificar que la identidad de la segunda entidad involucrada en la comunicación es legítima, y que la autorización de la segunda entidad estaba vigente en el momento de la comunicación. *e CONT Existen dos tipos de autenticación: de entidad, que asegura la identidad de las entidades participantes en la comunicación, y de origen de información, que asegura que una unidad de información proviene de cierta entidad. *b OBS Término normalizado por la UIT. Fuentes
DEF Service that assures one entity of both the identity of a second entity involved, and that the second entity was active at the time the communication was initiated. *c CONT Authentication applies to entities and information itself and is usually subdivided into two major classes: entity authentication and data origin authentication. *c OBS Term standardized by the ITU. Sources a* ITU-T, Rec. X.842 (2000). b* Communications Security Establishment. Government of Canada PKI � White Paper. c* Menezes, A. Handbook of Applied Cryptography.
a* UIT-T, Rec. X.842 (2000). b* Álvarez, G. Correo Seguro. c* CEMLA. Glosario de Sistema de Pagos. d* Autoridad Pública de Certificación Española. e* Carolina Herrera.
Public Key Cryptography: A Commented Terminology File 43 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Requirement > Authentication Subcampo: Requisito > Autenticación EN ES data origin authentication *a, b, c CORRECT, STANDARDIZED
autenticación del origen de los datos *a, b CORRECTO, NORMALIZADO, FEM
DEF Service that provides to one entity which receives a message assurance of the identity of the entity which originated the message. *c
DEF Servicio mediante el cual la entidad que recibe un mensaje puede verificar la identidad de la entidad que envió el mensaje. *c
CONT Existen dos tipos de autenticación: de entidad, que asegura la identidad de las entidades participantes en la comunicación, y de origen de información, que asegura que una unidad de información proviene de cierta entidad. *b OBS Autenticación: término normalizado por la UIT. Fuentes
CONT Authentication applies to entities and information itself and is usually subdivided into two major classes: entity authentication and data origin authentication. *b OBS Term standardized by ISO and the ITU. Sources a* ISO/IEC 10181-2:1996. b* ITU-T, Rec. X.800 (1991). c* Menezes, A. Handbook of Applied Cryptography.
a* UIT-T, Rec. X.842 (2000). b* Álvarez, G. Correo Seguro. c* Carolina Herrera.
Carolina Herrera 44 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Requirement Subcampo: Requisito EN ES confidentiality *a, b, c, d CORRECT, STANDARDIZED
confidencialidad *a, b, c, d CORRECTO, NORMALIZADO, FEM
DEF Situation in which there is assurance that the content of sensitive information has been kept from all those unauthorized to have it. *c, d
DEF Situación que brinda la seguridad de que solamente entidades autorizadas han tenido acceso a la información. *b, e
CONT There are numerous approaches to providing confidentiality, ranging from physical protection to mathematical algorithms which render data unintelligible. *a
CONT Existen diferentes enfoques que proporcionan confidencialidad, desde la protección física hasta algoritmos matemáticos que transforman la información en textos cifrados. *e
OBS Confidentiality: term standardized by ISO and the ITU.
OBS Confidencialidad de datos: término normalizado por la UIT.
Sources a* ISO 7498-2:1989. b* NIST. Security Requirements for Cryptographic Modules. c* Menezes, A. Handbook of Applied Cryptography. d* ITU-T, Rec. X.402 (1988). e* Carolina Herrera.
Fuentes a* UIT-T, Rec. X.402 (1988). b* Autoridad Pública de Certificación Española. c* Álvarez, G. Correo Seguro. d* OMPI. Tecnología de los Sistemas Digitales. e* Carolina Herrera.
Public Key Cryptography: A Commented Terminology File 45 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Requirement Subcampo: Requisito EN ES nonrepudiation *a CORRECT, STANDARDIZED non repudiation *b CORRECT non-repudiation *c CORRECT
no repudio *a, b, c CORRECTO, NORMALIZADO, MASC no rechazo *d, e CORRECTO, MASC no repudiación *d, f EVITAR, FEM, VER FICHA aceptación obligatoria *f PROPUESTO, FEM
DEF Service that provides protection from denial by one of the entities involved in a communication of having participated in all or part of the communication. *b
DEF Servicio que proporciona protección contra la negación por parte de una de las entidades que participan en la comunicación de haber participado en toda la comunicación o en parte de ésta. *a
CONT When disputes arise due to an entity denying that certain actions were taken, a means to resolve the situation is necessary. For example, one entity may authorize the purchase of property by another entity and later deny such authorization was granted. *c
CONT Cuando surgen disputas debido a que una entidad niega haber realizado ciertas acciones, se requiere un medio para resolver la situación. Por ejemplo, una entidad puede autorizar que otra entidad compre una propiedad y luego negar que dicha autorización fue emitida. *f OBS El término �no repudiación� es un anglicismo y debe evitarse. OBS No repudio: término normalizado por la UIT. Fuentes
OBS Nonrepudiation: term standardized by ISO. Sources a* ISO 7498-2:1989. b* ITU-T, draft new Rec. H.235 (1998). c* Menezes, A. Handbook of Applied Cryptography.
a* UIT-T, Rec. H.235 (1998). b* Autoridad Pública de Certificación Española. c* Álvarez, G. Correo Seguro. d* Pérez, M. Hacia la Seguridad en el Comercio Electrónico. e* PGP Security. PGP Keyserver. f* Carolina Herrera.
Carolina Herrera 46 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Requirement Subcampo: Requisito EN ES data integrity *a, b CORRECT, STANDARDIZED integrity *c CORRECT
integridad de datos *a, b, c CORRECTO, NORMALIZADO, FEM integridad *d, e CORRECTO, FEM
DEF Situation in which there is assurance that data has not been altered in an unauthorized manner. *a
DEF Situación que confirma que el mensaje o comunicación que se recibe no ha sido alterado sin autorización. *d OBS Integridad de datos: término normalizado por la UIT. Fuentes
OBS Data integrity: term standardized by ISO. Sources a* ISO 7498-2:1989. b* ITU-T, Rec. X.402 (1988). c* NIST. Security Requirements for Cryptographic Modules.
a* UIT-T, Rec. X.402 (1988). b* Álvarez, G. Correo Seguro. c* OMPI. Comercio Electrónico y Propiedad Intelectual. d* Autoridad Pública de Certificación Española. e* Casacuberta, D. Diccionario de Ciberderechos.
Public Key Cryptography: A Commented Terminology File 47 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Element Subcampo: Elemento EN ES public key infrastructure *a, b, c CORRECT, STANDARDIZED PKI *a, b, c CORRECT, STANDARDIZED
infraestructura de clave pública *a, b CORRECTO, NORMALIZADO, FEM PKI *a, b, c CORRECTO, NORMALIZADO, FEM infraestructura de claves públicas *c CORRECTO, FEM infraestructura PKI *d MENOS FRECUENTE, FEM
DEF System consisting of trusted third parties (TTPs), together with the services they make available to support the application (including generation and validation) of digital signatures, and of the persons or technical components who use these services. *a
DEF Sistema formado por terceros de confianza, junto con los servicios que hacen posible el soporte de la aplicación de firmas digitales (incluidas la generación y validación), y por las personas o componentes técnicos que utilizan estos servicios. *a
OBS Term and definition standardized by ISO and the ITU.
OBS Término y definición normalizados por la UIT.
Sources a* ISO/IEC FDIS 15945. b* ITU-T, Rec. X.843 (2000). c* Communications Security Establishment. Government of Canada PKI � White Paper.
Fuentes a* UIT-T, Rec. X.843 (2000). b* Autoridad Pública de Certificación Española. c* Álvarez, G. PKI o los Cimientos de una Criptografía de Clave Pública. d* Microsoft TechNet. Fundamentos de Criptografía y de PKI.
Carolina Herrera 48 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Element > Public key infrastructure Subcampo: Elemento > Infraestructura de clave
pública EN ES certificate *a, b, c CORRECT, STANDARDIZED public key certificate *a, d, e CORRECT, STANDARDIZED user certificate *b CORRECT, STANDARDIZED digital certificate *f, g CORRECT, SEE RECORD
certificado *a, b, c CORRECTO, NORMALIZADO, MASC certificado de clave pública *a, b, c CORRECTO, NORMALIZADO, MASC certificado de usuario *a, b CORRECTO, NORMALIZADO, MASC certificado digital *d, e CORRECTO, MASC
DEF Document consisting of the public key of a user, together with some other information, rendered unforgeable by the signature of the certification authority (CA) which issued it. *a
DEF Documento emitido y firmado por una autoridad de certificación la cual autentica la relación de un usuario con su clave pública. *b
OBS The term �digital certificate� can refer to any paper-based certificate that has been digitized. Although its use is frequent in promotional material due to its relation with digital signatures, it should be used cautiously in contexts different from Information Security. *d, g, h
OBS El término �certificado digital� puede hacer referencia a cualquier certificado en papel que ha sido digitalizado. Aunque se observa una alta frecuencia de uso en material promocional debido a su relación con las firmas digitales, este término se debe usar con precaución en contextos diferentes a los de Seguridad de la Información. *d, e, f OBS Certificado; certificado de clave pública; certificado: términos normalizados por la UIT.
OBS Public key certificate; certificate; user certificate: terms standardized by ISO and the ITU. *a, b Sources a* ISO/IEC 9594-8. b* ITU-T, Rec. X.509 (1988). c* Industry Canada. Electronic Commerce in Canada. d* Adams, C. Understanding Public-Key Infrastructure. e* Menezes, A. Handbook of Applied Cryptography. f* Scientific American. Confidentially yours. g* The International PGP Home Page. How PGP works. h* Carolina Herrera.
Fuentes a* UIT-T, Rec. X.509. b* Autoridad Pública de Certificación Española. c* Kriptópolis. Introducción a las Firmas Digitales. d* OMPI. Derecho de Patentes. e* Martínez, F. ¿Qué son los Certificados Digitales?. f* Carolina Herrera.
Public Key Cryptography: A Commented Terminology File 49 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Element > Public key infrastructure Subcampo: Elemento > Infraestructura de clave
pública EN ES certification authority certificate *a, b CORRECT, STANDARDIZED CA certificate *a CORRECT, STANDARDIZED
certificado de autoridad de certificación *a, b CORRECTO, UNIFORMIZADO, MASC
DEF Certificate that identifies the certification authority as a subscriber and that contains the public key that the certification authority uses to digitally sign certificates in a web of trust. *b
DEF Certificado emitido por la autoridad de certificación para sí misma y en el cual consta la clave pública que la autoridad de certificación utiliza para firmar digitalmente los certificados de una cadena de confianza. *b
OBS Certification authority certificate; CA certificate: terms standardized by the ITU.
OBS Certificado de autoridad de certificación: término normalizado por la UIT.
Sources
Fuentes
a* ITU-T, Rec. X.509 (1988). b* Illinois General Assembly. Electronic Commerce Security Act. c* Carolina Herrera.
a* UIT-T, Rec. X.509. b* Autoridad Pública de Certificación Española. c* Carolina Herrera.
Carolina Herrera 50 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Element > Public key infrastructure Subcampo: Elemento > Infraestructura de clave
pública EN ES attribute certificate *a, b, c CORRECT, STANDARDIZED
certificado de atributos *a, b, c, d CORRECTO, NORMALIZADO, MASC
DEF Set of attributes of a user rendered unforgeable by the digital signature of the certification authority which issued it. *a
DEF Serie de atributos de un usuario validados por la firma digital de la autoridad de certificación que lo emite. *d
CONT Public-key certificates bind a public key and an identity, and include additional data fields necessary to clarify this binding, but are not intended for certifying additional information. Attribute certificates are similar to public-key certificates, but specifically intended to allow specification of information (attributes) other than public keys (but related to a Certification Authority, entity or public key), such that may also be conveyed in a trusted (verifiable) manner. *c
CONT Los certificados de clave pública proporcionan evidencia de la identidad de una persona. En entornos de comercio electrónico, se precisa más información que la mera identidad, en especial cuando las partes involucradas en una transacción no han tenido contacto previo. Los certificados de atributos, similares a los certificados de clave pública, contienen información sobre los atributos de una entidad (por ejemplo, su capacidad de firmar un contrato, o su límite de crédito). *c
OBS The attribute certificate may or may not exist in combination with a public key certificate. *b
OBS El certificado de atributos puede o no existir en combinación con un certificado de claves públicas. *a
OBS Term and definition standardized by ISO. OBS Término normalizado por la UIT. Sources Fuentes a* ISO/IEC 9594-8:1998. b* ITU-T, Rec. X.842 (2000). c* Menezes, A. Handbook of Applied Cryptography.
a* UIT-T, Rec. X.842 (2000). b* Autoridad Pública de Certificación Española. c* Rodríguez. L. Control de Accesos. d* CEMLA. Glosario de Sistema de Pagos.
Public Key Cryptography: A Commented Terminology File 51 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Element > Public key infrastructure Subcampo: Elemento > Infraestructura de clave
pública EN ES key management *a, b, c CORRECT, STANDARDIZED gestión de claves *a, b, c CORRECTO, NORMALIZADO, FEM
administración de claves *d CORRECTO, FEM
DEF Protocol for the generation, storage, distribution, deletion, archiving and application of keys in accordance with a security policy. *a
DEF Protocolo para la generación, distribución, almacenamiento, tiempo de vida, destrucción y aplicación de las claves de acuerdo con una política de seguridad. *b
DEF Conjunto de procesos y mecanismos que sirven como base para el establecimiento de claves y el mantenimiento de las subsiguientes relaciones entre las entidades, incluyendo el reemplazo de claves antiguas cuando nuevas claves son necesarias. *e OBS Gestión de claves: término normalizado por la UIT. Fuentes
DEF Set of processes and mechanisms that support key establishment and the maintenance of ongoing keying relationships between parties, including replacing older keys with new keys as necessary. *b OBS Term and first definition standardized by ISO. Sources a* ISO/CEI JTC 1 SC 1 N1278. b* Menezes, A. Handbook of Applied Cryptography. c* NIST. Security in Open Systems.
a* UIT-T Rec. X.812 (1995). b* Álvarez, G. Correo Seguro. c* Autoridad Pública de Certficación Española. d* CEMLA. Glosario de Sistema de Pagos. e* Carolina Herrera.
Carolina Herrera 52 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Element > Public key infrastructure > Key management
Subcampo: Elemento > Infraestructura de clave pública > Gestión de claves
EN ES key generation *a, b, c CORRECT, STANDARDIZED generación de claves *a, b, c CORRECTO, NORMALIZADO,
FEM
DEF Protocol to generate keys in a secure way for a particular cryptographic algorithm. *a
DEF Protocolo para la generación de claves de manera segura para un algoritmo criptográfico particular. *b, d
EJ La seguridad de un algoritmo descansa en la generación de la clave. Un criptosistema que haga uso de claves criptográficamente débiles será consecuentemente débil. *b OBS Término normalizado por la UIT. Fuentes
EX The generation of secret and unpredictable numbers with certain properties is fundamental for key generation. *a OBS Term and definition standardized by ISO and the ITU. Sources a* ISO/IEC DTR 14156. b* ITU-T, Rec. X.509 (1988). c* OECD. Electronic Commerce.
a* UIT-T, Rec. X.509 (1988). b* Álvarez, G. Correo Seguro. c* Lucena, M. Criptología. d* Carolina Herrera.
Public Key Cryptography: A Commented Terminology File 53 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Element > Public key infrastructure > Key management
Subcampo: Elemento > Infraestructura de clave pública > Gestión de claves
EN ES key distribution *a, b, c, CORRECT, STANDARDIZED distribución de claves *a, b CORRECTO, NORMALIZADO, FEM
DEF Protocol that includes mechanisms to securely distribute a private key to the owner of that key. *b
DEF Protocolo usado para distribuir de forma segura las claves que se usarán en la futura comunicación. *a
EX A driving force in the practical use of cryptography is the key distribution problem inherent in single-key cryptosystems. *c
EJ La distribución y transferencia de las claves suele iniciarse con la petición de la clave por parte de una entidad a un Centro de Distribución de Claves o a la otra entidad involucrada en la comunicación. *b
OBS Term standardized by ISO and the ITU. OBS Término normalizado por la UIT.
Fuentes
Sources a* ISO/IEC DTR 14156. b* ITU-T, Rec. X.843 (2000). c* Encyclopaedia Britannica.
a* UIT-T, Rec. X.843 (2000). b* Álvarez, G. Correo Seguro.
Carolina Herrera 54 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Element > Public key infrastructure > Key management
Subcampo: Elemento > Infraestructura de clave pública > Gestión de claves
EN ES key storage *a, b, c, d CORRECT, STANDARDIZED key backup *b CORRECT, OFFICIALLY APPROVED key escrow *b, c, d AVOID, SEE RECORD
almacenamiento de claves *a, b CORRECTO, MASC depósito de claves *b, e CORRECTO, MASC, VER FICHA
DEF Protocol that provides secure storage of decryption keys to ensure the confidentiality and integrity of the keys. *a
DEF Protocolo que permite almacenar las claves privadas de un sistema criptográfico para garantizar la integridad del entorno. *a, e
EX Encrypted data must be retrievable when users lose their decryption keys, therefore a cryptographic system requires a system for backing up and recovering the decryption keys. *b
EJ Si se almacena la clave privada en un medio portátil, como por ejemplo un disquete, se aumenta el riesgo de tener problemas de seguridad. *a
OBS Key storage: term and definition standardized by ISO. *a OBS The concept of key backup implies that decryption keys are stored in a secondary location. �Key escrow� is a type of location to store private keys and is normally managed by a federal agency. The purpose of key escrow is to help with law enforcement, and it is a debated topic because of the fine lines between issues of public interest (such as national security) and individual freedom and privacy. *b, c OBS The concept of key storage can change depending on the level of security needed for the key. Keys can be simply stored as passwords, on hard disks or on magnetic cards. Critical high-security keys require store systems protected by elaborate security. *d
OBS El almacenamiento de claves implica la existencia de un segundo lugar donde se almacenan las claves, la cual puede ser controlada por el gobierno (almacenamiento centralizado de claves). El sistema de �almacenamiento centralizado de claves� implica que todo usuario de un sistema criptográfico debe entregar una copia de su clave privada a un tercero de confianza (en este caso, un organismo gubernamental). La aprobación del almacenamiento centralizado de claves es un punto de discusión ya que podría comprometer la seguridad de la criptografía. *d, e, g OBS En sistemas con un solo usuario las claves pueden ser almacenadas en la memoria del usuario. Una solución más sofisticada consiste en almacenarlas en una tarjeta de banda magnética o en una tarjeta inteligente. Las claves que impliquen un mayor riesgo requieren sistemas de almacenamiento más elaborados. *g, f
Sources Fuentes a* ISO/IEC DTR 14156. b* Entrust Technologies. What is PKI? c* Industry Canada. Electronic Commerce in Canada. d* Communications Security Establishment. Government of Canada PKI � White Paper.
a* OMPI. Comercio Electrónico y Propiedad Intelectual. b* Kriptopólis, octubre de 1999. c* Casacuberta, D. Diccionario de Ciberderechos. d* Ley General de Telecomunicaciones España. e* Casacuberta, D. Diccionario de Ciberderechos. g* Álvarez, G. Correo Seguro. f* Carolina Herrera.
Public Key Cryptography: A Commented Terminology File 55 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Element Subcampo: Elemento EN ES public key cryptosystem *a, b, c, d CORRECT, STANDARDIZED asymmetric cryptosystem *c, e CORRECT public key cryptographic system *f CORRECT asymmetric cryptographic system *g CORRECT
criptosistema de clave pública *a, b, c, d CORRECTO, NORMALIZADO, MASC criptosistema asimétrico *e, f CORRECTO, NORMALIZADO, MASC sistema criptográfico asimétrico *g CORRECTO, MENOS FRECUENTE, MASC sistema de cifrado asimétrico *h CORRECTO, MENOS FRECUENTE, MASC
DEF Collection of transformations from plaintext into ciphertext and vice versa, the particular transformation to be used being determined by two different keys: one private and one public. The transformations are normally defined by a mathematical algorithm. *a (modified)
DEF Conjunto de transformaciones de texto en claro a texto cifrado y viceversa. Cada transformación está definida por un algoritmo de cifrado y dos claves: una privada y una pública. *b (modificado)
CONT Cryptosystems may be either symmetric or asymmetric. In a symmetric cryptosystem, encryption and decryption are performed with a single key, so that both the sender and the receiver use the same key. In an asymmetric cryptosystem, by contrast, two different keys are employed: a private (encryption) key and a public (decryption) key. *d OBS Public key cryptosystem: term standardized by the ITU. OBS The terms �public key cryptographic algorithm� and �public key cryptosystem� are not true synonyms. A cryptographic algorithm is a mathematical formula used to encrypt data, while a �cryptosystem� is a collection of elements (including an algorithm) that make encryption possible. *g, h OBS The terms �cipher system� and �cipher� are not true synonyms of the term �cryptosystem�. A cipher is an element of a cryptosystem. (See �cryptographic algorithm� for definition of �cipher�) *h, i Sources a* ISO 9594-8 :1998. b* ITU-T, Rec. X.509 (1988). c* NIST. Security in Open Systems. d* The International PGP Home Page. How PGP works. e* Utah House of Representatives. Uniform Electronic Transactions Act f* NIST. Fact Sheet on Digital Signature Standard. g* Menezes, A. Handbook of Applied Cryptography. h* American National Standard. Telecom Glossary 2000. i* Carolina Herrera.
CONT Existen dos tipos de criptosistemas: simétricos y asimétricos. Los criptosistemas simétricos o de clave privada son aquellos que emplean la misma clave tanto para cifrar como para descifar. Los criptosistemas asimétricos o de clave pública emplean una clave pública (cifrado) y una clave privada (descifrado). *e OBS Criptosistema de clave pública: término normalizado por la UIT. OBS Los términos �algoritmo criptográfico de clave pública� y �criptosistema de clave pública� no son sinónimos absolutos. Un algoritmo criptográfico es una fórmula matemática utilizada en el cifrado de información, mientras que un �criptosistema� es un conjunto de elementos (incluyendo un algoritmo) que hacen posible el cifrado. * i, j Fuentes a* UIT Rec. X.509 (1988). b* Carlos, B. Criptografía, Maple y RSA. c* Álvarez, G. Generación de Claves. d* The International PGP Home Page. Cifrado de Clave Pública para Todos. e* Lucena, M. Criptografía. f* Hebe, F. Argentina: E-Commerce. g* Iriarte, E. Firma Digital y Certificado Digital. h* Pérez, M. Hacia la Seguridad en el Comercio Electrónico. i* American National Standard. Telecom Glossary 2000. j* Carolina Herrera.
Carolina Herrera 56 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Element > Cryptosystem Subcampo: Elemento > Sistema criptográfico EN ES public key algorithm *a, b, c CORRECT , STANDARDIZED public key encryption algorithm *d CORRECT, SEE RECORD public key cryptographic algorithm *c CORRECT asymmetric algorithm *c CORRECT
algoritmo de clave pública *a, b CORRECTO, NORMALIZADO, MASC algoritmo asimétrico *c CORRECTO, MASC algoritmo de cifrado de clave pública *d CORRECTO, MASC
DEF Algorithm for performing encryption or the corresponding decryption in which the keys used for encryption and decryption differ. *a
DEF Algoritmo en el cual las operaciones de cifrado y descifrado implican el uso de dos claves distintas, una privada y otra pública. *a, i
OBS The notion of cryptography includes a set of principles, means and methods for the transformation of data. Since �encryption� is a cryptographic method, the terms �public key encryption algorithm� is not true synonym of �public key algorithm� and its variants. However, it is commonly used as such. *b, i
Fuentes a* UIT-T, Rec. X.841 (2000) b* Autoridad Pública de Certificación Española c* Jiménez, J. Comercio electrónico, Internet y su Seguridad. d* Álvarez, G. Comercio Electrónico. i* Carolina Herrera.
Sources a* ISO/IEC 9798-3:1993 b* ITU, Rec.X.32. c* NIST. Security in Open Systems. d* Stallings, W. Introduction to Number Theory.
Public Key Cryptography: A Commented Terminology File 57 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Element > Cryptosystem Subcampo: Elemento > Sistema criptográfico EN ES key *a, b, c CORRECT, STANDARDIZED cryptographic key *b, d, e CORRECT encryption key *f AVOID, SEE RECORD encipherment key *g AVOID, SEE RECORD ciphering key *h AVOID, SEE RECORD
clave *a, b, c, d, e CORRECTO, NORMALIZADO, FEM clave criptográfica *a CORRECTO, FEM clave de cifrado *f EVITAR, VER FICHA, FEM
DEF Serie única de símbolos utilizados en combinación con un algoritmo criptográfico para operaciones de cifrado y descifrado. *e
DEF Sequence of symbols that used with an algorithm control operations of encryption and decryption. *a OBS The ITU differentiates two subtypes of keys: �encryption key� and �decryption key�. Therefore the term �key� is not a true synonym of the terms �encryption key�, �encipherment key� or �ciphering key�. *h
OBS La UIT reconoce dos subtipos de clave: �clave de cifrado� y �clave de descifrado�. Por lo tanto, el término �clave� no es sinónimo absoluto del término �clave de cifrado�. *f OBS En algoritmos simétricos, la clave de descifrado se puede calcular a partir de la clave de cifrado y viceversa. En la mayoría de los casos, la clave de cifrado utilizada en algoritmos simétricos es la misma que la clave de descifrado. En algoritmos de clave pública, la clave de descifrado (privada) no se puede calcular fácilmente partiendo de la clave de cifrado (pública). *g OBS Clave: término normalizado por la UIT.
OBS In symmetric algorithms, the decryption key can be calculated from the encryption key and vice versa. In most cases, the encryption key used with symmetric algorithms is the same as decryption key. In public key algorithms, the decryption (private) key cannot be easily calculated from the encryption (public) key. *f OBS Term and definition standardized by ISO. *a Sources a* ISO/IEC 11770-1:1996. b* NIST. Security Requirements for Cryptographic Modules. c* Communications Security Establishment. Government of Canada PKI � White Paper. d* NIST. Computer Data Authentication. e* OECD. Cryptography Policy. f* Government of Canada. Technical Know How. g* International Association for Cryptologic Research. Lecture Notes in Computer Science, vol. 0219. h* ITU-R, Rec. M.1224 (1997).
Fuentes a* UIT-T, Rec. X.843 (2000). b* Autoridad Pública de Certificación Española. c* Álvarez, G. Correo Seguro. d* Casacuberta, D. Diccionario de Ciberderechos. e* CEMLA. Glosario de Sistema de Pagos. f* UIT-R, Rec. M.1224 (1997). g* Carolina Herrera.
Carolina Herrera 58 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Element > Cryptosystem > Key > By user Subcampo: Elemento > Sistema criptográfico > Clave
> Por usuario EN ES private key *a, b, c CORRECT, STANDARDIZED secret key *d AVOID, SEE RECORD
clave privada *a, b, c CORRECTO, NORMALIZADO, FEM clave secreta *d EVITAR, FEM, VER FICHA
DEF Cryptographic key used with a public key cryptographic algorithm, uniquely associated with an entity, and not made public. *c
DEF Clave criptográfica empleada en algoritmos de cifrado de clave pública, asociada con una sola entidad y no revelada al público. *e
OBS In symmetric algorithms, there is only one key known as the �secret key�, which is used for encryption and decryption purposes. In public key algorithms there are two keys: the decryption (private) key and the encryption (public) key. *e, f
OBS En algoritmos simétricos, hay solamente una clave que se conoce con el nombre de �clave secreta� y que se usa tanto para el cifrado como para el descifrado. En algoritmos de clave pública se utilizan dos claves: la clave de descifrado (privada) y la clave de cifrado (pública). *e
OBS The key that is not publicly revealed is generally referred to as a private key, rather than a secret key. This avoids confusion with the secret key of a symmetric cryptographic algorithm and derives from the idea that two people may share a secret, but a single person keeps something private. *d
OBS La clave que no se revela al público se conoce como �clave privada� y no �clave secreta�. Esto evita la confusión con la clave secreta de un algoritmo criptográfico simétrico y tiene como fundamento que dos personas pueden compartir un secreto, pero una sola persona mantiene algo privado. *e
OBS Term standardized by ISO and the ITU. OBS Clave privada: término normalizado por la UIT. Sources a* ISO/IEC 11770-1:1996. b* ITU-T, Rec. X.841 (2000). c* NIST. Security Requirements for Cryptographic Modules. d* Adams, C. Understanding Public-Key Infrastructure. e* Government of Canada. Technical Know How. f* Carolina Herrera.
Fuentes a* UIT-T, Rec. X.841 (2000). b* Autoridad Pública de Certificación Española. c* Álvarez, G. Correo Seguro. d* Microsoft TechNet. Fundamentos de Criptografía y de PKI. e* Carolina Herrera.
Public Key Cryptography: A Commented Terminology File 59 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Element > Cryptosystem > Key > By user Subcampo: Elemento > Sistema criptográfico > Clave
> Por usuario EN ES public key *a, b, c CORRECT, STANDARDIZED
clave pública *a, b, c CORRECTO, NORMALIZADO, FEM
DEF Cryptographic key used with a public key cryptographic algorithm, uniquely associated with an entity, and which may be made public in the communication. *b
DEF Clave criptográfica empleada en los algoritmos de cifrado de clave pública, asociada con una sola entidad y puesta a disposición del público en la comunicación. *d
OBS In symmetric algorithms, there is only one key known as the �secret key�, which is used for encryption and decryption purposes. In public key algorithms there are two keys: the decryption (private) key and the encryption (public) key. *d, e
OBS En algoritmos simétricos, hay solamente una clave que se conoce con el nombre de �clave secreta� y que se usa tanto para el cifrado como para el descifrado. En algoritmos de clave pública se utilizan dos claves: la clave de descifrado (privada) y la clave de cifrado (pública). *d
OBS Term and definition standardized by ISO. Sources a* ISO/IEC 11770-1:1996. b* NIST. Security Requirements for Cryptographic Modules. c* OECD. Cryptography Policy. d* Government of Canada. Technical Know How. e* Carolina Herrera.
OBS Término normalizado por la UIT. Fuentes a* UIT-T, Rec. X.843 (2000). b* Autoridad Pública de Certificación Española. c* Álvarez, G. Correo Seguro. d* Carolina Herrera.
Carolina Herrera 60 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Element > Cryptosystem > Key > By function Subcampo: Elemento > Sistema criptográfico > Clave
> Por función EN ES encryption key *a, b, c, d CORRECT, STANDARDIZED ciphering key *e, f CORRECT, STANDARDIZED encipherment key *a, g CORRECT, STANDARDIZED enciphering key *h CORRECT data encryption key *i CORRECT, LESS COMMON data encrypting key *j CORRECT, LESS COMMON cryptographic key *a AVOID, SEE RECORD key *a AVOID, SEE RECORD
clave de cifrado *a, b, c CORRECTO, NORMALIZADO, FEM clave de encriptación *d CORRECTO, FEM, VER FICHA clave de encripción *e MENOS FRECUENTE, FEM, VER FICHA clave de criptación *f CORRECTO, NORMALIZADO, FEM, VER FICHA clave *a EVITAR, FEM, VER FICHA clave criptográfica *a EVITAR, FEM, VER FICHA
DEF Cryptographic key used with an algorithm in the transformation of data to produce ciphertext. *a, l
DEF Clave criptográfica usada en combinación con un algoritmo en la transformación de datos para producir textos cifrados. *g
OBS The ITU differentiates two subtypes of keys: �encryption key� and �decryption key�. Therefore the term �key� is not a true synonym of the terms �encryption key�, �encipherment key� or �ciphering key�. *e
OBS La UIT reconoce dos subtipos de clave: �clave de cifrado� y �clave de descifrado�. Por lo tanto, el término �clave� no es sinónimo absoluto del término �clave de cifrado�. *a
OBS In symmetric algorithms, there is only one key known as the �secret key�, which is used for encryption and decryption purposes. In public key algorithms there are two keys: the decryption (private) key and the encryption (public) key. *k, l
OBS En algoritmos simétricos, hay solamente una clave que se conoce con el nombre de �clave secreta� y que se usa tanto para el cifrado como para el descifrado. En algoritmos de clave pública se utilizan dos claves: la clave de cifrado (pública) y la clave de descifrado (privada). *g OBS Actualmente se observa una tendencia a evitar el término �encriptación� por considerarse un anglicismo innecesario. Sin embargo, su uso es bastante frecuente en el campo de la criptografía. *b OBS Clave de cifrado: término normalizado por la UIT.
OBS Encryption key; encipherment key: terms standardized by ISO. OBS Ciphering key : term standardized by the ITU. Sources a* ISO/IEC 11770-1:1996. b* Encyclopaedia Britannica. c* Industry Canada. Electronic Commerce in Canada. d* NIST. Announcing Plans to Develop a Federal Information Processing Standard for Public-Key. e* ITU-T, Rec. X.843 (2000). f* George Mason University. GSM Security and Encryption. g* International Association for Cryptologic Research. Lecture Notes in Computer Science, vol. 0209. h* Institute of Electrical and Electronics Engineers. A New Public-Key Cipher. i* WIPO. PKI Architecture. j* International Association for Cryptologic Research. Lecture Notes in Computer Science, vol. 0218. k* Government of Canada. Technical Know How. l* Carolina Herrera.
Fuentes a* UIT-T, Rec. X.843 (2000). b* Autoridad Pública de Certificación Española. c* Álvarez, G. Correo Seguro. d* Criptograma, noviembre 1998. e* Universidad de Murgía. Redes de Ordenadores y Comunicaciones. f* UIT-T, Rec. H.234 (1994). g* Carolina Herrera.
Public Key Cryptography: A Commented Terminology File 61 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Element > Cryptosystem > Key Subcampo: Elemento > Sistema criptográfico > Clave EN
ES
decryption key *a, b, c, d CORRECT, STANDARDIZED deciphering key *e, f CORRECT, STANDARDIZED decipherment key *a, g CORRECT, STANDARDIZED
clave de descifrado *a, b CORRECTO, NORMALIZADO, FEM clave de descencriptación *a, b CORRECTO, FEM, VER FICHA
DEF Cryptographic key used in the reversal of a corresponding encryption to change ciphertext into plaintext. *a, c
DEF Clave criptográfica empleada en la reversión de la operación correspondiente de cifrado para cambiar un texto cifrado en texto claro. *c
OBS The ITU differentiates two subtypes of keys: �encryption key� and �decryption key�. *e
OBS La UIT reconoce dos subtipos de clave: �clave de cifrado� y �clave de descifrado�. *a
OBS In symmetric algorithms, there is only one key known as the �secret key�, which is used for encryption and decryption purposes. In public key algorithms there are two keys: the decryption (private) key and the encryption (public) key. *k, l
OBS En algoritmos simétricos, hay solamente una clave que se conoce con el nombre de �clave secreta� y que se usa tanto para el cifrado como para el descifrado. En algoritmos de clave pública se utilizan dos claves: la clave de cifrado (pública) y la clave de descifrado (privada). *c OBS Actualmente se observa una tendencia a evitar el término �desencriptación� por considerarse un anglicismo innecesario. Sin embargo, su uso es bastante frecuente en el campo de la criptografía. *b OBS Clave de descifrado: término normalizado por la UIT. Fuentes
OBS Term and definition standardized by ISO. *a Sources a* ISO/IEC 11770-1:1996. b* Encyclopaedia Britannica. c* Industry Canada. Electronic Commerce in Canada. d* NIST. Announcing Plans to Develop a Federal Information Processing Standard for Public-Key. e* ITU-T, Rec. X.843 (2000). f* George Mason University. GSM Security and Encryption. g* International Association for Cryptologic Research. Lecture Notes in Computer Science, vol. 0209. h* Institute of Electrical and Electronics Engineers. A New Public-Key Cipher. i* WIPO. PKI Architecture. j* International Association for Cryptologic Research. Lecture Notes in Computer Science, vol. 0218. k* Government of Canada. Technical Know How. l* Carolina Herrera.
a* UIT-T, Rec. X.843 (2000). b* Criptograma, noviembre de 1999. c* Carolina Herrera.
Carolina Herrera 62 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Element > Cryptosystem > Key > By function > Encryption key
Subcampo: Elemento > Sistema criptográfico > Clave > Por función > Clave de cifrado
EN ES session key *a, b, c CORRECT, STANDARDIZED transaction key *d CORRECT, OFFICIALLY APPROVED
clave de sesión *a, b, c CORRECTO, NORMALIZADO, FEM
DEF Temporary encryption key used between two entities, with a limited lifetime. *c
DEF Clave temporal de cifrado empleada entre dos entidades durante un periodo limitado de tiempo. *d
DEF Número generado de forma aleatoria basándose en los movimientos del ratón y las teclas pulsadas. *b
DEF A random number generated from the user�s random movements of the mouse and the keystrokes typed. *b
CONT PGP (Pretty Good Privacy) creates a session key. It works with a conventional encryption algorithm to encrypt the plaintext. Once the data is encrypted, the session key is also encrypted with the recipient's public key. This public key-encrypted session key is transmitted along with the ciphertext to the recipient, who will use his or her private key to recover the session key and decrypt the message. *b
CONT Cuando se envía un mensaje cifrado con PGP (Pretty Good Privacy), el programa crea una clave de sesión, la cual se usa para cifrar el texto del mensaje. Esta clave de sesión se cifra con la clave pública del destinatario y se transmite junto con el texto cifrado. El destinatario descifra la clave de sesión usando su clave privada y descifra el texto del mensaje. *b
OBS Session key: term standardized by the ITU. OBS Transaction key: term officially approved by the Department of Industry (Canada). *d Sources a* ITU-T Recommendation X.413. b* Introduction to Cryptography. PGP 6.5.1 documentation. c* Fermilab. Strong Authentication at Fermilab. d* Industry Canada. Electronic Commerce in Canada.
OBS Clave de sesión: término normalizado por la UIT. Fuentes a* UIT-T Rec. X.413. b* Álvarez, G. Correo Seguro. c* Criptograma, octubre de 1998. d* Carolina Herrera.
Public Key Cryptography: A Commented Terminology File 63 Field: Public key cryptography Campo: Criptografía de claves públicas Subfield: Participant Subcampo: Participante EN ES trusted third party *a CORRECT, STANDARDIZED TTP *a CORRECT, STANDARDIZED
tercera parte fiable *a, b CORRECTO, NORMALIZADO, FEM tercero de confianza *a, c CORRECTO, MASC tercera parte confiable *d, e CORRECTO, FEM TPC *d, e CORRECTO, FEM, VER FICHA TTP *d, e CORRECTO, FEM, VER FICHA
DEF Organisation or its agent that provides one or more security services, and is trusted by other entities with respect to activities related to these security services. *b
DEF Organización, o su agente, que proporciona uno o más servicios de seguridad, y es aceptada como fiduciaria por otras entidades con respecto a actividades relacionadas con estos servicios de seguridad. *a OBS Tercera parte fiable: término normalizado por la UIT. OBS La UIT no reconoce una abreviación para este término. Las abreviaciones �TPC� y �TTP�son menos frecuentes. *a, d
OBS Term and definition standardized by ISO and the ITU. *a, b Sources a* ISO/IEC 10181-1:1996. b* ITU-T, Rec. X.842 (2000). c* ISO/IEC FDIS 15945.
Fuentes a* UIT-T, Rec. X.842 (2000). b* Kriptópolis. Introducción a las Firmas Digitales. c* Pérez, M. Hacia la seguridad en el Comercio Electrónico. d* Autoridad Pública de Certificación Española. e* Álvarez, G. PKI o los Cimientos de una Criptografía de Clave Pública.
Carolina Herrera
CONCLUSION
The objectives of this terminological file have been to 1) produce records for the
fundamental English and Spanish terminology in the subject field of public key cryptography; 2)
guide the user in choosing terms and avoiding the use of pseudo-synonyms, and indicate spelling
or syntactic variants that could create confusion, and 3) discuss a number of terminological
difficulties in the field. I began by accumulating and evaluating documentation, which helped me
to gain a basic understanding of the subject field. I then proceeded to identify and select the
concepts, producing a base list of terms that was compared to some specialized glossaries in
order to eliminate the noise and insert missing concepts. Using the information obtained from
this analysis, I continued with the representation of the conceptual system in English and Spanish.
My next step was to enter the terms and the related textual supports on the terminological records.
Finally, I discussed the main problems encountered while researching and writing the file.
The conclusion drawn from this research is that for English/Spanish terminologists and
translators, the field of public key cryptography poses considerable challenges. Among them are
the constant evolution of the terms and concepts, and the different communicative situations in
which they are used. Moreover, the arbitrary creation of variants is a serious obstacle to
communication as it opens the doors to several alternative terms used simultaneously.
The suggestions given should help users to select and use better public key cryptography
terminology. I do not envision terms being fixed labels for precise concepts since this is an
idealised conception of terminology. But I hope that this work will be a useful start of a
consistent and correct terminology usage in the field of public key cryptography.
Public Key Cryptography: A Commented Terminology File 65
BIBLIOGRAPHY
1 Terminology
1.1 Works Cited Bowker, Lynne. Guidelines for Handling Multidimensionality in a Terminological Knowledge
Base. Thesis (M.A.). Ottawa: University of Ottawa, 1992. Cabré, M. Teresa. La Terminología: Teoría, metodología, aplicaciones. Barcelona:
Antártida/Empúries, 1993 Cole, Wayne D. �Terminology: Principles and Methods.� Computers and Translation. Sarasota:
Paradigm Press, 1987. 77-87. Daille, Béatrice et al. �Empirical Observation of Term Variations and Principles for their
Description.� Terminology 3.2 (1996): 197-257. Dubuc, Robert. Terminology: A Practical Approach. Québec: Linguatech, 1997. Pavel, Silvia, and Diane Nolet. Handbook of Terminology. Adapted into English by Christine
Leonhardt. Ottawa: Terminology and Standardization, Translation Bureau, 2001. Picht, Heribert, and Jennifer Draskau. Terminology: An Introduction. Guildford: University of
Surrey, 1985. Sager, Juan C. A Practical Course in Terminology Processing. Philadelphia: J. Benjamins, 1990.
1.2 Reference Works Bowker, Lynne. �You say �flatbed colour scanner�, I say �colour flatbed scanner�: A Descriptive
Study of the Influence of Multidimensionality on Term Formation and Use with Special Reference to the Subject Field of Optical Scanning Technology.� Terminology 4.2 (1997): 275-302.
Meyer, Ingrid, Karen Eck, and Douglas Skuce. �Systematic Representation of Concepts in a
Knowledge-based System.� Handbook of Terminology Management. Amsterdam/Philadelphia: John Benjamins, 1997. 98-118.
Pearson, Jennifer. Terms in Context. Philadelphia: J. Benjamins Pub. Co, 1998. Rondeau, Guy. Introduction à la Terminologie. Montréal: Centre éducatif et culturel Inc, 1984.
Carolina Herrera 66
Temmerman, Rita. Towards New Ways of Terminology Description: The Socio-Cognitive
Approach. Amsterdam; Philadelphia: J. Benjamins Pub. Co, 2000.
1.3 Terminological Files Duguay, Christine. L�Analyse Génétique: fichier terminologique bilingue commenté. M.A. thesis.
Ottawa: University of Ottawa, 1996. González, Genny. Persons with Impaired Vision: Challenges Faced in the Development of a
Terminological Collection. M.A. thesis. Ottawa: University of Ottawa, 2001. Leslie, Lynne. Web Publishing: A Commented Bilingual Terminology File. M.A. thesis. Ottawa:
University of Ottawa, 1997 2 Public Key Cryptography
2.1 English Sources
2.1.1 Hard Copy Sources Adams, Carlile. Understanding Public Key Infrastructure. Indianapolis: Macmillan Technical,
1999. Menezes, Alfred, Paul C. van Oorschot, and Scott A. Vanstone. Handbook of Applied
Cryptography. Boca Raton: CRC Press, 1997. Schneier, Bruce. Applied Cryptography: Protocols, Algorithms, and Source Code in C. New
York: Wiley, 1996. Stallings, William. Cryptography and Network Security: Principles and Practice. Upper Saddle
River, N.J.: Prentice Hall, 1999. 2.1.2 On-Line Sources American National Standard for Telecommunications. Telecom Glossary 2000. Last date
updated: December 15, 2000. [http://www.its.bldrdoc.gov/projects/telecomglossary2000/] Accessed: July 30, 2001.
Communications Security Establishment. Government of Canada PKI � White Paper. Published:
February, 1998. [http://www.cse-cst.gc.ca/cse/english/gov.html] Accessed: July 30, 2001.
Public Key Cryptography: A Commented Terminology File 67
Department of Justice of Canada. �A Survey of Legal Issues Relating to the Security of
Electronic Information.� Electronic Commerce. Last date updated: September 09, 1997. [http://Canada.justice.gc.ca/en/ps/ec/toc.html] Accessed: July 30, 2001.
Encyclopaedia Britannica. �Cryptography.� [www.britannica.com] Entrust Technologies Resource Center. What is a PKI?
[http://www.entrust.com/resourcecenter/docs/pki.htm] Accessed: April 1, 2001. Fermi National Accelerator Laboratory (Fermilab). Strong Authentication at Fermilab. Last date
updated: July 31, 2001. [http://www.fnal.gov/docs/strongauth/html/glossary.html] Accessed: August 3, 2001.
George Mason University. GSM Security and Encryption.
[http://www.dsinet.org/textfiles/phreaking/gsmsecurity.txt] Accessed: July 30, 2001. Government of Canada, Communications Security Establishment. Government of Canada Public
Key Infrastructure. [http://www.cse-cst.gc.ca/cse/english] Accessed: April 1, 2001. Government of Canada, Department of Justice. A Survey of Legal Issues Relating to the Security
of Electronic Information. Last date updated: December 9, 1997. [http://canada.justice.gc.ca/en/ps/ec/toc.html] Accessed: April 1, 2001.
Government of Canada, Community Access Program. �Community Resources.� Technical
Know How. [http://cap.ic.gc.ca/english/8883.shtml] Accessed: July 30, 2001. Illinois General Assembly. Electronic Commerce Security Act. Last date updated: July 1, 2001.
[http://www.legis.state.il.us/ilcs/ch5/ch5act175articles/ch5act175Sub4.htm] Accessed: July 30, 2001.
Industry Canada. Electronic Commerce in Canada: Security and Cryptography. Last date
updated: December 10, 2000. [http://e-com.ic.gc.ca/english/crypto/631d24.html] Accessed: July 27, 2001.
Information Society Technologies. �Guide to Information Security.� Diffuse Project: European
Commission's programme. Last date updated: January, 2001. [http://www.diffuse.org/secguide.html] Accessed: July 30, 2001.
Institute of Electrical and Electronics Engineers (IEEE). �A New Public-Key Cipher System
Based Upon the Diophantine Equations.� IEEE Transactions on Computers 44.1 (1995). [http://www.computer.org/tc/tc1995/t0013abs.htm] Accessed: July 30, 2001.
International Association for Cryptologic Research. �Lecture Notes in Computer Science.�
Journal of Cryptology. New York: Springer-Verlag New York, Inc, 1996-2000. [http://link.springer.de/link/service/journals/00145/] Accessed: July 30, 2001.
Carolina Herrera 68
Internet.com. Webopedia. [http://www. webopedia.com] Accessed: April 1, 2001. National Institute of Standards and Technology (NIST). U.S. Department of Commerce.
Announcing Plans to Develop a Federal Information Processing Standard for Public-Key Based Cryptographic Key Agreement and Exchange. Last date updated: May 6, 1997. [http://csrc.nist.gov/encryption/kms/ann2.txt] Accessed: July 30, 2001.
National Institute of Standards and Technology (NIST). U.S. Department of Commerce. �Computer Data Authentication.� Computer Systems Technology: Federal Information Processing Standards Publication 113. [http://www.itl.nist.gov/fipspubs/fip113.htm#FIPS_TOP] Accessed: July 30, 2001.
National Institute of Standards and Technology (NIST). U.S. Department of Commerce. Fact
Sheet on Digital Signature Standard, 1994. Last date updated: April 17, 2001. [http://www.nist.gov/public_affairs/releases/digsigst.htm] Accessed: August 3, 2001.
National Institute of Standards and Technology (NIST). U.S. Department of Commerce. �Security in Open Systems.� Computer Systems Technology. NIST Special publication 800-7, 1994. Last date updated: April 17, 2001. [http://csrc.nist.gov/publications/nistpubs/800-7/node2.html] Accessed: July 30, 2001.
National Institute of Standards and Technology (NIST). U.S. Department of Commerce. Security
Requirements for Cryptographic Modules, 1994. Last date updated: April 17, 2001. [http://itl.nist.gov/fipspubs/fip140-1/htm] Accessed: July 30, 2001.
Oracle Technology Network. Public Key Infrastructure.
[http://otn.oracle.com/deploy/security/pki/listing.htm] Accessed: July 30, 2001. Organisation for Economic Co-operation and Development (OECD). The OECD Cryptography
Policy Guidelines and the Report on Background and Issues of Cryptography Policy, March 1997. Last date updated: January 5, 1999. [http://www.oecd.org//dsti/sti/it/secur/prod/e-crypto.htm] Accessed: July 27, 2001.
Scientific American.com. �Confidentially yours: A novel security scheme sidesteps.� Scientific
American June 1998. [http://www.sciam.com/] Accessed: July 30, 2001. Stallings, William. �Introduction to Number Theory.� Lecture Notes for Use with Cryptography
and Network Security. Last date updated: April 24, 1996. [http://williamstallings.com/Extras/Security-Notes/lectures/publickey.html] Accessed: August 3, 2001.
Standards Council of Canada. [http://www.ccn.ca/home.html] Accessed: April 1, 2001.
Public Key Cryptography: A Commented Terminology File 69
The International PGP Home Page. �How PGP works.� Introduction to Cryptography in the PGP 6.5.1. Last date updated: July 6, 2001. [http://www.pgpi.org/doc/pgpintro/] Accessed: July 30, 2001.
Utah House of Representatives. Uniform Electronic Transactions Act. Last date updated: July 12,
2001. [http://www.le.state.ut.us/~code/TITLE46/46_03.htm] Accessed: July 30, 2001. World Intellectual Property Organization (WIPO). PKI Architecture for the E-PCT Standard.
Last date updated: January 30, 2001. [http://pcteasy.wipo.int/efiling_standards/a5pr2e.pdf] Accessed: July 30, 2001.
World Wide Web Consortium. �Digital Qualification - Direct Deployment of PKC in the Access
Control of Diverse Content and Services.� Workshop on Digital Rights Management for the Web. Last date updated: March 8, 2001. [http://www.w3.org/2000/12/drm-ws/pp/accessticket.html] Accessed: July 30, 2001.
2.2 Spanish Sources 2.2.1 On-Line Sources Álvarez, Gonzalo. �Comercio Electrónico.� Criptonomicón.
[http://www.iec.csic.es/criptonomicon/comercio/ssl.html#top] Visitada: 5.8.2001. ---. �Correo Seguro.� Criptonomicón. [www.iec.csic.es/criptonomicon/seguridad] Visitada:
30.7.2001. ---. �Gestión de Claves.� Criptonomicón.
[http://www.iec.csic.es/criptonomicon/seguridad/claves.html] Visitada: 3.8.2001. ---. �PKI o los Cimientos de una Criptografía de Clave Pública�. Criptonomicón.
[http://www.iec.csic.es/criptonomicon/susurros/susurros11.html] Visitada: 30.7.2001. Álvarez, Gonzálo, et al. Generación de Claves del Criptosistema de Clave Pública de Blum,
Blum y Shub. V Reunión Española sobre Criptología, 1998. [http://www.iec.csic.es/~gonzalo/publis/publis.html] Visitada: 30.7.2001.
Arce, Alfonso y Federico Díaz. �La Firma Digital. Aspectos Jurídicos. Su Aplicación a las
Comunicaciones Previstas por la Ley 22.172.� Revista Electrónica de Derecho Informático, 16.11.1999. [http://publicaciones.derecho.org/redi/No._16_-_Noviembre_de_1999/3] Visitada: 30.7.2001.
Arnal: Tecnologías de la Información. Ley General de Telecomunicaciones de España. Última
modificación: 6.7.1998. [http://www.arnal.es/free/coms/cripto-52.html] Visitada: 30.7.2001.
Carolina Herrera 70
Autoridad Pública de Certificación Española. Conceptos de Criptografía. [http://www.cert.fnmt.es/faq.htm] Visitada: 30.7.2001.
Bover, Jordi, y Rosa Colomer. �La Intervención del Especialista en la Normalización
Terminológica.� Actas de la Conferencia sobre la Cooperación en Materia de Terminología en Europa. París del 17 al 19 de mayo de 1999. [http://www.eaft-aet.net/actes/BOVER_COLOMER.htm] Visitada: 3.8.2001.
Carlos, B. Criptografia, Maple y RSA. [http://www.kriptopolis.com/pubs.html] Visitada:
30.4.2001. Casacuberta, David, y José Luis Más. Diccionario de Ciberderechos.
[http://www.kriptopolis.com/dicc.html] Visitada: 30.7.2001. Centro de Estudios Monetarios Latinoamericanos (CEMLA). Lista de Términos y Abreviaturas
Aplicados en Materia de Sistema de Pagos. [http://www.cemla.org/pdf/sp-glosario.PDF] Visitada: 30.7.2001.
Consumo2000. Curso Básico de Comercio Electrónico para Consumidores y Usuarios.
[http://www.consumo2000.org/texto.htm] Visitada: 14.7.2001. Hebe, Fabiana. �Argentina: E-Commerce: La Nueva Realidad Comercial.� Revista Electrónica
de Derecho Informático. 3.2001. [http://publicaciones.derecho.org/redi/No._32_-_Marzo_del_2001/8] Visitada: 30.7.2001.
Gobierno de Uruguay. Complementación de la Definición y Configuración del Sistema de
Intercambio de Información de Seguridad entre los Estados Partes del Mercosur. [http://www.mrree.gub.uy/Mercosur/ConsejoMercadoComun/Reunion18/Anexo2/dec18.html] Visitada: 14.7.2001.
Iriarte, Erick. �Firma Digital y Certificado Digital. El Proyecto Peruano.� Revista Electrónica de
Derecho Informático. 14.9.1999. [http://publicaciones.derecho.org/redi/No._14_-_Septiembre_de_1999/9] Visitada: 30.7.2001.
Jiménez, José Carlos. �Comercio electrónico, Internet y su Seguridad.� Bit 126 (2001).
[http://www.iies.es/teleco/publicac/publbit/bit126/sumario.htm] Visitada: 5.8.2001. Kriptópolis. �Introducción a las Firmas Digitales.� Kriptópolis 2001.
[http://www.kriptopolis.com/docs/firmad.html] Visitada: 30.7.2001. Lucena López, Manuel. Criptografía y Seguridad en Computadores. Kriptópolis, 2001.
[http://www.kriptopolis.com/cys.html] Visitada: 30.7.2001. ---. Fisgones. Kriptópolis, 2000. [http://www.kriptopolis.com/luc/20000224.html] Visitada:
30.7.2001.
Public Key Cryptography: A Commented Terminology File 71
Martínez, Fernando. ¿Qué son los Certificados Digitales?. [http://www.iec.csic.es/criptonomicon/articulos/expertos51.html] Visitada: 30.7.2001.
Mendívil, Ignacio. El ABC de los Documentos Electrónicos Seguros. Kriptópolis, 2001.
[http://www.kriptopolis.com/pubs.html] Visitada: 30.4.2001. Microsoft TechNet. Fundamentos de Criptografía y de PKI. Última modificación: 19.7.2001.
[http://www.microsoft.com/spain/technet/comunidad/articulos/welcome3.asp?opcion=2006]. Visitada: 30.7.2001.
Microsoft TechNet. Introducción a la Infraestructura de Claves Públicas. Última modificación:
19.7.2001. [www.microsoft.com/latam/technet/articulos/windows2k/pkiintro] Visitada: 30.7.2001.
Organización Mundial de la Propiedad Intelectual (OMPI): Comercio Electrónico y Propiedad
Intelectual. Comité Permanente sobre el Derecho de Patentes. Última modificación: 18.12.1998. [http://www.wipo.org/spa/document/scp_ce/pdf/scp1_11.pdf] Visitada: 30.7.2001.
---. Tecnología de los Sistemas Digitales para la Seguridad y Autenticación de los Servicios que
Ofrecen las Oficinas de Propiedad Intelectual. [http://ecommerce.wipo.int/primer/annex2-es.html] Visitada: 30.7.2001.
Pérez Pereira, María. �Hacia la seguridad en el Comercio Electrónico.� Revista Electrónica de
Derecho Informático 11.6.1999. [http://publicaciones.derecho.org/redi/No._11_-_Junio_de_1999/pereira] Visitada: 30.7.2001.
PGP Security. PGP Keyserver.
[www.pgp.com/international/spain/products/keyserver/default.asp] Visitada: 30.7.2001. Pons, M. Criptología. Kriptópolis, 2001. [http://www.kriptopolis.com/pubs.html] Visitada:
30.4.2001. Quirantes, Arturo. �Depósito de claves en la FNMT�. Boletín Kriptópolis 10.1999.
[http://www.kriptopolis.com/boletin/0137.html] Visitada: 30.7.2001. Schneier, Bruce. Criptograma 10.1998. [http://www.kriptopolis.com/criptograma/cg.html]
Visitada: 30.7.2001. The International PGP Home Page. �Cifrado de clave pública para todos.� Guía del usuario de
PGP. Última modificación: 6.7.2001. [http://www.pgpi.org/docs/spanish1.txt] Visitada: 30.7.2001.
Carolina Herrera 72
APPENDIX I � INDEX OF ENGLISH TERMS asymmetric algorithm, 56 asymmetric cryptographic system, 55 asymmetric cryptography, 38 asymmetric cryptosystem, 55 attribute certificate, 50 authentication, 41 CA certificate, 49 certificate, 48 certification authority certificate, 49 ciphering, 39 ciphering key, 57, 60 confidentiality, 44 cryptographic key, 57, 60 data encrypting key, 60 data encryption, 39 data encryption key, 60 data integrity, 46 data origin authentication, 41, 43 deciphering, 40 deciphering key, 61 decipherment, 40 decipherment key, 61 decoding, 40 decrypting, 40 decryption, 40 decryption key, 61 digital certificate, 48 enciphering, 39 enciphering key, 60 encipherment, 39 encipherment key, 57, 60 encryption, 39 encryption key, 57, 60
entity authentication, 41, 42 integrity, 46 key, 57, 60 key backup, 54 key distribution, 53 key escrow, 54 key generation, 52 key management, 51 key storage, 54 non repudiation, 45 nonrepudiation, 45 non-repudiation, 45 PKC, 38 PKI, 47 private key, 58 public key, 59 public key algorithm, 56 public key certificate, 48 public key cryptographic algorithm, 56 public key cryptographic system, 55 public key cryptography, 38 public key cryptosystem, 55 public key encryption algorithm, 56 public key infrastructure, 47 public-key cryptography, 38 secret key, 58 session key, 62 transaction key, 62 trusted third party, 63 TTP, 63 two-key cryptography, 38 user certificate, 48
Public Key Cryptography: A Commented Terminology File 73
APPENDIX II � INDEX OF SPANISH TERMS aceptación obligatoria, 45 administración de claves, 51 algoritmo asimétrico, 56 algoritmo de cifrado de clave pública, 56 algoritmo de clave pública, 56 almacenamiento de claves, 54 autenticación, 41 autenticación de entidad, 41, 42 autenticación del origen de los datos, 41, 43 autentificación, 41 certificado, 48 certificado de atributos, 50 certificado de autoridad de certificación, 49 certificado de clave pública, 48 certificado de usuario, 48 certificado digital, 48 cifrado, 39 clave, 57, 60 clave criptográfica, 57, 60 clave de cifrado, 57, 60 clave de criptación, 60 clave de descencriptación, 61 clave de descifrado, 61 clave de encripción, 60 clave de encriptación, 60 clave de sesión, 62 clave privada, 58 clave pública, 59 clave secreta, 58 codificación, 39 codificación de datos, 39 confidencialidad, 44 criptación, 39
criptografía asimétrica, 38 criptografía de clave asimétrica, 38 criptografía de clave pública, 38 criptografía de claves públicas, 38 criptosistema asimétrico, 55 criptosistema de clave pública, 55 decripción, 40 depósito de claves, 54 descifrado, 40 descriptación, 40 desencriptación, 40 distribución de claves, 53 encripción, 39 encriptación, 39 generación de claves, 52 gestión de claves, 51 infraestructura de clave pública, 47 infraestructura de claves públicas, 47 infraestructura PKI, 47 integridad, 46 integridad de datos, 46 no rechazo, 45 no repudiación, 45 no repudio, 45 sistema criptográfico asimétrico, 55 sistema de cifrado asimétrico, 55 tercera parte confiable, 63 tercera parte fiable, 63 tercero de confianza, 63 TPC, 63 TTP, 63
Carolina Herrera 74
APPENDIX III � INDEX OF ENGLISH AND SPANISH TERMS aceptación obligatoria, 45 administración de claves, 51 algoritmo asimétrico, 56 algoritmo de cifrado de clave pública, 56 algoritmo de clave pública, 56 almacenamiento de claves, 54 asymmetric algorithm, 56 asymmetric cryptographic system, 55 asymmetric cryptography, 38 asymmetric cryptosystem, 55 attribute certificate, 50 autenticación, 41 autenticación de entidad, 41, 42 autenticación del origen de los datos, 41, 43 autentificación, 41 authentication, 41 CA certificate, 49 certificado, 48 certificado de atributos, 50 certificado de autoridad de certificación, 49 certificado de clave pública, 48 certificado de usuario, 48 certificado digital, 48 certificate, 48 certification authority certificate, 49 cifrado, 39 ciphering, 39 ciphering key, 57, 60 clave, 57, 60 clave criptográfica, 57, 60 clave de cifrado, 57, 60 clave de criptación, 60 clave de descencriptación, 61 clave de descifrado, 61 clave de encripción, 60 clave de encriptación, 60 clave de sesión, 62 clave privada, 58 clave pública, 59 clave secreta, 58 codificación, 39 codificación de datos, 39 confidencialidad, 44 confidentiality, 44 criptación, 39 criptografía asimétrica, 38 criptografía de clave asimétrica, 38 criptografía de clave pública, 38
criptografía de claves públicas, 38 criptosistema asimétrico, 55 criptosistema de clave pública, 55 cryptographic key, 57, 60 data encrypting key, 60 data encryption, 39 data encryption key, 60 data integrity, 46 data origin authentication, 41, 43 deciphering, 40 deciphering key, 61 decipherment, 40 decipherment key, 61 decoding, 40 decripción, 40 decrypting, 40 decryption, 40 decryption key, 61 depósito de claves, 54 descifrado, 40 descriptación, 40 desencriptación, 40 digital certificate, 48 distribución de claves, 53 enciphering, 39 enciphering key, 60 encipherment, 39 encipherment key, 57, 60 encripción, 39 encriptación, 39 encryption, 39 encryption key, 57, 60 entity authentication, 41, 42 generación de claves, 52 gestión de claves, 51 infraestructura de clave pública, 47 infraestructura de claves públicas, 47 infraestructura PKI, 47 integridad, 46 integridad de datos, 46 integrity, 46 key, 57, 60 key backup, 54 key distribution, 53 key escrow, 54 key generation, 52 key management, 51 key storage, 54
Public Key Cryptography: A Commented Terminology File 75
no rechazo, 45 no repudiación, 45 no repudio, 45 non repudiation, 45 nonrepudiation, 45 non-repudiation, 45 PKC, 38 PKI, 47 private key, 58 public key, 59 public key algorithm, 56 public key certificate, 48 public key cryptographic algorithm, 56 public key cryptographic system, 55 public key cryptography, 38 public key cryptosystem, 55
public key encryption algorithm, 56 public key infrastructure, 47 public-key cryptography, 38 secret key, 58 session key, 62 sistema criptográfico asimétrico, 55 sistema de cifrado asimétrico, 55 tercera parte confiable, 63 tercera parte fiable, 63 tercero de confianza, 63 TPC, 63 transaction key, 62 trusted third party, 63 TTP, 63 two-key cryptography, 38 user certificate, 48