Authentication: A digital signature (standard electronic signature) produces an electronic “fingerprint” that is unique to both the document and the signer. Digital signatures can ensure the authenticity of the signer, as well as the integrity of the contents of the document being signed. Any changes made to the document after it has been signed will invalidate the digital signature, thereby protecting against signature forgery and information tampering.

Asymmetric Cryptography: There are two types of encryption: Symmetric - Identical secret key for both encryption and decryption. Asymmetric - Two Keys: a Private Key and a Public key in such a way that if one of it is used for encryption, the other would be used for decryption. Asymmetric Cryptography is also known as Public Key Cryptography.


Certifying Authority (CA): An authority that creates and signs Digital Signature Certificates for one or more users. Usually CA’s form a hierarchy. The top of this hierarchy is called the root CA. They act as a trusted “third party ” certifying the identity of the individual or organization to anyone who receives a digitally signed message.

CRL Distribution Point (CDP) : Definition used by applications to find the CRL location.

Confidentiality: Confidentiality can be defined as steps undertaken to ensure that the information or message is disclosed only to the intended recipients.

Certificate Revocation List (CRL) : the place where a CA stores the IDs of all the Digital Certificates that have been revoked.

Cryptographic Algorithm: A specialized algorithm that defines a cipher which can be used to encrypt or decrypt data.


Data Integrity: Assures the accuracy and completeness of the information or message.Any changes made to the contents will invalidate the signature.

Digital Signature: Digital Signature is a number(thumbprint) derived from the contents of the message (Message Digest) along with Signer’s secret (Private Key)

Digital Signature Certificate: A Digital Signature Certificate is issued by a CA to a user or an organization to ensure the authenticity of the Public key belonging to that entity. The issuing CA also digitally signs the certificate, thereby providing a hierarchy of trust.


Electronic Commerce: Any commercial activity that takes place, at least in part, between connected computers is part of electronic commerce. It is often referred to as "e-Commerce".

Electronic Signature: Any means of electronically verifying adoption or agreement to the contents of an electronic document or message.

Encryption: It refers to the process of encoding data in a way that could not be deciphered by an unauthorized entity.


Hashing: A mathematical process that converts a message (e.g. document) into a unique “message digest” that represents the original message. A hash function will not produce the same message digest for two different inputs. A hash is a one-way function, making it infeasible to reverse the process to determine the original message from the “message digest”.


Keys: They are numbers, typically derived from large prime numbers that are used to encrypt or decrypt a message. In Asymmetric Cryptography, if a key is used for encryption, the corresponding key would be used for decryption. While in Symmetric Cryptography, a key is used for both encryption and decryption, and therefore requires sharing of the key between the sender and receiver.

Key Pair: The Public and Private keys generated for a user, in an Asymmetric Cryptography.


Message Digest: A Message Digest or simply a digest is a unique digital representation or “fingerprint” of the message or data, used in the process of creating a Digital Signature.


Non-Repudiation: The property to avoid denial of transactions.


OTP: One Time Password - An authentication method using a password that is only valid for a single use.


Public Key Infrastructure (PKI): An ecosystem comprising of the Algorithms & Protocols, Standards & Implementation, Policies and Law involving end-user entities,Certifying Authorities and/or other trusted entities, Relying Parties that sanctify the digital signature creation & verification processes, encryption & decryption processes.

Private Key: The secret key in an Asymmetric Cryptography, used for signing and/or for decrypting of encrypted messages. Each private key will have a corresponding public key.

Public Key: The public key in an Asymmetric Cryptography, used for verification of signed messages and/or for encryption of messages. Each public key will have a corresponding private key.


Registration Authority (RA) : An entity in the Public Key Infrastructure that does the required verification of the identities submitted by an end-entity for issuance of the Digital Signature Certificate.


Smart Card: A card, typically the size of a credit card, containing a built-in crypto co-processor and memory. In traditional PKI systems, Smart Cards are used to store a user’s Private Keys and used for digital signing.

Secure Sockets Layer (SSL): A protocol that uses public key cryptography for sharing a secret key used for secure communications over the Internet.


USB Crypto Token: A Security Crypto Token is typically a single board containing a crypto co-processor and flash memory with an USB interface that could be used by an authorized user for digital signing and for decryption of encrypted messages.


X.509 : An ITU (International Telecommunication Union) standard for Digital Signature Certificates used in many PKI implementations.