Crypto API Terms

I have previously written about my discovery of the C header file for the Microsoft Crypto API. There are many terms in this source file that are foreign to me. It is my goal to learn all I can to unlock these mysteries. I thought I would go over some more unfamiliar terms and discuss what little I know about them.

One realm has to do with Diffie-Hellman. I do know that these are the last names of two guys. However I do not know the details of their research. There were terms in the code such as KEA, SANDF, and EPHEM. These must mean something for this algorithm.

The code referenced different types of hashes. I recognized SHA which I have previously written about. However I did not know what MAC, RIPEMD, HMAS, or TLS1 were. The same thing goes for Secure Channel. I have heard about it. But I did not know what the “master” refers to. I suspect this has something to do with SSL. Again I am not sure.

There are a number of algorithm choices present in the code. I know about digital signatures using RSA. I might have heard about DSS digital signatures. However the terms SEAL, KEA, CYLINK MEK, and PCT MASTER were foreign to me. It is definitely time to study up.

Now I saw a section on Gen Key. My instinct tells me this has something to do with Netscape. If I had to guess, it must be a program or technique to generate random keys. However I want to be sure. In addition, I need to understand how the following terms apply to key generation: exportable, user protected, salt, SF, KEK, and volatile.

There was a section of code enumerating the types of “modes” available. I was not sure what they were talking about. I know I did not recognize the different values such as cipher block chaining, electronic code boo, output feedback, cipher feedback, and cipher text stealing. Only one of them sounded even vaguely familiar.

I did gain some tangible knowledge reading this source file “wincrypt.h”. Specifically it stated that Windows XP ships with a 128-bit encryption provider. And I read that the code is implemented in a file called “crypt32.dll”. I found out that OID stands for Object Identifier. However I need to know more than what the acronym stands for. I need to also learn what non-repudiation means. Microsoft is usually good with its documentation. My next stop is the Microsoft Developer Network (MSDN) for detailed info. As always I will share what I learn.