
# SID	@(#) glossary.txt 1.31 22/11/01 19:28:24

# acronym | description
#------+----------------------------------------------------------------------+
0-RTT	zero Round-Trip Time
3Fish	see Threefish
3SHAKE	sometimes for: TLS Triple Handshake Attack
AA	Attribute Authority
AAD	Additional Authenticated Data
ACME	Automated Certificate Management Environment
ACL	Access Control List
Adiantum	ChaCha stream cipher with Poly1305 and XChaCha12
ADH	Anonymous Diffie-Hellman
Adler32	hash function
AE	Authenticated Encryption
AEAD	Authenticated Encryption with Additional Data
AECDHE	Anonymous Ephemeral ECDH
AEM	Authenticated Encryption Mode aka Advanced Encryption Mode aka OCB3
AES	Advanced Encryption Standard, block cipher
AESCCM	AES with CCM
AESCCM8	AES with CCM8
AESGCM	AEAD algorithms AEAD_AES_128_GCM and AEAD_AES_256_GCM
AES-CCM	alias for AESCCM
AES-GCM	alias for AESGCM
# AES-GCM	AES-GCM is an authenticated encryption mode that uses the AES block cipher in counter mode with a polynomial MAC based on Galois field multiplication.
AES-GCM-SIV	Nonce Misuse-Resistant Authenticated Encryption (RFC8452)
AES-CTR	?
AES-XTS	?
AIA	Authority Information Access (certificate extension)
AKC	Agreement with Key Confirmation
AKID	Authority Key IDentifier
ALPN	Application Layer Protocol Negotiation
ALPACA	Application Layer and Content Confusion Attack	(Exploit SSL/TLS)
AMASTRID	stream cipher algorithm
ARC4	Alleged RC4 (see RC4)
ARCFOUR	alias for ARC4
Argon2	Password hashing function (J. Aumasson, 2014)
Argon2d	variant of Argon2
Argon2i	variant of Argon2
Argon2id	variant of Argon2
ARIA	128-bit symmetric block cipher
ARX	add–rotate–xor
ASN	Autonomous System Number
ASN.1	Abstract Syntax Notation number One
AtE	Authenticate-then-Encrypt (see also MtE)
BACPA	Blockwise-Adaptive Chosen-Plaintext Attack
BADA55	"locate weak cryptography somewhere", Bernstein, Lange, et al.
BADA55-VPR-224	improved verifiably pseudorandom 224-bit curve
BADA55-VR-224	curve using the same prime as NIST P-224
BADA55-VR-256	curve using the same prime as NIST P-256
BADA55-VR-384	curve using the same prime as NIST P-384
Bar Mitzvah	vulnerabilty of TLS sessions protected with RC4
BDH	Bilinear Diffie-Hellman
BEAR	block cipher combining stream cipher and hash function
BEAST	Browser Exploit Against SSL/TLS	(Exploit SSL/TLS)
BEAST .	fast block cipher for arbitrary blocksizes
BER	Basic Encoding Rules
BGP	Boorder Gateway Protocol
bcrypt	hash function (Niels Provos, David Mazières, 1999)
BLAKE	hash function (Jean-Philippe Aumasson, Luca Henzen, Willi Meier, Raphael C.-W. Phan, 2008)
BLAKE2	fast secure hashing function (2012)
BLAKE2b	see BLAKE (64 bit)
BLAKE2s-128	see BLAKE (32 bit)
BLAKE3	fast secure hashing function (20??)
BLAKE3	??
BLAKE-32	see BLAKE (32 bit)
BLAKE-64	see BLAKE (64 bit)
BLAKE-224	see BLAKE (224 bit)
BLAKE-256	see BLAKE (256 bit)
BLAKE-384	see BLAKE (384 bit)
BLAKE-512	see BLAKE (512 bit)
Blowfish	symmetric block cipher
boomerang attack	attack on BLAKE
BPA	Branch Prediction Analysis
Brainpool	signature algorithm, from BSI
BREACH	Browser Reconnaissance & Exfiltration via Adaptive Compression of Hypertext; a variant of CRIME	(Exploit SSL/TLS)
Bullrun	NSA program to break encrypted communication
CAMELLIA	symmetric key block cipher; encryption algorithm 128 bit (by Mitsubishi and NTT)
CAST	Carlisle Adams and Stafford Tavares, block cipher
CAST-128	Carlisle Adams and Stafford Tavares, block cipher
CAST5	alias for CAST-128
CAST-256	Carlisle Adams and Stafford Tavares, block cipher
CAST6	alias for CAST-256
cipher suite	cipher suite is a named combination of authentication, encryption, and message authentication code algorithms
CA	Certificate Authority (aka root CA)
CAA	Certificate Authority Authorization
CAA RR	CAA Resource Record
CBC	Cyclic Block Chaining
CBC 	Cipher Block Chaining (sometimes)
CBC  	Ciplier Block Chaining (sometimes)
CBC-MAC	Cipher Block Chaining - Message Authentication Code
CBC-MAC-ELB	Cipher Block Chaining - Message Authentication Code - Encrypt Last Block
CBC3	alias for Tripple DES (sometimes, used in cipher suite names)
CCA	chosen-ciphertext attack
CCM	Counter with CBC-MAC Mode (authenticated encryption block cipher mode) (with 16-octet authentication tag)
CCM-8	Counter with CBC-MAC Mode (authenticated encryption block cipher mode) (with 8-octet authentication tag)
CCS	Change Cipher Spec (protocol)
CDH	?  Diffie-Hellman
CDP	CRL Distribution Points
CECPQ1	key-agreement algorithm; Combined elliptic Curve and Post-Quantum Cryptography Key Exchange
CECPQ2	Combined elliptic Curve and Post-Quantum Cryptography Key Exchange
CEK	Content Encryption Key
CFB	Cipher Feedback
CFB3	Cipher Feedback
CFBx	Cipher Feedback x bit mode
CFRG	Crypto Forum Research Group
CGN	Carrier- Grade NAT (RFC6598)
ChaCha	stream cipher algorithm (with 256-bit key)
ChaCha8	see ChaCha
ChaCha12	see ChaCha (aka 12-round ChaCha)
ChaCha20	see ChaCha (aka 20-round ChaCha)
ChaCha-Poly1305	Authenticated Encryption with Associated Data (AEAD)
CHAP	Challenge Handshake Authentication Protocol
CLEFIA	lightweight block cipher algorithm
CKA	(PKCS#11)
CKK	(PKCS#11)
CKM	(PKCS#11)
CMAC	Cipher-based MAC
CMC	CBC-mask-CBC
CMP	X509 Certificate Management Protocol
CMS	Cryptographic Message Syntax
CMVP	Cryptographic Module Validation Program (NIST)
CN	Common Name
CNT_IMIT	cipher suite
CTR_OMAC	cipher suite (GOST R 34.12-2015 aka GOST3412-2015)
CP	Certificate Policy (certificate extension)
CPA	chosen-plaintext attack
CPD	Certificate Policy Definitions
CPS	Certification Practice Statement
CRC	Cyclic Redundancy Check
CRC8	CRC with polynomial length 8
CRC16	CRC with polynomial length 16
CRC32	CRC with polynomial length 32
CRC64	CRC with polynomial length 64
CRAM	Challenge Response Authentication Mechanism
CRIME	Compression Ratio Info-leak Made Easy	(Exploit SSL/TLS)
CRL	Certificate Revocation List
CRYPTON	128 bit block cipher (1998)
CRYPTREC	Cryptography Research and Evaluation Committees
CRYSTALS	post-quantum hash function, signature
CRYSTALS-Dilithium	post-quantum hash function, signature
CRYSTALS-Kyber	post-quantum hash function, signature
CSP	Certificate Service Provider
CSP 	Cryptographic Service Provider
CSP  	Critical Security Parameter (used in FIPS 140-2)
CSP:	Content Security Policy (used as HTTP header)
CSR	Certificate Signing Request
CSPRNG	Cryptographically Secure Pseudo-Random Number Generator
CT	Certificate Transparency
CTL	Certificate Trust Line
CTR	Counter Mode (sometimes: CM; block cipher mode)
CTS	Cipher Text Stealing
Curve448	signature algorithm, aka Goldilocks (224 bit)
Curve25519	signature algorithm by Dan J. Bernstein (ca. 128 bit)
CWC	CWC Mode (Carter-Wegman + CTR mode; block cipher mode)
CyaSSL	formerly name of wolfSSL
DAA	Data Authentication Algorithm
DAC	Data Authentication Code
DACL	Discretionary Access Control List
DANE	DNS-based Authentication of Named Entities
DDH	Decisional Diffie-Hellman (Problem)
DEA	Data Encryption Algorithm (sometimes a synonym for DES)
DEAL	128, 192, 256 bit block cipher (Lars Knudsen, 1998)
DECIPHER	synonym for decryption
DEK	Data Encryption Key
DER	Distinguished Encoding Rules
DES	Data Encryption Standard
DESede	alias for 3DES ?java only?
DESX	extended DES
3DES	Tripple DES (168 bit)
3DES-EDE	alias for 3DES
3TDEA	Three-key  Tripple DEA (sometimes: Tripple DES; 168 bit)
2TDEA	Double-key Tripple DEA (sometimes: Double DES; 112 bit)
D5	Verhoeff's Dihedral Group D5 Check
DH	Diffie-Hellman
DHE	Diffie-Hellman ephemeral (historic acronym, often used, mainly in openssl)
Dilithium	digital signature scheme
Dilithium2-AES	alias for Dilithium
Dilithium3-AES	alias for Dilithium
Dilithium5-AES	alias for Dilithium
DLIES	Discrete Logarithm Integrated Encryption Scheme
DLP	Discrete Logarithm Problem
DN	Distinguished Name
DNSSEC	DNS Security Extension
DPA	Dynamic Passcode Authentication (see CAP)
DRAGON	stream cipher algorithm
DRG	Deterministic Random Generator
DRBG	Deterministic Random Bit Generator
DROWN	Decrypting RSA with Obsolete and Weakened eNcryption	(Exploit SSL/TLS)
DSA	Digital Signature Algorithm
DSCP	Differentiated Services Code Point
DSPR	?
DSS	Digital Signature Standard
DTLS	Datagram TLS
DTLSv1	Datagram TLS 1.0
Dual EC DBRG	Dual Elliptic Curve Deterministic Random Bit Generator (NIST)
Dual_EC_DBRG	Dual Elliptic Curve Deterministic Random Bit Generator (NIST)
DV	Domain Validation
DV-SSL	Domain Validated Certificate
EAL	Evaluation Assurance Level
EAP	Extensible Authentication Protocol
EAP-PSK	Extensible Authentication Protocol using a Pre-Shared Key
EAX	Encrypt-then-Authenticate-then-Translate
EAX 	EAX Mode (block cipher mode)
EAXprime	alias for EAX Mode
EBC	Edge Boundery Controller
EC	Elliptic Curve
ECB	Electronic Code Book mode (block cipher mode)
ECC 	Error Corection Code
ECC	Elliptic Curve Cryptography
ECCSI	Elliptic Curve-Based Certificateless Signatures for Identity-Based Encryption
ECDH	Elliptic Curve Diffie-Hellman
ECDHE	Ephemeral ECDH
ECDHE_ECDSA	Ephemeral ECDH with ECDSA or EdDSA signatures
ECDHE_RSA	Ephemeral ECDH with RSA signatures
ECDH_anon	Anonymous ephemeral ECDH, no signatures
ECDLP	Elliptic Curve Discrete Logarithm Problem
ECDSA	Elliptic Curve Digital Signature Algorithm
ECDSA-256	Elliptic Curve Digital Signature Algorithm (256 bits)
ECDSA-384	Elliptic Curve Digital Signature Algorithm (384 bits)
ECDSA-521	Elliptic Curve Digital Signature Algorithm (521 bits)
ECGDSA	Elliptic Curve ??? DSA
ECHO	hash function (Ryad Benadjila, Olivier Billet, Henri Gilbert, Gilles Macario-Rat, Thomas Peyrin, Matt Robshaw, Yannick Seurin, 2010)
ECIES	Elliptic Curve Integrated Encryption Scheme
ECKA	Elliptic Curve Key Agreement
ECKA-EG	Elliptic Curve Key Agreement of ElGamal Type
ECKDSA	Elliptic Curve ??? DSA
ECMQV	Elliptic Curve Menezes-Qu-Vanstone
ECN	Explicit Congestion Notification
ECOH	Elliptic Curve only hash
# ECRYPT	??
ECSVDP-DH	Elliptic Curve Secret Value Derivation Primitive, Diffie-Hellman version
Ed25519	alias for Curve25519
Ed448	alias for Curve448
edwards25519	alias for Curve25519
edwards448	alias for Curve448
EdDSA	alias for signatures using public key and private key formats, like Curve448 and Curve25519
EDE	Encryption-Decryption-Encryption
EDH	Ephemeral Diffie-Hellman
EGADS	Entropy Gathering and Distribution System
EGD	Entropy Gathering Daemon
EKU	Extended Key Usage
ELB	Encrypt Last Block
ElGamal	asymmetric block cipher
ENCIPHER	synonym for encryption
EME	ECB-mask-ECB
EME 	Encoding Method for Encryption
EMS 	Extended Master Secret (sometimes)
EMS 	Encrypted Master Secret
ESNI	Encrypted Server Name Indication
ESP	Encapsulating Security Payload
ESSIV	Encrypted salt-sector initialization vector
EtA	Encrypt-then-Authenticate (see also EtM)
E&A	Encrypt-and-Authenticate (see also E&M)
E&M	Encrypt-and-MAC (see also E&A)
EtM	Encrypt-then-MAC (see also EtA)
eTLS	Enterprise TLS (social attack on privacy by ETSI; renamed to ETS)
ETS	Enterprise Transport Security (renamed from eTLS)
ETSI-TS	European Telecommunications Standards Institute - Technical Specification
EV	Extended Validation
EV-SSL	Extended Validation Certificate
FALCON	Fast-Fourier Lattice-based Compact Signatures over NTRU; post-quantum signature
FEAL	Fast Data Encryption Algorithm
FFC	Finite Field Cryptography
FFT	Fast Fourier Transform
FIPS	Federal Information Processing Standard
FIPS46-2	FIPS Data Encryption Standard (DES)
FIPS73	FIPS Guidelines for Security of Computer Applications
FIPS140-2	FIPS Security Requirements for Cryptographic Modules
FIPS140-3	proposed revision of FIPS 140-2
FIPS180-3	FIPS Secure Hash Standard
FIPS186-3	FIPS Digital Signature Standard (DSS)
FIPS197	FIPS Advanced Encryption Standard (AES)
FIPS198-1	FIPS The Keyed-Hash Message Authentication Code (HMAC)
FREAK	Factoring Attack on RSA-EXPORT Keys	(Exploit SSL/TLS)
FQDN	Fully-qualified Domain Name
FSB	Fast Syndrome Based Hash
FSM	Finite State Machine
FZA	FORTEZZA
G-DES	??? DES
GCM	Galois/Counter Mode (authenticated encryption block cipher mode)
GHASH	Hash funtion used in GCM
GMAC	MAC for GCM
Grøstl	hash function (Lars Knudsen, 2010)
Goldilocks	see Curve448
GOST	Gossudarstwenny Standard, block cipher
GOST 	hash function (used in GOST cipher suite)
GOST28147-89	block cipher
GOST3410-2012	signature algorithm
GOST3411-2012	hash algorithm
GOST3412-2015	block cipher
GOST3413-2015	modes of operation for block ciphers
GOST3431095	cryptographic algorithm?
GOST3431004	cryptographic algorithm?
GOST3431195	cryptographic algorithm?
GOSTR341001	cryptographic algorithm?
GOSTR341094	cryptographic algorithm?
GOSTR341194	cryptographic algorithm?
Grainv1	stream cipher (64-bit IV)
Grainv128	stream cipher (96-bit IV)
GREASE	Generate Random Extensions And Sustain Extensibility
GRØSTL256	hash function
GRØSTL512	hash function
GROESTL256	alias for GRØSTL256
GROESTL512	alias for GRØSTL512
HAIFA	HAsh Iterative FrAmework
hash127	fast hash function (by Dan Bernstein)
HAVAL	one-way hashing
HAS-160	hash function
HAS-V	hash function
HC128	alias for HC128
HC256	alias for HC256
HC-128	stream cipher algorithm
HC-256	stream cipher algorithm
HCH	Hash-Coputer-Hash
HCTR	a variable-input-length encryption mode
HEARTBLEED	attack against TLS extension heartbeat
HEIST	HTTP Encrypted Information can be Stolen through TCP-windows
HIBE	hierarchical identity-based encryption
HKDF	HMAC-based Extract-and-Expand Key Derivation Function
HNF-256	hash function (Harshvardhan Tiwari, Krishna Asawa, 2014)
HMAC	keyed-Hash Message Authentication Code (aka Hashed MAC)
HMQV	h? Menezes-Qu-Vanstone
HPC	Hasty Putting Cipher
HPKP	HTTP Public Key Pinning
HPolyC	ChaCha stream cipher with Poly1305 and XChaCha12, XChaCha20
HRSS	encryption algorithm
HSM	Hardware Security Module
HSR	Header + Secret + Random
HSTS	HTTP Strict Transport Security
HTOP	HMAC-Based One-Time Password
IAPM	Integrity Aware Parallelizable Mode (block cipher mode of operation)
IBE	Identity-Based Encryption
ICM	Integer Counter Mode (alias for CTR)
IDP	Issuing Distribution Points
IDEA	International Data Encryption Algorithm (by James Massey and Xuejia Lai)
IESG	Internet Engineering Steering Group
IETF	Internet Engineering Task Force
IFC	Integer Factorization Cryptography
IGE	Infinite Garble Extension
IKE	Internet Key Exchange
IKEv2	IKE version 2
IND-BACPA	Indistinguishability of encryptions under blockwise-adaptive chosen-plaintext attack
IND-CCA	Indistinguishability of encryptions under chosen-cipgertext attack
IND-CPA	Indistinguishability of encryptions under chosen-plaintext attack
INT-CTXT	Integrity of ciphertext
INT-PTXT	Integrity of plaintext
IRTF	Internet Research Task Force
ISAKMP	Internet Security Association and Key Management Protocol
IV	Initialization Vector
JH	hash function (Hongjun Wu, 2011)
JH-224	see JH (224 bits)
JH-256	see JH (256 bits)
JH-384	see JH (384 bits)
JH-512	see JH (512 bits)
Jolkit-BC	tweakable block cipher
JSSE	Java Secure Socket Extension
KATAN	lightweight block cipher algorithm
KLEIN	lightweight block cipher algorithm
Keccak	hash function (Guido Bertoni, Joan Daemen, Michaël Peeters und Gilles Van Assche, 2012)
KCI	Key Compromise Impersonation
KDC	Key Distribution Center (mainly Kerberos)
KDF	Key Derivation Function
KEA	Key Exchange Algorithm (alias for FORTEZZA-KEA)
KEK	Key Encryption Key
KEM	Key Encapsulation Mechanisms
KMS	Key Management Service
KPAK	KMS Public Authentication Key
KRB	Key Exchange Kerberos
KRB5	Key Exchange Kerberos 5
KSAK	KMS Secret Authentication Key
KSK	Key Signing Key (DNSSEC)
KU	Key Usage
Kuznyechik	block cipher  (used in GOST)
Magma	block cipher  (used in GOST)
LAKE	hash function (Jean-Philippe Aumasson, Willi Meier, Raphael C.-W. Phan, 2008)
LEA	? algorithm
LEA-128	see LEA
LEA-256	see LEA
LED	lightweight block cipher algorithm
LEXv2	stream cipher algorithm
LFSR	Linear Feedback Shift Register
LION	block cipher combining stream cipher and hash function
LLL	Lenstra–Lenstra–Lovász, lattice basis reduction algorithm
LM hash	LAN Manager hash aka LanMan hash
LogJam	Attack to force server to downgrade to export ciphers	(Exploit SSL/TLS)
Logjam	see LogJam
LRA	Local Registration Authority
LRW	Liskov, Rivest, and Wagner (block encryption)
LSN	large-scale NAT (same as CGN)
Lucifer	block cipher (developed at IBM in the 1970s)
Lucky13	Break SSL/TLS Protocol with ciphers using CBC-mode	(Exploit SSL/TLS)
Lucky 13	Break SSL/TLS Protocol	(Exploit SSL/TLS)
Lucky Thirteen	see Lucky 13
MANTIS	block cipher, low-latency variant of SKINNY
MARS	128-bit block cipher (developed at IBM)
MAC	Message Authentication Code
MCF	Modular Crypt Format
MDC	Modification Detection Code
MDC2	Modification Detection Code 2 aka Meyer-Schilling
MDC-2	same as MDC2
MD2	Message Digest 2
MD4	Message Digest 4
MD5	Message Digest 5
MEE	MAC-then-Encode-then-Encrypt (see also MtE, AtE)
MEK	Message Encryption Key
MECAI	Mutually Endorsing CA Infrastrukture
MGF	Mask Generation Function
MIDORI	lightweight block cipher algorithm (64 or 128 bit) (2015)
Midori64	see MIDORI
Midori128	see MIDORI
MISTY1	block cipher algorithm
MPQS	Multiple Polynomial Quadratic Sieve
MQV	Menezes-Qu-Vanstone (authentecated key agreement)
MS-SSTP	see SSTP
MtE	MAC-then-encrypt (see also AtE)
NaCl	"Salt", crypto library (by D. Bernstein, Tanja Lange, Peter Schwabe)
NCP	Normalized Certification Policy (according TS 102 042)
NOEKEON	symmetric block cipher algorithm
Neokeon	see NOEKEON (probaly typo)
NewHope	post-quantum key exchange
nistp192	alias for P-192
nistp224	alias for P-224
nistp256	alias for P-256
nistp384	alias for P-384
nistp521	alias for P-521
NLSv2	stream cipher algorithm
nonce	(arbitrary) number used only once
NPN	Next Protocol Negotiation
NSS	Network Security Services
NTG	none-Deterministic Random Generator
NTLM	NT Lan Manager. Microsoft Windows challenge-response authentication method.
NTRU	asymetric cipher algorithm using lattice reduction
NTRUEncrypt	alias for NTRU
NOMORE	Numerous Occurrence MOnitoring & Recovery Exploit, aka RC4 NOMORE
NULL	no encryption
NUMS	nothing up my sleeve numbers
OAEP	Optimal Asymmetric Encryption Padding
OCB	Offset Codebook Mode (block cipher mode of operation)
OCB1	same as OCB
OCB2	improved OCB aka AEM
OCB3	improved OCB2
OCELOT1	stream cipher algorithm
OCELOT2	stream cipher algorithm
OCSP	Online Certificate Status Protocol
OCSP stapling	formerly known as: TLS Certificate Status Request
OFB	Output Feedback
OFBx	Output Feedback x bit mode
OID	Object Identifier
OMAC	One-Key CMAC, aka CBC-MAC
OMAC1	same as CMAC
OMAC2	same as OMAC
OPIE	One-time pad Password system
OTP	One Time Pad
OV	Organisational Validation
OV-SSL	Organisational Validated Certificate
P12	see PKCS#12
P7B	see PKCS#7
P-192	Elliptic Curve used in FIPS 186-4 (NIST)
P-224	Elliptic Curve used in FIPS 186-4 (NIST)
P-256	Elliptic Curve used in FIPS 186-4 (NIST)
P-384	Elliptic Curve used in FIPS 186-4 (NIST)
P-521	Elliptic Curve used in FIPS 186-4 (NIST)
PACE	Password Authenticated Connection Establishment
PAD	Peer Authorization Database
PAKE	Password Authenticated Key Exchange
Panama	stream cipher algorithm
PCN	Pre-Congestion Notification
PBE	Password Based Encryption
PBKDF2	Password Based Key Derivation Function
PC	Policy Constraints (certificate extension)
PCBC	Propagating Cipher Block Chaining
PCFB	Periodic Cipher Feedback Mode
PCT	Private Communications Transport
PEM	Privacy Enhanced Mail
PES	Proposed Encryption Standard
PFS	Perfect Forward Secrecy
PFX	see PKCS#12 (Personal Information Exchange)
PGP	Pretty Good Privacy
PII	Personally Identifiable Information
Picollo	lightweight block cipher algorithm
PKCS	Public Key Cryptography Standards
PKCS1	PKCS #1: RSA Encryption Standard
PKCS3	PKCS #3: RSA Encryption Standard on how to implement the Diffie-Hellman key exchange protocol
PKCS5	PKCS #5: RSA Encryption Standard on how to derive cryptographic keys from a password
PKCS6	PKCS #6: RSA Extended Certificate Syntax Standard
PKCS7	PKCS #7: RSA Cryptographic Message Syntax Standard
PKCS8	PKCS #8: RSA Private-Key Information Syntax Standard
PKCS10	PKCS #10: Describes a standard syntax for certification requests
PKCS11	PKCS #11: RSA Cryptographic Token Interface Standard (keys in hardware devices, cards)
PKCS12	PKCS #12: RSA Personal Information Exchange Syntax Standard (public + private key stored in files)
PKE	Public Key Enablement
PKI	Public Key Infrastructure
PKIX	Internet Public Key Infrastructure Using X.509
PKP	Public-Key-Pins
PM	Policy Mappings (certificate extension)
PMAC	Parallelizable MAC (by Phillip Rogaway)
PMS	Pre-Master Secret
Poly1305	Authenticator (MAC)
Poly1305-AES	MAC (by D. Bernstein)
POP	Proof of Possession
POODLE	Padding Oracle On Downgraded Legacy Encryption	(Exploit SSL/TLS)
PQC	Post-Quantum Crypto
PRESENT	block cipher algorithm (80 or 128 bit) (2007)
PRF	Pseudo-Random Function
PRP	Pseudo-Random Permutation
PRINCE	low-latency block cipher algorithm (64 bit) (2012)
prime192v1	alias for P-192
prime224v1	alias for P-224
prime256v1	alias for P-256
prime384v1	alias for P-384
prime521v1	alias for P-521
PRNG	Pseudo-Random Number Generator
PSK	Pre-shared Key
PSKC	Portable Symmetric Key Container
PTG	Physical Random Generator
PVT	Public Validation Token
PWKE	Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography
QUIC	Quick UDP Internet Connection
RA	Registration Authority (aka Registration CA)
Rabbit	stream cipher algorithm
RACCOON	Timing vulnerability in TLS' DH key exchange	(Exploit SSL/TLS)
RADIUS	Remote Authentication Dial-In User Service
Radix-64	alias for Base-64
RAINBOW	post-quantum signature (broken 2/2022)
RBG	Random Bit Generator
RC2	Rivest Cipher 2, block cipher by Ron Rivest (64-bit blocks)
RC4	Rivest Cipher 4, stream cipher (aka Ron's Code)
RC5	Rivest Cipher 5, block cipher (32-bit word)
RC5-64	Rivest Cipher 5, block cipher (64-bit word)
RC6	Rivest Cipher 6
RCSU	Reuters' Compression Scheme for Unicode (aka SCSU)
RFC	Request for Comments
Rijndael	symmetric block cipher algorithm (AES)
RIPEMD	RACE Integrity Primitives Evaluation Message Digest
RIPE-MD	alias for RIPEMD
RLWE	Ring Learning-with-Errors
RMAC	Randomized MAC (block cipher authentication mode)
RMD	
RNG	Random Number Generator
ROCA	Return of the Coppersmith Attack	(Exploit SSL/TLS)
ROT-13	see XOR
ROBOT	Return Of Bleichenbacher's Oracle Threat	(Exploit SSL/TLS)
RTP	Real-time Transport Protocol
RSASSA-PSS	RSA Probabilistic Signature Scheme
RSA	Rivest Sharmir Adelman (public key cryptographic algorithm)
RSS-14	Reduced Space Symbology, see GS1
RTN	Routing transit number
S/KEY	One-time pad Password system
SA	Subordinate Authority (aka Subordinate CA)
SACL	System Access Control List
SAD	Security Association Database
SAE	Simultaneous Authentication of Equals
SAFER	Secure And Fast Encryption Routine, block cipher
Salsa20	stream cipher (by D. Bernstein, 2005), see ChaCha20
Salsa20/8	see scrypt
Salsa20/12	see Salsa20
Salsa20/20	see Salsa20
SAM	syriac abbreviation mark
SAN	Subject Alternate Name
Sarmal	hash function
SAX	Symmetric Authenticated eXchange
SBCS	single-byte character set
SBPA	Simple Branch Prediction Analysis
SCA	Selfsigned CA signature
SCEP	Simple Certificate Enrollment Protocol
SCREAM	tweakable word-based stream cipher (2002)
scrypt	password based key derivation function (Colin Percival)
SCSU	Standard Compression Scheme for Unicode (compressed UTF-16)
SCSV	Signaling Cipher Suite Value
SCVP	Server-Based Certificate Validation Protocol
SCT	Signed Certificate Timestamp
SDES	Security Description Protokol
secp192r1	alias for P-192
secp224r1	alias for P-224
secp256r1	alias for P-256
secp384r1	alias for P-384
secp521r1	alias for P-521
SEAL	Software-Optimized Encryption Algorithm; 32-bit word stream cipher (1994)
SEED	128-bit symmetric block cipher (1998)
Serpent	symmetric key block cipher (128 bit)
SGC	Server-Gated Cryptography
SGCM	Sophie Germain Counter Mode (authenticated encryption block cipher mode)
SIV	Synthetic Initialization Vector
SHA	Secure Hash Algorithm
SHA-0	Secure Hash Algorithm (insecure version before 1995)
SHA-1	Secure Hash Algorithm (since 1995)
SHA-2	Secure Hash Algorithm (since 2002)
SHA-3	Secure Hash Algorithm (since 2015), see Keccak also
SHA-128	Secure Hash Algorithm (128 bit)
SHA-224	Secure Hash Algorithm (224 bit)
SHA-256	Secure Hash Algorithm (256 bit)
SHA-384	Secure Hash Algorithm (384 bit)
SHA-512	Secure Hash Algorithm (512 bit)
SHA1	alias for SHA-1 (160 bit)
SHA2	alias for SHA-2 (128, 224, 256, 384 or 512 bit)
SHA3	alias for SHA-3 (224, 256, 384 or 512 bit)
SHA3256	alias for SHA3-256
SHA3-224	Secure Hash Algorithm (224 bit)
SHA3-256	Secure Hash Algorithm (256 bit)
SHA3-384	Secure Hash Algorithm (384 bit)
SHA3-512	Secure Hash Algorithm (512 bit)
SHAKE128	Secure Hash Algorithm (variable bit)
SHAKE256	Secure Hash Algorithm (variable bit)
SHAttered	The first concrete collision attack against SHA1	(Exploit SSL/TLS)
SHAvite-3	hash function (Eli Biham, Orr Dunkelman, 2009)
SHS	Secure Hash Standard
SIA	Subject Information Access (certificate extension)
SIC	Segmented Integer Counter (alias for CTR)
SIDH	Supersingular Isogeny Diffie-Hellman (key exchange)
SIKE	post-quantum hash function, signature (broken 7/2022)
SIKEp434	post-quantum hash function, signature (broken 7/2022)
SIKEp503	post-quantum hash function, signature (broken 7/2022)
SIKEp610	post-quantum hash function, signature (broken 7/2022)
SIKEp751	post-quantum hash function, signature (broken 7/2022)
SIMON	lightweight block cipher (NSA algorithm, questionable security)
SipHash	hash function (J. Aumasson, Daniel Bernstein, 2012)
Skein	hash function (Niels Ferguson, Stefan Lucks, Bruce Schneier, Doug Whiting, Mihir Bellare, Tadayoshi Kohno, Jon Callas, Jesse Walker, 2010)
Skein-256-256	see Skein (256 bits)
Skein-512-256	see Skein (256 bits)
Skein-512-512	see Skein (512 bits)
Skein-1024-1024	see Skein (1024 bits)
SKID	Subject Key ID (certificate extension)
SKINNY	SPN tweakable block cipher
SKINNY-128-256	see SLINNY
SKIP	Message Skipping Attacks on TLS	(Exploit SSL/TLS)
SKIP-TLS	see SKIP
Skipjack	block cipher encryption algorithm specified as part of the Fortezza
SLOTH	Security Losses from Obsolete and Truncated Transcript Hashes	(Exploit SSL/TLS)
SM2	ShangMi authentication function
SM3	ShangMi hash function
SM4	ShangMi block cipher algorithm (Chinese gouvernment algorithm, questionable but no objections yet)
SM4CCM	AEAD algorithms AEAD_SM4_CCM
SM4GCM	AEAD algorithms AEAD_SM4_GCM
SMS4	see SM4
SMACK	State Machine AttaCKs	(Exploit SSL/TLS)
Snefu	hash function
Snow20	stream cipher algorithm
SNI	Server Name Indication
SNOW	word-based synchronous stream ciphers (by Thomas Johansson and Patrik Ekdahl )
Snuffle 2005	see Salsa20
Snuffle 2008	see ChaCha
Sosemanuk	stream cipher algorithm
SPARX	? algorithm
SPECK	lightweight block cipher algorithm (NSA algorithm, questionable security)
Speck64	see Speck
Speck128	see Speck
Speck256	see Speck
Speck256-XTS	see Speck
SPD	Security Policy Database
SPDY	Google's application-layer protocol on top of SSL
SPECK	block cipher combining
SPHINCS	Stateless hash-based signatures, post-quantum hash function, signature
SPHINCS-256	alias for SPHINCS
SPHINCS-SHAKE256	alias for SPHINCS
SPHINCS-SHA-256	alias for SPHINCS
SPI	Security Parameters Index
SPKI	Subject Public Key Infrastructure
SPN	Substitution-Permutation Network
SPRP	Strong Pseudo-Random Permutation
Square	block cipher
SRI	Subresource Integrity
SRP	Secure Remote Password protocol
SRTP	Secure RTP
SSCD	Secure Signature Creation Device
SSEE	Sichere Signaturerstellungseinheit (same as SSCD)
SSK	Secret Signing Key
SSL	Secure Sockets Layer
SSLv2	Secure Sockets Layer Version 2
SSLv3	Secure Sockets Layer Version 3
SSP	Security Support Provider
SSPI	Security Support Provider Interface
SST	Serialized Certificate Store format
SSTP	Secure Socket Tunneling Protocol
STES	stream cipher algorithm
Streebog	hash function
Streebog-256	see Streebog
Streebog-512	see Streebog
STS	Strict Transport Security
STS 	Station-to-Station protocol
SUF-CMA	Strong UnForgeability against Chosen-Message Attacks
Sweet32	Birthday attacks on 64-bit block ciphers in TLS and OpenVPN	(Exploit SSL/TLS)
SWIFFT	hash function (Vadim Lyubashevsky, Daniele Micciancio, Chris Peikert, Alon Rosen, 2008)
SWIFFTX	see SWIFFT
TA	Trust Agent
TACK	Trust Assertions for Certificate Keys
TCB	Trusted Computing Base
TDEA	Tripple DEA
TEA	Tiny Encryption Algorithm
TEK	Traffic Encryption Key
TET	?
TGS	Ticket Granting Service (mainly Kerberos)
TGT	Ticket Granting Ticket (mainly Kerberos)
Tiger	hash function
TIME	Timing Info-leak Made Easy	(Exploit SSL/TLS)
TIME 	A Perfect CRIME? TIME Will Tell
Threefish	hash function
TLS	Transport Layer Security
TLSA	TLS Trust Anchors
TLSv1	Transport Layer Security version 1
TLSA RR	TLSA resource Record
TMAC	Two-Key CMAC, variant of CBC-MAC
TOCTOU	Time-of-check, time-of-use
TOFU	Trust on First Use
TR-02102	Technische Richtlinie 02102 (des BSI)
TR-03116	Technische Richtlinie 03116 (des BSI)
Trivium	stream cipher algorithm
TSK	Transmission Security Key
TSK 	TACK signing key
TSP	trust-Management Service Provider
TSS	Time Stamp Service
TTP	trusted Third Party
Twofish	symmetric key block cipher (128 bit)
UC 	Unified Capabilities
UC	Unified Communications (SSL Certificate using SAN)
UCC	Unified Communications Certificate (rarley used)
UMAC	Message Authentication Code based on universal hashing; aka universal hashing MAC; optimized for 32-bit architectures
URI	Uniform Resource Identifier
URL	Uniform Resource Locator
VMAC	Universal hashing MAC; 64-bit variant of UMAC (by Ted Krovetz and Wei Dai)
VMPC	stream cipher algorithm
VR-224	alias for BADA55-VR-224
VR-256	alias for BADA55-VR-256
VR-384	alias for BADA55-VR-384
WHIRLPOOL	hash function
WPAD	Web Proxy Auto-Discovery
wolfSSL	SSL library mainly intended and used for embedded and real-time systems
X.680	X.680: ASN.1
X.509	X.509: The Directory - Authentication Framework
X25519	alias for Curve25519 ?
X448	alias for Curve448 ?
X680	X.680: ASN.1
X509	X.509: The Directory - Authentication Framework
X3DH	Extended Triple Diffie-Hellman
XCBC	eXtended CBC-MAC
XCBC-MAC	same as XCBC
XChaCha	stream cipher algorithm (with 512-bit key)
XChaCha12	see ChaCha (aka 12-round XChaCha)
XChaCha20	see ChaCha (aka 20-round XChaCha)
XEX	XOR Encrypt XOR
XKMS	XML Key Management Specification
XMACC	counter-based XOR-MAC
XMACR	radomized XOR-MAC
XMLSIG	XML-Signature Syntax and Processing
XMSS	hash function
XSalsa2	variant of Salsa20
XTEA	extended Tiny Encryption Algorithm
XTS	XEX-based tweaked-codebook mode with ciphertext stealing
XUDA	Xcert Universal Database API
XXTEA	enhanced/corrected Tiny Encryption Algorithm
yaSSL	same as CyaSSL
ZLIB	Lossless compression file format
ZRTP	SRTP for VoIP
ZSK	Zone Signing Key (DNSSEC)

