CA ย่อย
A Certificate Authority (CA) that is certified and authorized by a root or higher-level CA to issue digital certificates within a Public Key Infrastructure (PKI).
View termCategories
Cryptography
Browse Cryptography terms for cybersecurity professionals.
Languages
OCSP stapling
A TLS extension that allows servers to send a time-stamped OCSP response for their certificate during handshake, improving performance and privacy in revocation checking.
View termกรอบความเชื่อถือ
A formal structure of policies, roles, rules, and standards that define how trust is established, maintained, and evaluated in a digital ecosystem, particularly in PKI, identity, and federation systems.
View termการกลับมาใช้เซสชัน
A TLS or secure channel mechanism that enables clients and servers to reuse a previously negotiated session state for faster reconnection and reduced handshake overhead.
View termการกู้คืนกุญแจ
A controlled process for restoring lost or inaccessible cryptographic keys, typically from a secure backup or escrow, for continuity and compliance.
View termการจัดการกุญแจ
The set of processes and mechanisms for generating, distributing, storing, using, rotating, archiving, and destroying cryptographic keys within a secure lifecycle, ensuring their confidentiality, integrity, and availability as specified by cryptography and PKI governance standards.
View termการจับคู่โพลิซี
The process in PKI where certificate policies from one CA are mapped to equivalent policies in another, allowing interoperability and trust across different domains.
View termการตรวจสอบสายโซ่
The process of verifying each certificate in a chain from the end entity up to the root CA, ensuring all links are trusted and unbroken in PKI trust models.
View termการตรวจสอบสิทธิ์ทั้งสองฝ่าย
A security process in which both entities in a communication verify each other's identities, typically using digital certificates or cryptographic mechanisms.
View termการต่ออายุใบรับรอง
The process of issuing a new certificate for an entity before the expiration of the current certificate, maintaining continuity of trust without changing the subject's identity or keys.
View termการบันทึกการตรวจสอบ
The process of recording security-related events, operations, or accesses within a cryptographic or PKI environment to provide accountability, traceability, and forensics.
View termการปฏิบัติตามเข้ารหัส
Adherence to laws, regulations, and standards that govern cryptographic practices, algorithm usage, and key management, ensuring security, privacy, and auditability.
View termการประทับเวลา
The process of recording the exact date and time that a digital document or transaction was created or signed, often with cryptographic proof provided by a Time Stamping Authority (TSA).
View termการปักหมุดใบรับรอง
A security technique that restricts which certificates are considered valid for a particular service or domain, by storing a hash of the expected certificate or public key in the client or application.
View termการป้อนรหัส PIN
The act of securely entering a personal identification number (PIN) into a trusted hardware or software interface for authentication or key release.
View termการผูกโทเคน
A security mechanism where cryptographic tokens are cryptographically bound to a TLS connection, ensuring that tokens cannot be replayed or used outside the original session.
View termการฝากกุญแจ
A key management process in which cryptographic keys are held in escrow by a trusted third party, enabling recovery under defined conditions such as legal access.
View termการพันกุญแจ
The process of encrypting one cryptographic key with another key to securely transport or store keys, typically used for key distribution or archival.
View termการยึดโซ่
The process of ensuring that a certificate chain terminates at a trusted root certificate authority (trust anchor), as required in secure PKI implementations.
View termการยืนยันกุญแจ
A cryptographic process where parties confirm to each other that they possess the same secret key, usually as a final step in key agreement protocols.
View termการรับรองที่ลงนามแล้ว
A digital statement or claim, such as an authentication response or attribute, that is cryptographically signed to ensure authenticity and integrity.
View termการสกัดกุญแจ
The process of obtaining a cryptographic key from a hardware or software source, typically for backup, migration, or forensic analysis, requiring strict security controls.
View termการสร้างกุญแจต่อเนื่อง
A cryptographic process for generating one or more secret keys from a shared secret or password using a deterministic function, as specified in NIST SP 800-108/132.
View termการสร้างน็อนซ์
The process of generating a unique, unpredictable, and usually random number (nonce) used once per cryptographic protocol operation to prevent replay attacks and ensure freshness.
View termการสร้างโซ่
The process of assembling a complete, ordered set of certificates from an end-entity certificate up to a trusted root, verifying each link in the trust chain.
View termการหมุนกุญแจ
The scheduled process of replacing cryptographic keys with new keys to limit the period a compromised key can be misused and to enhance long-term security in cryptographic systems.
View termการเข้ารหัสแบบไฮบริด
A cryptographic approach that combines asymmetric and symmetric encryption to leverage the advantages of both for secure key exchange and efficient data encryption.
View termการแจกจ่าย CRL
The mechanism and locations for making Certificate Revocation Lists (CRLs) available to PKI participants to check the revocation status of certificates.
View termการโจมตีวิเคราะห์รหัส
A method of attacking cryptographic systems by analyzing the algorithms and ciphertexts to extract secret keys or plaintext without direct key compromise.
View termการใช้งานกุญแจ
A certificate extension that defines the allowed cryptographic operations for the associated key, such as digital signature or key encipherment.
View termกุญแจผู้ออกใบรับรอง
The private key held by a Certificate Authority (CA) or issuer used to sign digital certificates and assert trust in a PKI environment.
View termกุญแจสมมาตร
A cryptographic key used in symmetric encryption where the same key is used for both encryption and decryption operations.
View termกุญแจสาธารณะ
The openly distributed cryptographic key in an asymmetric key pair, used to verify digital signatures or encrypt data for the corresponding private key holder.
View termกุญแจส่วนตัว
A confidential cryptographic key in an asymmetric key pair, used to sign or decrypt data, and must be kept secret to maintain security.
View termกุญแจหัวข้อ
The cryptographic public key associated with the subject of a digital certificate, used to verify signatures or encrypt messages to the certificate holder.
View termกุญแจเซสชัน
A temporary symmetric key used for a single communication session, providing confidentiality and integrity for exchanged data and discarded after the session ends.
View termข้อตกลงกุญแจ
A cryptographic protocol that enables two or more parties to establish a shared secret key over an insecure channel, commonly using protocols like Diffie-Hellman or ECDH.
View termคลังความเชื่อถือ
A repository of trusted root and intermediate certificates used by applications and systems to verify the authenticity of digital certificates.
View termคลังราก
A trusted repository of root CA certificates used by operating systems and applications to validate the trustworthiness of digital certificates in PKI.
View termความต้านทานควอนตัม
The property of cryptographic algorithms to withstand attacks by quantum computers, typically achieved by using post-quantum cryptography schemes.
View termความลับส่งต่อ
A cryptographic property ensuring that the compromise of long-term keys does not compromise past session keys, providing strong protection for historic data in protocols like TLS.
View termคอนเทนเนอร์กุญแจ
A logical or physical storage area used to hold cryptographic keys, often protected by access controls and used in software keystores or hardware security modules.
View termคำขอรับโทเคน
A formal operation in which a client requests an authentication or authorization token from an identity provider or security token service in PKI or OAuth2 contexts.
View termคีย์ชั่วคราว
A cryptographic key generated for temporary use in a single session or operation, after which it is discarded and not reused, ensuring forward secrecy in protocols like TLS and ECDH.
View termคีย์ที่แบ่งปันล่วงหน้า
A symmetric key distributed to and shared by parties before communication begins, commonly used in VPNs, Wi-Fi WPA2-PSK, and certain secure channel protocols.
View termคู่กุญแจ
A set of two mathematically linked cryptographic keys, typically consisting of a public key for encryption/verification and a private key for decryption/signing.
View termค่า salt
A random value added to data, typically passwords, before hashing to ensure that identical inputs produce different hash outputs, preventing precomputed attack vectors such as rainbow tables.
View termค่ารหัส nonce
A randomly or pseudo-randomly generated number used only once in a cryptographic communication to prevent replay attacks and ensure uniqueness.
View termชื่อหัวข้อ
The distinguished name (DN) in a digital certificate that uniquely identifies the certificate holder or entity, as specified in X.509 standards.
View termชุดรหัสลับ
A named set of cryptographic algorithms used to negotiate security settings in network protocols like TLS, including key exchange, bulk encryption, and message authentication algorithms.
View termช่องทางปลอดภัย
A communication path protected by cryptographic means, ensuring confidentiality, integrity, and authentication of data in transit.
View termซองดิจิทัล
A mechanism in cryptography where a message is encrypted with a symmetric key and the symmetric key is then encrypted with a recipient’s public key, ensuring confidentiality and key transport.
View termตัวตอบสนองออนไลน์
A network service that provides real-time certificate status information, typically using the Online Certificate Status Protocol (OCSP) to validate if a certificate is revoked or still valid.
View termตัวระบุผู้ออกใบรับรอง
A unique value or distinguished name that identifies the Certificate Authority (CA) or entity that issues a digital certificate within a PKI, per X.509 and RFC 5280 standards.
View termตั๋วเซสชัน
A data structure issued by a server to a client in TLS to enable stateless session resumption by encapsulating keying material and session state, reducing handshake overhead.
View termนำเข้าคีย์
The process of securely bringing a cryptographic key into a software or hardware cryptographic module, typically in compliance with strict key handling and integrity procedures.
View termนโยบายการออก
A formal document or set of rules that defines the procedures and requirements for issuing digital certificates within a PKI.
View termนโยบายลายเซ็น
A set of technical and procedural requirements governing the creation, validation, and management of digital signatures within a PKI or eIDAS framework.
View termนโยบายใบรับรอง
A set of rules and practices that indicates the applicability of a certificate to a particular community or class of applications with common security requirements.
View termบริการลงทะเบียน
A trusted PKI component that manages requests for digital certificates, validates identity, and issues or renews certificates for users and devices.
View termบริการโทเคไนเซชัน
A security process or managed solution that replaces sensitive data elements with non-sensitive equivalents (tokens), often used to protect payment, personal, or healthcare information.
View termรหัสบล็อก
A symmetric key encryption algorithm that encrypts data in fixed-size blocks, such as AES and 3DES.
View termระยะเวลาที่ใช้ได้
The designated timeframe during which a cryptographic certificate or key is considered valid and trusted for use, after which it is expired or invalidated.
View termรูปแบบลายเซ็น
A cryptographic algorithm for creating and verifying digital signatures, specifying mathematical processes and key structures, e.g., RSA-PSS, ECDSA.
View termสถานะการเพิกถอน
The current validity state of a digital certificate as determined by a recognized Certificate Authority (CA), typically indicating whether a certificate is active, revoked, or suspended per OCSP, CRL, or similar mechanisms.
View termสถานะออนไลน์
In cryptography/PKI, refers to the real-time validity of a digital certificate or credential as determined by protocols such as OCSP.
View termสถานะเพิกถอน
The current validity state of a digital certificate, indicating whether it has been revoked by the issuing certificate authority (CA) and is no longer trusted.
View termสมอความเชื่อถือ
A trusted entity (typically a root certificate authority) whose public key is used as the ultimate basis for validating the digital signatures and certificates in a PKI.
View termสารย่อข้อความ
A fixed-length, unique output value generated by applying a cryptographic hash function to a message, used for verifying data integrity.
View termสำรองกุญแจ
The secure process of creating a protected copy of a cryptographic key, enabling recovery if the original is lost or damaged, following strict policies and controls.
View termหน่วยงานตรวจสอบความถูกต้อง
A trusted service or entity that provides real-time or historical status information about digital certificates, typically via OCSP or CRL protocols.
View termหน่วยงานนโยบาย
An entity within a PKI or trust framework responsible for defining, governing, and maintaining security and operational policies for certificate authorities and relying parties.
View termหน่วยงานราก
The top-level Certificate Authority (CA) in a PKI hierarchy whose root certificate is self-signed and serves as the ultimate trust anchor for all certificates issued in the infrastructure.
View termอัลกอริทึม MAC
A cryptographic function that produces a short piece of information used to authenticate a message and provide integrity, such as HMAC or CMAC.
View termอัลกอริทึมลายเซ็น
A cryptographic algorithm used to generate and verify digital signatures, ensuring data authenticity and integrity, such as RSA, ECDSA, or EdDSA.
View termอายุการใช้งานกุญแจ
The maximum period that a cryptographic key is allowed to be active and used for cryptographic operations before mandatory expiration or replacement.
View termอุปกรณ์ HSM
A dedicated hardware device designed to securely generate, manage, and store cryptographic keys, and perform cryptographic operations in compliance with security standards (e.g., FIPS 140-3).
View termเช็คซัมกุญแจ
A value derived from a cryptographic key using a checksum or hash algorithm, used to verify the integrity or correctness of the key material.
View termเปลี่ยนใบรับรอง
The managed transition from an expiring or old certificate to a new certificate in a way that minimizes service interruption and maintains trust.
View termเส้นทางใบรับรอง
An ordered sequence of certificates from the end-entity certificate to a trusted root certificate, used to establish trust in PKI validation processes.
View termเส้นโค้งวงรี
A type of algebraic curve used in public-key cryptography, providing strong security with smaller key sizes; the basis of Elliptic Curve Cryptography (ECC) standards.
View termแพดดิ้งลายเซ็น
A method of formatting a message or hash before digital signature creation, used to prevent certain attacks and ensure compatibility with cryptographic algorithms such as RSA-PSS or PKCS#1 v1.5.
View termแพลตฟอร์มที่เชื่อถือได้
A computing environment equipped with hardware and software components (e.g., TPM, secure boot) designed to ensure integrity, confidentiality, and authenticity of cryptographic operations and data.
View termแม่แบบใบรับรอง
A predefined configuration for certificate attributes and extensions, used by CAs to automate and standardize certificate issuance in enterprise PKI environments.
View termแฮชชนกัน
An event where two different inputs produce the same output hash value from a cryptographic hash function, undermining data integrity.
View termโครงสร้างพื้นฐาน PKI
A system of hardware, software, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates in a public key environment.
View termโซ่ใบรับรอง
An ordered sequence of certificates, from an end-entity certificate up to the root authority, each certifying the next in the path, establishing a trust relationship.
View termโทเค็นฮาร์ดแวร์
A physical device, such as a USB or smart card, used to store cryptographic keys and perform authentication or signing operations, enhancing security by isolating credentials from general-purpose devices.
View termโปรเซสเซอร์เข้ารหัส
A hardware device or chip specifically designed to perform cryptographic operations such as encryption, decryption, signing, and key management, often used to enhance security and performance.
View termโอราเคิลสุ่ม
A theoretical black box model that responds to every unique query with a truly random response, used as an idealized component in proofs of cryptographic security.
View termใบรับรอง CA
A digital certificate issued to a Certificate Authority, used to sign and validate other digital certificates within a PKI hierarchy.
View termใบรับรองที่ลงนามด้วยตนเอง
A digital certificate that is signed by the same entity whose identity it certifies, rather than by a trusted Certificate Authority (CA).
View termใบรับรองรูท
A self-signed digital certificate that identifies a trusted Certificate Authority (CA) at the apex of a certification chain, serving as a trust anchor for all subordinate certificates.
View termใบรับรองอุปกรณ์
A digital certificate issued to a device (such as a server, router, or IoT component) to authenticate its identity within a secure network or PKI.
View termใบรับรองแอตทริบิวต์
A digital certificate that binds attribute information (such as roles or permissions) to a subject, separate from the identity certificate, for use in access control.
View termไซเฟอร์ฟีดแบ็ก
A block cipher mode of operation (CFB) that turns a block cipher into a self-synchronizing stream cipher, providing confidentiality by encrypting feedback blocks.
View term