Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Addition of Glossary for certain terms #32

Open
Jack64 opened this issue Apr 29, 2017 · 1 comment
Open

Addition of Glossary for certain terms #32

Jack64 opened this issue Apr 29, 2017 · 1 comment
Labels
enhancement

Comments

@Jack64
Copy link

Jack64 commented Apr 29, 2017

Hi all,

I'd like to propose the addition of a glossary for certain terms that may be misinterpreted or need additional explanations to be unambiguously interpreted by readers.
This would also require a review of the complete document to ensure the uses of such words are correct according to their glossary definition.
This is particularly important in some specific cases like crypto, where terms are sometimes misused and there can be confusion as to their meaning and the instances of their use across the document could be linked to the definition in the glossary for fast reference.

Here's an example of what glossary entries could look like:

encoding - function which transforms input into a different representation without the use of a key. These are reversible and do not provide real security because if the algorithm is known, their output can be reversed.

hash - may be a reference to a hashing function or its output.

hashing/hash function - cryptographically-secure function which transforms input into fixed-length output, also known as trapdoor or one-way function. Their output cannot be "reversed", in the sense of retrieving back the input information from the output, because its fixed-length property does not retain the original information, but it can be "guessed" by attempting all possible inputs until we get the same output.

encryption - process by which input data (plaintext) is transformed into encrypted data (ciphertext) via the application of a secret key. The output of an encryption process may be reversed (decrypted) using a key.

KDF (or Key Derivation Function) - In this document, when referring to a KDF, we mean a function which takes a user password as input and derives a key which can be used for storage and authentication or a high entropy key for use with symmetric encryption algorithms. This is not a hash function, but a construction around a hash function to make it more resistant to attacks such as brute-force, rainbow-tables, etc. A simple example to understand what is meant by construction is PBKDF2 which uses salting and iterations to increase the cost of breaking the hash to the attacker.

The crypto section would then be revised to use these terms appropriately.
@PauloASilva
Copy link
Collaborator

PauloASilva commented Apr 30, 2017
edited
Loading

Hi @Jack64,
I think that is a great idea.

We aim to do a release every two weeks:

  1. how long do you think it would take to have the document full reviewed and the first version of the Glossary?
  2. would you be interested to lead this task?

Regards,
Paulo A. Silva

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@PauloASilva @Jack64 @jparnaut