B (Security Glossary)

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

backup authority

A trusted application running on a secure computer that provides secondary storage for the session keys of its clients. The backup authority stores session keys as key BLOBs that are encrypted with the backup authority's public key.

base content type

A type of data contained in a PKCS #7 message. Base content types only contain data, no cryptographic enhancements such as hashes or signatures. Currently, the only base content type is the Data content type.

base cryptographic functions

The lowest level of functions in the CryptoAPI architecture. They are used by applications and other high-level CryptoAPI functions to provide access to CSP-provided cryptographic algorithms, secure key generation, and secure storage of secrets.

See also cryptographic service providers.

Basic Encoding Rules

(BER) The set of rules used to encode ASN.1 defined data into a stream of bits (zeros or ones) for external storage or transmission. A single ASN.1 object may have several equivalent BER encodes. BER is defined in CCITT Recommendation X.209. This is one of the two encoding methods currently used by CryptoAPI.

BER

See Basic Encoding Rules.

big-endian

A memory or data format in which the most significant byte is stored at the lower address or arrives first.

See also little-endian.

BLOB

A generic sequence of bits that contain one or more fixed-length header structures plus context specific data.

See also key BLOBs, certificate BLOBs, certificate name BLOBs, and attribute BLOBs.

block cipher

A cipher algorithm that encrypts data in discrete units (called blocks), rather than as a continuous stream of bits. The most common block size is 64 bits. For example, DES is a block cipher.

See also stream cipher.

bulk encryption key

A session key derived from a master key. Bulk encryption keys are used in Schannel encryption.