• 40-bit key - key with a length of 40 bits, once the upper limit of what could be exported
  Export of cryptography
  The export of cryptography in the United States is the transfer from the United States to another country of devices and technology related to cryptography....
  
   from the U.S. and other countries without a license. Considered very insecure. See key size
  Key size
  In cryptography, key size or key length is the size measured in bits of the key used in a cryptographic algorithm . An algorithm's key length is distinct from its cryptographic security, which is a logarithmic measure of the fastest known computational attack on the algorithm, also measured in bits...
  
   for a discussion of this and other lengths.

• authentication key - Key used in a keyed-hash message authentication code, or HMAC
  HMAC
  In cryptography, HMAC is a specific construction for calculating a message authentication code involving a cryptographic hash function in combination with a secret key. As with any MAC, it may be used to simultaneously verify both the data integrity and the authenticity of a message...
  
  .

• benign key - (NSA) a key that has been protected by encryption or other means so that it can be distributed without fear of its being stolen. Also called BLACK key.

• content-encryption key (CEK) a key that may be further encrypted using a KEK, where the content may be a message, audio, image, video, executable code, etc.

• cryptovariable - NSA calls the output of a stream cipher
  Stream cipher
  In cryptography, a stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher digit stream . In a stream cipher the plaintext digits are encrypted one at a time, and the transformation of successive digits varies during the encryption...
  
   a key or key stream. It often uses the term cryptovariable for the bits that control the stream cipher, what the public cryptographic community calls a key
  Key (cryptography)
  In cryptography, a key is a piece of information that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would produce no useful result. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa...
  
  .

• derived key - keys computed by applying a predetermined hash algorithm or key derivation function
  Key derivation function
  In cryptography, a key derivation function derives one or more secret keys from a secret value such as a master key or other known information such as a password or passphrase using a pseudo-random function...
  
   to a password
  Password
  A password is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource . The password should be kept secret from those not allowed access....
  
   or, better, a passphrase
  Passphrase
  A passphrase is a sequence of words or other text used to control access to a computer system, program or data. A passphrase is similar to a password in usage, but is generally longer for added security. Passphrases are often used to control both access to, and operation of, cryptographic programs...
  
  .

• electronic key - (NSA) key that is distributed in electronic (as opposed to paper) form. See EKMS
  EKMS
  The Electronic Key Management System system is a United States National Security Agency led program responsible for Communications Security key management, accounting and distribution...
  
  .

• ephemeral key - A key that only exists within the lifetime of a communication session.

• expired key - Key that was issued for a use in a limited time frame (cryptoperiod
  Cryptoperiod
  A cryptoperiod is the time span during which a specific cryptographic key is authorized for use. Common government guidelines range from 1 to 3 years for asymmetric cryptography, and 1 day to 7 days for symmetric cipher traffic keys....
  
   in NSA parlance) which has passed and, hence, the key is no longer valid.

• key encryption key (KEK) - key used to protect other keys (e.g. TEK, TSK).

• key fill - (NSA) loading keys into a cryptographic device. See fill device
  Fill device
  A fill device is an electronic module used to load cryptographic keys into electronic encryption machines. Fill devices are usually hand held and battery operated....
  
  .

• FIREFLY key - (NSA) keys used in an NSA system based on public key cryptography.

• master key - key from which all other keys (or a large group of keys) can be derived. Analogous to a physical key
  Key (lock)
  A key is an instrument that is used to operate a lock. A typical key consists of two parts: the blade, which slides into the keyway of the lock and distinguishes between different keys, and the bow, which is left protruding so that torque can be applied by the user. The blade is usually intended to...
  
   that can open all the doors in a building.

• message encryption key (MEK) - See traffic encryption key.

• one-time pad - keying material that is as long as the plaintext
  Plaintext
  In cryptography, plaintext is information a sender wishes to transmit to a receiver. Cleartext is often used as a synonym. Before the computer era, plaintext most commonly meant message text in the language of the communicating parties....
  
   and only used once. See one-time pad
  One-time pad
  In cryptography, the one-time pad is a type of encryption, which has been proven to be impossible to crack if used correctly. Each bit or character from the plaintext is encrypted by a modular addition with a bit or character from a secret random key of the same length as the plaintext, resulting...
  
   article.

• paper key - (NSA) keys that are distributed in paper form, such as printed lists of settings for rotor machine
  Rotor machine
  In cryptography, a rotor machine is an electro-mechanical device used for encrypting and decrypting secret messages. Rotor machines were the cryptographic state-of-the-art for a prominent period of history; they were in widespread use in the 1920s–1970s...
  
  s, or keys in punched card
  Punched card
  A punched card, punch card, IBM card, or Hollerith card is a piece of stiff paper that contains digital information represented by the presence or absence of holes in predefined positions...
  
   or paper tape formats. Paper key is easily copied. See Walker spy ring, RED key.

• poem key - Keys used by OSS
  Office of Strategic Services
  The Office of Strategic Services was a United States intelligence agency formed during World War II. It was the wartime intelligence agency, and it was a predecessor of the Central Intelligence Agency...
  
   agents in World War II in the form of a poem that was easy to remember. See Leo Marks
  Leo Marks
  Leopold Samuel Marks was an English cryptographer, screenwriter and playwright.-Early life:Born the son of an antiquarian bookseller in London, he was first introduced to cryptography when his father showed him a copy of Edgar Allan Poe's story, "The Gold-Bug"...
  
  .

• Public/private key - in public key cryptography, separate keys are used to encrypt and decrypt a message. The encryption key (public key) need not be kept secret and can be published. The decryption or private key must be kept secret to maintain confidentiality. Public keys are often distributed in a signed public key certificate
  Public key certificate
  In cryptography, a public key certificate is an electronic document which uses a digital signature to bind a public key with an identity — information such as the name of a person or an organization, their address, and so forth...
  
  .

• pre-placed key - (NSA) large numbers of keys (perhaps a year's supply) that are loaded into an encryption device allowing frequent key change without refill.

• RED key - (NSA) symmetric key in a format that can be easily copied, e.g. paper key or unencrypted electronic key. Opposite of BLACK or benign key.

• revoked key - a public key that should no longer be used, typically because its owner is no longer in the role for which it was issued or because it may have been compromised. Such keys are placed on a certificate revocation list
  Certificate revocation list
  In the operation of some cryptosystems, usually public key infrastructures , a certificate revocation list is a list of certificates that have been revoked, and therefore should not be relied upon.-Revocation States:There are two different states of revocation defined in RFC 3280:* Revoked: A...
  
   or CRL.

• session key
  Session key
  A session key is a single-use symmetric key used for encrypting all messages in one communication session. A closely related term is traffic encryption key or TEK, which refers to any key used to encrypt messages, as opposed to other uses, like encrypting other keys .Session keys can introduce...
  
  - key used for one message or an entire communications session. See traffic encryption key.

• symmetric key - a key that is used both to encrypt and decrypt a message. Symmetric keys are typically used with a cipher and must be kept secret to maintain confidentiality.

• traffic encryption key (TEK) - a symmetric key that is used to encrypt messages. TEKs are typically changed frequently, in some systems daily and in others for every message. See session key.

• transmission security key (TSK) - (NSA) seed for a pseudorandom number generator
  Pseudorandom number generator
  A pseudorandom number generator , also known as a deterministic random bit generator , is an algorithm for generating a sequence of numbers that approximates the properties of random numbers...
  
   that is used to control a radio in frequency hopping or direct-sequence spread spectrum
  Direct-sequence spread spectrum
  In telecommunications, direct-sequence spread spectrum is a modulation technique. As with other spread spectrum technologies, the transmitted signal takes up more bandwidth than the information signal that is being modulated. The name 'spread spectrum' comes from the fact that the carrier signals...
  
   modes. See SINCGARS
  SINCGARS
  SINCGARS is a Combat Net Radio currently used by U.S. and allied military forces. The radios, which handle voice and data communications, are designed to be reliable, secure and easily maintained...
  
  , electronic warfare
  Electronic warfare
  Electronic warfare refers to any action involving the use of the electromagnetic spectrum or directed energy to control the spectrum, attack an enemy, or impede enemy assaults via the spectrum. The purpose of electronic warfare is to deny the opponent the advantage of, and ensure friendly...
  
  .

• seed key - (NSA) a key used to initialize a cryptographic device so it can accept operational keys using benign transfer techniques. Also a key used to initialize a pseudorandom number generator
  Pseudorandom number generator
  A pseudorandom number generator , also known as a deterministic random bit generator , is an algorithm for generating a sequence of numbers that approximates the properties of random numbers...
  
   to generate other keys.

• signature key - public key cryptography can also be used to electronically sign messages. The private key is used to create the electronic signature, the public key is used to verify the signature. Separate public/private key pairs must be used for signing and encryption. The former is called signature keys.

• stream key - the output of a stream cipher
  Stream cipher
  In cryptography, a stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher digit stream . In a stream cipher the plaintext digits are encrypted one at a time, and the transformation of successive digits varies during the encryption...
  
   as opposed to the key (or cryptovariable in NSA parlance) that controls the cipher

• training key - (NSA) unclassified
  Classified
  Classified may refer to:*Classified information, sensitive information to which access is restricted by law or regulation to particular classes of people*Classified advertising*Classified , rapper from Halifax, Nova Scotia...
  
   key used for instruction and practice exercises.

• Type 1 key - (NSA) keys used to protect classified information
  Classified information
  Classified information is sensitive information to which access is restricted by law or regulation to particular groups of persons. A formal security clearance is required to handle classified documents or access classified data. The clearance process requires a satisfactory background investigation...
  
  . See Type 1 product.

• Type 2 key - (NSA) keys used to protect sensitive but unclassified (SBU) information. See Type 2 product.

• Vernam key - Type of key invented by Gilbert Vernam
  Gilbert Vernam
  Gilbert Sandford Vernam was an AT&T Bell Labs engineer who, in 1917, invented the stream cipher and later co-invented the one-time pad cipher. Vernam proposed a teleprinter cipher in which a previously-prepared key, kept on paper tape, is combined character by character with the plaintext message...
  
    in 1918. See stream key.

• zeroized key - key that has been erased (see zeroisation
  Zeroisation
  In cryptography, zeroisation is the practice of erasing sensitive parameters from a cryptographic module to prevent their disclosure if the equipment is captured. This is generally accomplished by altering or deleting the contents to prevent recovery of the data...
  
  .)

See also

• Specific encryption systems and ciphers have key types associated with them, e.g. PGP
  Pretty Good Privacy
  Pretty Good Privacy is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication. PGP is often used for signing, encrypting and decrypting texts, E-mails, files, directories and whole disk partitions to increase the security...
  
   key, DES
  Data Encryption Standard
  The Data Encryption Standard is a block cipher that uses shared secret encryption. It was selected by the National Bureau of Standards as an official Federal Information Processing Standard for the United States in 1976 and which has subsequently enjoyed widespread use internationally. It is...
  
   key, AES
  Advanced Encryption Standard
  Advanced Encryption Standard is a specification for the encryption of electronic data. It has been adopted by the U.S. government and is now used worldwide. It supersedes DES...
  
   key, RC4
  RC4
  In cryptography, RC4 is the most widely used software stream cipher and is used in popular protocols such as Secure Sockets Layer and WEP...
  
   key, BATON
  BATON
  BATON is a Type 1 block cipher in use since at least 1995 by the United States government to secure classified information.While the BATON algorithm itself is secret, the public PKCS#11 standard includes some general information about how it is used. It has a 320-bit key and uses a 128-bit block...
  
   key, Kerberos key, etc.
• :Category:Cryptographic algorithms
• :Category:Cryptographic protocols