[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z] packet-writing mode padding CBC (Cipher Block Chaining) plaintext, and pages Paget, Chris PAM (Pluggable Authentication Modules) header files for service names, usage of support for parallelizing encryption and decryption CTR API in arbitrary modes strategies parallelizing MACs parent and child processes PRNGs, reseeding in using for privilege separation passwords authentication and key exchange with PAX and SAX initialization server setup authentication with crypt( ) prompting for random generation of symmetric keys, converting to testing for strength PATH environment variable 2nd paths validating PAX (Public key Authenticated eXchange) 2nd client side server side PBKDF2 (Password-Based Key Derivation Function 2) 2nd MCF encoding for multiple key generation using password verification password-based authentication using pc_cipherq_decrypt( ) pc_next_varg( ) pclose( ) PEM (Privacy Enhanced Mail) format BIO object-based functions FILE object-based functions header types OpenSSL-supported encryption algorithms PEM_write_RSAPrivateKey( ) 2nd PEM_writeDSAPrivateKey( ) percent (%) in URL encodings perfect forward secrecy personal certificates PKCS #1 PKCS #5 RSA web page PKI (public key infrastructure) 2nd 3rd CAs (certification authorities) root certificates and fingerprints certificates 2nd certificate hierarchies 2nd certificate revocation lists [See CRLs] certificate signing requests (CSRs) code-signing certificates key pair obtaining personal certificates precedence of fields purposes revocation self-signed certificates SSL peer certificate verification subjects and issuers term of validity using root certificates verifying web site certificates whitelists, verification against X.509 certificates [See X.509 certificates] distinguished names fingerprints checking hostname checking OCSP (Online Certificate Status Protocol) checking revocation status using OpenSSL RAs (registration authorities) root CA certificate revocation X.509 certificates [See X.509 certificates] PKI Laboratory platforms Unix recipes Windows recipes Pluggable Authentication Modules (PAM) PMAC Polk, Tim popen( ) risks of secure version POSIX times( ) function _POSIX_MEMLOCK_RANGE macro PostgreSQL, enabling SSL support PQconnectdb( ) precomputation attacks [See dictionary attacks] preventing buffer overflows preventing cross-site scripting preventing file descriptor overflows when using select( ) preventing format-string attacks preventing integer coercion and wrap-around problems preventing SQL injection attacks PRFs (pseudo-random functions) HMAC-SHA1, implementation with prime numbers, generating randomly printenv command (Unix) printf( ) printf( ) functions family priv_init( ) Privacy Enhanced Mail [See PEM] private CAs privilege separation privileges dropping in setuid programs limiting risks of restricting privman library (Unix) functions initialization PRNG_output( ) PRNGs (pseudo-random number generators) application-level generators, using block ciphers, using as cryptographic generators, usable output cryptographic hash functions, using as cryptographic vs. noncryptographic OpenSSL, API in output with identical seeds proper usage of refereed proof of security bounds reseeding compression of entropy-containing data reasons for seed size reseeding in parent and child processes 2nd stream ciphers compared to stream ciphers, using as ProPolice pseudo-random functions [See PRFs] pseudo-random number generators [See PRNGs] pthread_cond_broadcast( ) pthread_cond_wait( ) ptrace debuggers, detecting public CAs public key cryptography algorithms, selecting BIGNUM [See BIGNUM library] binary representation of public keys and certificates digital signatures DSA (Digital Signature Algorithm) exchange keys forward secrecy, ensuring key exchange key sizes, selecting recommended lengths keys and certificates, representing in plaintext (PEM encoding) manipulating big numbers means to establish trust, lack of OpenSSL, disentangling public and private keys prime numbers, generating or testing Public Key Cryptography Standard #5 RSA [See RSA algorithm] speed third-party validation of public keys 2nd uses for public key infrastructure [See PKI] PulseEvent( ) putenv( ) 2nd environment variables and pw_name pw_uid pwd.h file |