R (Security Glossary)

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

RC2

The CryptoAPI algorithm name for the RC2 algorithm.

See also RC2 block algorithm.

RC2 block algorithm

A data encryption algorithm based on the RC2 64-bit symmetric block cipher. RC2 is specified by PROV_RSA_FULL provider types. CryptoAPI references this algorithm by its identifier (CALG_RC2), name (RC2), and class (ALG_CLASS_DATA_ENCRYPT).

RC4

The CryptoAPI algorithm name for the RC4 algorithm.

See also RC4 stream algorithm.

RC4 stream algorithm

A data encryption algorithm based on the RC4 symmetric stream cipher. RC4 is specified by PROV_RSA_FULL provider types. CryptoAPI references this algorithm by its identifier (CALG_RC4), name (RC4), and class (ALG_CLASS_DATA_ENCRYPT).

RDN

See relative distinguished name.

reader

A standard device within the smart card subsystem. An interface device (IFD) that supports bidirectional input/output to a smart card. It may be associated with an entire system, one or more reader groups, or with a specific terminal. The smart card subsystem allows a reader to be dedicated to the terminal to which it is assigned. However, currently only one terminal exists on a computer.

reader driver

A specific driver that maps driver services to a specific hardware reader device. It must communicate card insertion and removal events to the smart card class driver for forwarding to the smart card resource manager, and it must provide data exchange capabilities to the card by any raw, T=0, T=1, or PTS protocol.

reader group

A logical group of readers. Reader groups can be defined by the system or created by users or administrators. Reader groups are used by smart card functions that can act upon groups of readers. To avoid naming collisions with user-defined groups, Microsoft reserves the use of any name that contains the dollar sign ($).

reader helper driver

Provides common smart card driver support routines and additional T=0 and T=1 protocol support to specific drivers as needed.

reference count

An integer value used to keep track of a COM object. When an object is created, its reference count is set to one. Every time an interface is bound to the object, its reference count is incremented; when the interface connection is destroyed, the reference count is decremented. The object is destroyed when the reference count reaches zero. All interfaces to that object are then not valid.

relative distinguished name

(RDN) An entity included as the subject in a request for a certificate. The elements in an RDN are defined by its attributes and do not need to include a name. With respect to CryptoAPI, an RDN is defined by a CERT_RDN structure, which in turn points to an array of CERT_RDN_ATTR attribute structures. Each attribute structure specifies a single attribute.

relative identifier

(RID) The portion of a security identifier (SID) that identifies a user or group in relation to the authority that issued the SID.

relocated store

A certificate store that has been moved from its default registry location to a different location in the registry.

remote store

A certificate store located on another computer, such as a file server or some other shared remote computer.

reply APDU

An application protocol data unit (APDU) sent in reply to a received APDU.

repudiation

The ability of a user to falsely deny having performed an action while other parties cannot prove otherwise. For example, a user who deleted a file and who can successfully deny having done so.

resource manager

The module of the smart card subsystem that manages access to multiple readers and smart cards. The resource manager identifies and tracks resources, allocates readers and resources across multiple applications, and supports transaction primitives for accessing services available on a given card.

resource manager API

A set of Windows functions that provide direct access to the resource manager's services.

resource manager context

The context used by the resource manager when accessing the smart card database. The resource manager context is primarily used by the query and management functions when accessing the database. The scope of the resource manager context can be the current user or the system.

revocation list

See Certificate Revocation List.

RID

See relative identifier.

root authority

The certification authority (CA) at the top of a CA hierarchy. The root authority certifies CAs in the next level of the hierarchy.

root certificate

A self-signed certification authority (CA) certificate that identifies a CA. It is called a root certificate because it is the certificate for the root CA. The root CA must sign its own CA certificate because by definition there is no higher certifying authority to sign its CA certificate.

RSA

RSA Data Security, Inc., a major developer and publisher of public key cryptography standards (PKCS). The "RSA" in the name stands for the names of the company's three developers and the owners: Rivest, Shamir, and Adleman.

RSA_KEYX

The CryptoAPI algorithm name for the RSA key exchange algorithm. CryptoAPI also references this algorithm by its algorithm identifier (CALG_RSA_KEYX) and class (ALG_CLASS_KEY_EXCHANGE).

RSA_SIGN

The CryptoAPI algorithm name for the RSA signature algorithm. CryptoAPI also references this algorithm by its algorithm identifier (CALG_RSA_SIGN) and class (ALG_CLASS_SIGNATURE).

RSA Public Key algorithm

A key exchange and signature algorithm based on the popular RSA Public Key cipher. This algorithm is used by PROV_RSA_FULL, PROV_RSA_SIG, PROV_MS_EXCHANGE, and PROV_SSL provider types. CryptoAPI references this algorithm by its identifiers (CALG_RSA_KEYX and CALG_RSA_SIGN), names (RSA_KEYX and RSA_SIGN) and class (ALG_CLASS_KEY_EXCHANGE).