This glossary defines terms often used on infosec-handbook.eu.
Two-factor authentication requires individuals or systems to prove their identity by providing two different factors: something they have, something they know, and/or something they are. For example, you must provide your credit card (sth. you have) and PIN (sth. you know) when you withdraw money.
Advanced persistent threat
APT basically means that an attacker infiltrates a system over a long period. He adapts his actions to his victims to pass undetected and gain a permanent foothold. Therefore, APTs are very customized attacks.
Authenticated Encryption with Associated Data (AEAD) includes Authenticated Encryption (AE). AE combines encryption and MAC to accomplish confidentiality, integrity and authenticity. AEAD allows its users to transfer additional unencrypted but authenticated data. This accomplishes the security goals integrity and authenticity. For example, modern TLS cipher suites implement AEAD.
AES (Advanced Encryption Standard) is a widespread symmetric encryption algorithm.
Application-Layer Protocol Negotiation (ALPN) is a TLS extension. It is needed by HTTP/2 to improve the compression of web pages and to reduce latency. ALPN replaced Next Protocol Negotiation (NPN).
Argon2 is a key derivation function. It uses a password and additional parameters to derive a stronger cryptographic key. This process is called key stretching and makes brute-force attacks less feasible. Argon2 can be used to store passwords securely in a database. Another widespread KDF is PBKDF2.
Attack trees are diagrams to show how something (root of the tree) can be attacked. The root of the tree is the ultimate goal of the attacker. Leaves and their children show different attack paths. All child nodes of a certain node must be satisfied to make the parent node true. This allows exclusion of nodes when there are protection measures in place.
Auditing means basically to compare the desired condition of something with its actual state. For instance, there are code audits to find bugs and vulnerabilities. Companies, their subsidiaries or single data centers can also be audited, for instance, to get a ISO/IEC 27001 certification.
Authentication means that a system/individual confirms the identity of a system/individual. Normally this is done by providing some kind of proof (something you have, something you know, and/or something you are) and the verifier knows that an identity is linked to this proof. For example, you must provide your credit card (sth. you have) and PIN (sth. you know) when you withdraw money. This is called two-factor authentication.
Authenticity (also called “trustworthiness”) is a security goal of RMIAS. It means that a system can verify the identity of a third party and establish trust in a third party and in information it provides. An attack on this security goal is the replay attack.
Availability is a security goal of RMIAS and the CIA triad. It means that a system is available when expected. This also means that a system (e.g. mail server) can be down for maintenance when previously announced. For instance, attackers can conduct a DDoS attack to affect the availability of a system/service.
There is no clear definition of awareness in the context of Information Security Awareness. It basically means to raise awareness of threats to information security and to change behavior of people. Raising awareness remains an important part in information security due to the fact that social engineering attacks target humans who can unwittingly disable security measures or leak information.
A backdoor in software or hardware allows an unauthorized party to bypass access control. For instance, an undocumented developer account in a router allows developers of this product to bypass the login form. Obviously, third parties can also use backdoors to access software/hardware.
Biometrics refers to metrics related to human characteristics and is used for authentication (sth. you are). However, biometrics as a single factor for authentication is still considered insecure.
Blacklisting means that one allows all actions by default and explicitly denies certain actions. For instance, a custom e-mail spam filter contains only explicitly defined rules to block certain e-mails. The opposite is whitelisting.
Block ciphers are algorithms to transform fixed-length blocks (groups of bits) using symmetric keys. There are different modes of operation. Some modes are considered insecure (like ECB). It is recommended to use only modes that combine confidentiality and authenticity (authenticated encryption).
After being taken over (e.g. due to malware infection) a system (bot) can become part of a large remotely controlled network of bots (botnet). Attackers can use these networks for DDoS attacks or phishing.
An attacker who “simply” tries every possible key to access a service or decrypt a file uses “brute force”. This is called brute-force attack. Brute-force attacks become more feasible due to more efficient computers. This requires the implementation of better algorithms to slow down the process of guessing.
A buffer overflow occurs when data is written to a buffer which is to small. The data overruns the boundary of the buffer and overwrites adjacent memory areas then. This is a very common type of attack and there are several protective countermeasures available.
CAA means “DNS Certification Authority Authorization”. Domain name holders can define which certificate authorities should be able to issue certificates for this domain. The idea is to prevent unauthorized certificate issuance. However, certificate authorities must support CAA and there were some reports showing that certificate authorities ignored this policy. As of April 2018, only 3.1% of the 150,000 most popular websites implemented CAA (according to Qualys).
A digital certificate is issued and signed by a trustworthy certificate authority (CA) and contains information like public key of the owner, its fingerprint and validity period of the certificate. This allows the verifier to check whether the public key is valid and also trustworthy (integrity and authenticity). One problem with certificates is to check their revocation status (see CRL and OCSP).
Certificate Transparency (CT) is a more complex system which basically logs information about all certificates issued by trustworthy certificate authorities. This allows clients and other parties to validate certificates provided by servers.
The basic principle of this authentication method is simple: The verifier sends a challenge to the prover. Then, the prover sends his response to the verifier. Finally, the verifier checks whether the response matches the expected one. However, the actual implementation is more complicated: Both parties normally share a secret and an attacker can capture exchanged messages between both parties. This requires protection against replay attacks and brute-force attacks. It is common practice to send a nonce (which is only valid for a short time) to the prover who includes it in his response.
The CIA triad is a core concept of information security. Its elements are confidentiality, integrity and availability. However, this view is very limited to information which is why there are newer concepts like RMIAS.
Cipher suites (as used in TLS) are sets of algorithms used for key exchange, authentication, encryption and MAC. Client and server can support different cipher suites but they must have at least one cipher suite in common to establish connections.
Typically, clickbait is a short text or a headline that is designed to make readers curious, so they want to access linked content. While it is primarily a marketing technique, it can be seen as social engineering in the broadest sense.
Clickjacking tricks the user into clicking on concealed links. A clickjacked website looks normal, however, there is an invisible layer over the normal website. Users who think that they click the buttons of the normal website actually interact with the invisible layer. Known exploits are downloading and running malware, sharing links on social media or enabling the victim’s webcam and/or microphone.
HTTP/HTTPS is stateless. This means that web browsers need other ways to store data when necessary. Cookies are small files stored client-side which serve this purpose. However, cookies are sometimes used for user tracking. Therefore, it is recommended to deny cookies by default (whitelisting) and delete all cookies when you close your web browser.
Certificate Revocation Lists (CRL) are simple lists that contain revoked certificates. However, there are different problems with CRLs. Due to this, some web browsers implement OCSP while Chrome uses its own mechanism.
unsafe-inline directives at all.
Cross-site request forgery (CSRF or XSRF) is used to send unauthorized commands to a website that trusts the user’s web browser. The opposite is XSS.
Curve25519 is an elliptic curve that offers 128 bits of security. Its reference implementation is public domain, and it is widely supported. Curve25519 is a SafeCurve (see https://safecurves.cr.yp.to/ for further information).
Common Vulnerabilities and Exposures is a system that provides unique identifiers for security vulnerabilities. Identifiers look like “CVE-YEAR-NUMBER”.
The Common Vulnerability Scoring System is an open standard for assessing the severity of vulnerabilities. CVSS provides a score (0 to 10, 10 means most severe) based on a formula that evaluates several metrics to approximate ease and impact of exploits.
Data protection is basically protection of personal data so that it is only lawfully processed by the processor and third parties aren’t able to access this data. However, there is more data in companies which must be protected (see information security).
The goal of DDoS (Distributed Denial of Service) attacks is to affect the availability of a service or system, e.g. making a web server unreachable for web browsers.
Breaking into a web server to modify (add, change, delete) content of the hosted website is called website defacement. Normally, it’s easy to spot defacement since defacers want to arouse attention.
Diceware is a technique to generate passphrases using dice as a hardware random number generator. A group of five digits represents a word on a word list. Sufficiently long Diceware passphrases aren’t vulnerable to dictionary attacks because there is the same probability for every word on the list to be chosen and words are picked randomly (actually, you randomly generate numbers and replace these numbers with words to be easily readable).
An attacker who uses a word list (like a dictionary) and tries every string on this list to access a service or decrypt a file conducts this type of attack. A suitable hash function and salt can defeat this attack as long as the attacker doesn’t have an appropriate word list and sufficient computing power.
Digital signatures base on public-key cryptography and are used to provide non-repudiation, authenticity and integrity. To digitally sign data, a user uses a private key while the corresponding public key is used by third parties to validate the signature. It’s important to verify the owner of the public key.
The demilitarized zone is a physical or logical subnetwork that contains external-facing services of a network. External hosts on the internet can only connect to servers/services in the DMZ, however, they can’t connect to hosts of the private network outside of the DMZ since the private part is protected by a firewall.
DNSSEC stands for “Domain Name System Security Extensions”. Its main purpose is authentication by signing DNS data, so DNS resolvers can check if DNS records remained unchanged. This enables integrity checks. DNSSEC responses are only signed. It does not provide confidentiality of data.
A protocol which allows different levels of security can be vulnerable to downgrade attacks. This means that an attacker tries to downgrade the security level to the lowest one, so it is easier for him to attack. A well-known example is POODLE.
Publicly releasing private data about an individual or organization is called doxing. Prior to publication, the person conducting doxing uses public databases, social media and/or social engineering to acquire information.
Elliptic-curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. ECC requires smaller keys compared to non-EC cryptography (like used by RSA) to provide equivalent security.
Elliptic Curve Digital Signature Algorithm is a variant of the Digital Signature Algorithm (DSA). It is used to digitally sign data using elliptic-curve cryptography.
Ed25519 is an EdDSA signature scheme using SHA-512 and Curve25519. It offers roughly the same security as NIST curve P-256, RSA with 3000 bit keys, or 128 bit block ciphers. Ed25519 signatures fit into 64 bytes, and public keys consume only 32 bytes.
The strength of keys is given in bits entropy. One bit represents two possible outcomes (0 or 1). A key with 100 bit entropy is equal to 2100 possibilities to create this key. Every additional bit duplicates the amount of possibilities.
Federation basically means that users of a network can communicate with users of another network without being part of the other network. For instance, Facebook isn’t federated because all users have to be on Facebook to communicate with each other. By contrast, e-mail is federated because a Gmail user can send an e-mail to a mailbox.org user.
Hardware or software that limits access between two networks and/or systems and follows a security policy. Firewalls can be network-based or host-based. There are different types of firewalls like packet filters, stateful filters and application layer firewalls. Another specific type of firewall is a web application firewall.
The FIDO2 Project is an effort to create a new FIDO authentication standard that incorporates the upcoming W3C WebAuthn API and the Client-to-Authenticator Protocol (CTAP) developed by the FIDO Alliance.
A fingerprint is a checksum. You can use hash functions to create fingerprints. One advantage is that you only need to check whether the (shorter) fingerprint matches. For example, you calculate the hash sum of a PDF file and send the fingerprint and file to a friend. She only needs to calculate the hash sum and check if it matches yours. Fingerprints are often used in cryptography (e.g. in certificates or to verify public keys in general).
Besides, the term fingerprint is used in conjunction with machine, device or web browser (e.g. device fingerprint). Such fingerprints consist of (unique) information about devices and can be used to identify individual devices or even users.
GnuPG (GNU Privacy Guard) provides cryptographic functions to encrypt, decrypt and sign e-mail content, files etc. Metadata (like e-mail addresses or subject) remains unencrypted.
Hardening is a generic term for the process of securing systems against attacks. This includes deactivating unused interfaces like USB ports and appropriate rights management.
A hash functions maps input (e.g. files or data) of arbitrary size to output of fixed size (e.g. 128 bit string). In cryptography, hash functions must be infeasible to invert (one-way function) and have several additional properties. Hash functions can be used to check integrity of data.
HMAC means “keyed-hash message authentication code”. HMAC combines MAC, a secret key and a cryptographic hash function. It can be used to check authenticity and integrity of data. Unlike MACs, HMACs aren’t prone to length extension attacks.
The HTTP Strict Transport Security header tells clients to always use HTTPS connections for this domain name. HSTS becomes only effective when sent over HTTPS. HSTS can be misused for user tracking, however, since HTTPS-only became best practice for most websites, server admins should set this header.
Industrial control systems
ICS are control systems used for industrial process control. They contain Supervisory Control and Data Acquisition (SCADA) systems or distributed control systems (DCS) and programmable logic controllers (PLCs). ICS differ from “traditional” information technology and most technical security practices can’t be simply deployed in ICS environments. Therefore, ICS are considered operational technology.
IDN homograph attack
Homoglyphs are characters with shapes that appear identical or very similar. Attackers make use of homoglyphs to create internationalized domain names (IDN) which look similar to well-known domain names. For example,
infosес-handbook.eu looks similar to
infosec-handbook.eu. However, the first domain name contains Cyrillic е and с. This enables attackers to impersonate individuals and domain names.
In terms of information security, an impersonator is somebody who pretends to be another person (identity theft) to commit fraud or other illegal activies. It is basically another social engineering technique.
According to Wikipedia, “[i]nformation security, sometimes shortened to InfoSec, is the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information. It is a general term that can be used regardless of the form the data may take (e.g., electronic, physical).”
On the contrary, IT security is focused on the protection of computer systems (hardware, software, information). Therefore, IT security is a subset of information security.
Intrusion detection system
An IDS monitors networks (network IDS, NIDS) or hosts (host-based IDS, HIDS) for malicious activity or policy violations. Mostly, detected events are reported to a centralized security monitoring solution.
IDS that have the capability to respond to malicious activity or policy violations are referred to as intrusion prevention systems (IPS).
Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts the packets of data sent over an internet protocol network. It is used in virtual private networks. IPsec can be operated in transport mode (only the payload of the IP packet is encrypted and authenticated) or in tunnel mode (the entire IP packet is encrypted and authenticated).
Contrary to TLS, IPsec operates on the Internet Layer.
Kerckhoffs’s principle is derived from six design principles for military ciphers written by Dutch linguist and cryptographer Auguste Kerckhoffs. It says that “A cryptosystem should be secure even if everything about the system, except the key, is public knowledge.”
A message authentication code (MAC) is a short value used to check authenticity and integrity of data. It protects against message forgery by anyone who doesn’t know the secret key. Since this key is shared among sender and receiver of a message, MACs don’t provide non-repudiation.
Malware (malicious software) is a generic term for software containing unwanted or malicious functions. Malware includes ransomware, Trojan horses, computer viruses, worms, spyware, scareware, adware etc. Nowadays, malware can’t be clearly categorized because sophisticated malware often combines properties of different categories. For instance, WannaCry propagated like a worm but encrypted files and demanded ransom (ransomware).
While Alice communicates with Bob via the internet, Eve (Eavesdropper) joins the conversation “in the middle” and becomes “man-in-the-middle”. Eve can modify, insert, replay or read messages at will. Protective measures are encryption (confidentiality) and checking authenticity and integrity of all messages. However, one must also ensure that one is actually communicating with the expected party. For instance, when you use GnuPG (or public-key cryptography in general) you have to verify that you own the real public key of the respective recipient.
Metadata is data that provides information about other data. For instance, a JPG file contains the actual picture (data) but also metadata like creation date, type of camera etc. Metadata can also be valuable for attackers.
Nitrokey is an open source USB key produced by the Nitrokey UG in Germany. It implements OpenPGP card algorithms. One can generate and store GnuPG key pairs on it. Some models also support generating OATH-TOTP codes, contain secure password storage, secure data storage and other cryptographic functions.
In cryptography, a nonce is an random number that is only used once. Nonces are used to prevent replay attacks.
The Online Certificate Status Protocol can be used to obtain the revocation status of digital certificates. It’s an alternative to CRL. Pure OCSP exposes the client’s IP address to the OCSP responder while OCSP stapling enables the server to store pre-authenticated OCSP information to avoid this. OCSP Must-Staple is a certificate extension which enables the client to learn about the presence of OCSP information during the TLS handshake. Most web browsers support OCSP, however, Chrome uses its own mechanism to obtain revocation information.
Operational technology includes hardware and software that is used to monitor or modify the physical state of a system. The term OT is used to demonstrate differences between information technology (IT) and ICS environments.
OTR stands for “Off-the-Record Messaging”, allows end-to-end encrypted communication and offers perfect forward secrecy. However, it is only suitable for single-client use and synchronous messaging. This means that both parties must be online at the same time to be able to communicate.
A password is basically a string of characters used for authentication. A strong password consists of randomly-chosen characters which all have identical probability of occurrence.
PBKDF (Password-Based Key Derivation Function) creates cryptographic keys based on a password, HMAC, iterations and salt. For instance, WPA2 (Wi-Fi Protected Access 2) uses PBKDF2. The aim is to reduce the vulnerability of keys to brute-force attacks. According to RFC 8018 section 4.2., “an iteration count of 10,000,000 may be appropriate”.
Penetration tests are documented checks and scans on applications, systems or websites to identify vulnerabilities. Penetration tests are either black box (pen tester has no inside knowledge), gray box (limited knowledge) or white box (pen tester has inside knowledge) tests. Typically, pen test reports include found vulnerabilities, guidance and severity of each vulnerability.
Perfect forward secrecy
PFS combines a system of long-term keys and session keys to protect encrypted communications against key compromise in the future. An attacker who is able to record every encrypted message (man-in-the-middle) won’t be able to decrypt these messages when keys are compromised in future. Modern encryption protocols like TLS 1.3 and Signal Protocol offer PFS.
According to Article 4 of the European General Data Protection Regulation (GDPR), “‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
For instance, company names, addresses of authorities or secret manufacturing data isn’t personal data. However, it can also be necessary to protect this non-personal data (see information security).
A similar but non-synonymous term is personally identifiable information (PII) in the US. According to NIST Special Publication 800-122, PII is “any information about an individual maintained by an agency, including (1) any information that can be used to distinguish or trace an individual‘s identity, such as name, social security number, date and place of birth, mother‘s maiden name, or biometric records; and (2) any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information.”
Phishing is a social engineering technique. Attackers send forged SMS, e-mails, chat messages etc. to their victims to get their personal data. After that, attackers can try to impersonate their victims or do sth. criminal. Spear phishing is a more sophisticated phishing technique.
Plausible deniability can be another security goal. It is accomplished if you can’t prove that a particular message was sent by a certain person/system. Then, this person/system can plausibly deny to be the sender of the message.
Sometimes, data protection is also called “data privacy”.
Public-key cryptography (or asymmetric cryptography) is the opposite of symmetric cryptography. Every party has two keys (public and private). The private one must be kept secret and is used for decryption while the public one has to be published and is used for encryption. All other parties must verify that a published public key belongs to the anticipated owner to avoid man-in-the-middle attacks.
The are different approaches to public-key cryptography, for example, some cryptosystems are based on the algebraic structure of elliptic curves over finite fields while others are based on the difficulty of the factorization of the product of two large prime numbers.
Public-key cryptography can also be used for digital signatures.
Ransomware is a type of malware. There are different subtypes of ransomware but the basic idea is to press victims for money by threaten them with doing sth. harmful (e.g. publishing confidential data or attackers encrypt important data using public-key cryptography and threaten to delete the corresponding private key after x hours, rendering the encrypted data useless). An important countermeasure is to backup all of your data on a regular basis.
The referrer is part of a HTTP request. Clients send the referrer header to the server. There are different use cases for this. However, it can be used for tracking of users. Most web browsers allow you to disable referrer headers.
Replay attacks are attacks on authenticity. An attacker records messages and sends recorded messages again (replay). The recipient can’t be sure whether the second message (sent by the attacker) was actually sent by the sender of the first (identical) message or someone else. Using current timestamps, nonces and end-to-end encryption are important countermeasures.
The level of impact on operations, assets or individuals based on the impact of a threat and the likelihood of that threat occurring.
Risk assessment or risk analysis is the process of identifying risks to operations, assets or individuals by determining the probability of occurrence, the resulting impact and controls that would mitigate this impact.
Risk management is the process of the identification, measurement, control and minimization of risks. It includes assessing risks, taking actions to reduce risks to an acceptable level and maintaining at an acceptable level.
RMIAS (A Reference Model of Information Assurance & Security) is a reference model introduced in 2013 which consists of four dimensions: Security Life Cycle, Information Taxonomy, Security Goals and Security Countermeasures. The goal of this model is to overcome restrictions of prior models like the CIA triad and meet the needs of new trends. Besides “traditional” security goals of the CIA triad this model also contains authenticity/trustworthiness, privacy, accountability, auditability and non-repudiation. These security goals are viewed in the context of components of an information system which are information, people, processes, hardware, software and networks.
RSA (Rivest–Shamir–Adleman) is a well-known public-key cryptosystem based on the practical difficulty of the factorization of the product of two large prime numbers. For instance, RSA is used as part of GnuPG for e-mail encryption and signing.
In cryptography, salt is random data. Commonly, salt is appended to a key and then processed with a hash function. Finally, the output and salt are stored in a database. A long salt which is randomly generated for each key protects against dictionary attacks.
Sandboxing is software-based isolation of applications to mitigate system failures or vulnerabilities.
The Signal Protocol (formerly TextSecure Protocol/Axolotl Protocol) is a modern cryptographic protocol allowing end-to-end encrypted communication. Contrary to OTR, asynchronous and multi-client communication is possible. Perfect forward secrecy is also supported.
Social engineering is a generic term for psychological manipulation of humans into performing actions. Social engineering isn’t dependent on technology and quite common in everyday life. For example, children cry to manipulate their parents or commercials manipulate viewers. In information security, phishing is a widespread social engineering technique.
Spear phishing is more sophisticated than phishing. Attackers customize their forged messages and send them to a smaller amount of potential victims. This requires more research, however, the success rate of spear phishing attacks is higher than the success rate of phishing attacks.
Stream ciphers are symmetric algorithms to combine plaintext with a pseudorandom keystream. Each digit is encrypted/decrypted one at a time with the corresponding keystream digit. It’s extremely important to use different keys each time.
SRI can be used to ensure integrity of third-party content embedded on a website. Websites which don’t embed any third-party content don’t need SRI. The basic idea is that one hash per external resource is provided. If the external resource is changed (which can put visitors of this website at risk), the hashes provided by the server and calculated by the client don’t match anymore and the resource is discarded.
Symmetric cryptography is the opposite of public-key cryptography. Two parties who want to communicate need exactly the same private key. Both of them use this key for encryption and decryption. Symmetric encryption is faster than public-key encryption, however, you have to securely exchange keys. AES is a well-known representative of symmetric cryptography.
TLS (Transport Layer Security) allows secure data transfer via the internet. Nowadays, operators of servers should only allow TLS 1.2 and cipher suites supporting perfect forward secrecy as well as AEAD. The new TLS 1.3 standard only offers cipher suites which provide PFS and AEAD.
Universal 2nd Factor (U2F) is an authentication standard originally developed by Google and Yubico. The standard is currently hosted by the FIDO Alliance. U2F tokens can be used for two-factor authentication. These tokens contain a unique secret key which can’t be extracted. The specification allows unlimited accounts per U2F token since web applications that offer U2F authentication generate and store their own private/public key pair for each U2F token in use.
A virtual private network (VPN) extends a private network (e.g. your network at home) across a public network (like the internet). Devices connected to the VPN are logically part of the private network, even if there are physically somewhere else. This means that applications running across a VPN are subject to the functionality, security, and management of the private network. IPsec or TLS are widely in use to secure VPNs.
Commonly, vulnerabilities are exploitable security flaws in software or hardware. Well-known vulnerabilities receive names like Heartbleed, Shellshock or Stagefright and a CVE identifier. There aren’t always exploits available for vulnerabilities. A widespread system to classify the severity of vulnerabilities is CVSS.
Web application firewall
“Web Authentication: An API for accessing Public Key Credentials Level 1” is a specification developed by W3C which defines creation and use of strong, attested, scoped, public key-based credentials by web applications. It is also part of FIDO2.
Whitelisting means that one denies all actions by default and explicitly allows certain actions. For instance, application whitelisting means that only explicitly allowed applications can be executed. The opposite is blacklisting.
XSS (cross-site scripting) is a vulnerability found in web applications. There are different types of XSS attacks. Mostly, the attacker is able to inject client-side scripts into websites. This exploits the trust a user has in a website. The opposite is CSRF/XSRF.
YubiKey is a closed source USB key produced by Yubico in the US and Sweden. It implements OpenPGP card algorithms. One can generate and store GnuPG key pairs on it. Some models also support generating OATH-TOTP codes, U2F and other cryptographic functions.