Access TokenAn access token allows access to a resource. Users request access tokens and forward them to an API. Access tokens contain information about the user and then APIs use that information to authorize access to their data.An access token is generated on Virgil Developer Dashboard in your API V4 application and is needed for authentication requests.An example of Access Token representation:AT.7652ee415726a1f43c7206e4b4bc67ac935b53781f5b43a92540e8aae5381b14
API KeyA Key that gives your account a read-only access to Virgil Services. API Key secures your app requests in communication with your Virgil Security account. If needed, you may view and reset the API Key in your profile on Virgil Developer Dashboard. The API Key is generated one time to access the services for reading purposes in your account.The API Key is needed to generate JWT for authentication requests since API V5.
App IDThe unique identifier that Virgil issues to an application registration that identifies a specific application and the associated configurations. App ID is used when performing authentication requests. The App ID is not a secret.You can find the App ID of your application on Virgil Developer Dashboard.An example of an App ID:4848d1d92b4ca8e77cad8bc9f7fcbdf1fb1bd6aa140e9e30b595e1778b7c2bc4
App KeyThis is a Private Key of your Application. App Key is generated during API V4 application registration at the Virgil Development Dashboard and is needed for authentication requests.The App Key by default has DER format.An example of App Key representation:MIGhMF0GCSqGSIb3DQEFDTBQMC8GCSqGSIb3DQEFDDAiBBDX6b93ZXqa+IWmIlpOJxshAgIVszAKBggqhkiG9w0CCjAdBglghkgBZQMEASoEECQxB5egjxg/GEDQp5gK+fQEQMJ5LmZmAP2Pb19nYp75F7D8wjdS/WL26VfnkyjnSDqpnVOgID499iGAGaRPXINRtiGMHIq9gU5cYzp+lAfopCg=
Authenticated EncryptionThis is the process of encrypting and then signing data using the sender’s Private Key and the recipient’s Public Key.Authenticated Decryption – the process of taking data that is already both encrypted and signed, and then decrypting and verifying the data. A recipient uses their Private Key to decrypt the data, which is followed by using the sender’s Public Key to verify the integrity of the data.Useful related guides:Encrypt and decrypt data using Virgil Crypto Library
AuthenticationThe process of verifying user's access for performing necessary operations on Virgil Services. When user interacts with Virgil Services (get card, publish card etc.) they have to be provided with a unique token that tells Virgil who they are and what they're allowed to do. Authentication request contains your application credentials, account credentials and user's identity.Useful related guides:Set Up Authetication To Make API Calls To Virgil Services
CiphertextApplying an encryption algorithm (or cipher) to some plaintext results in the creation of a Ciphertext. The Ciphertext is encoded information that contains an encrypted form of the plaintext but is unreadable without the proper decryption algorithm, which is based on a private key.
Data IntegrityThe ability to ensure and maintain that some data has a known sender (one who cannot deny having sent the data) and has not been altered over its life-cycle. Data integrity is meant to safeguard data from any unintended changes to it as a result of storage, processing, transmission, malicious intent, or human error. Proper data integrity measures ensure that the data is accurate, consistent, and has a verifiable origin. It is vital to any system that sends or receives data, where privacy is concerned.Take a look at Verify Data Integrity use case to find out how to verify the integrity of data using Virgil Libraries and Services.
DecryptionThe process of taking encrypted information or ciphertext and converting it back into plaintext or an unencrypted form. This can only be done with the appropriate decryption algorithm and the associated Private Key, whose pair is the Public Key that encrypted the data in the first place.Useful related guides:Encrypt and decrypt data using Virgil Crypto LibraryEncrypt and decrypt data using a User's Card
Digital signatureSignature is a mathematical scheme for demonstrating the authenticity of digital messages, requests, etc. A valid digital signature gives a recipient reason to believe that:the message was created by known sender,the sender cannot deny having sent the message,the message was not altered in transit.It can be used with any kind of message – encrypted or not.Signed data representation:MFEwDQYJYIZIAWUDBAICBQAEQMQ8DqV+z9ajEA7rxFIjCablKBEbdnHP9XICTs5EzqpjZowpww8o0YaEj3lD2d5Qxhqk5COfIZxyK2Fit2vhBQg=Useful related guides:Create and verify digital signature with Virgil Crypto LibraryGenerate signature using Virgil CLICreate and verify digital signature using a User's Card
Encrypting for Multiple RecipientsEncryption requires the Public Key of the receiver, so that only the receiver’s Private Key can decrypt the message. For multiple recipients, the sender must have the Public Keys of every receiver they intend to send a message to. If users have cards, sender can find Public Keys of each receiver on Virgil Cards Service.
Encrypted StorageThe storage of data that is technically out in the open for anyone to access but unable to be read or understood by anyone except the holders of the appropriate cryptographic keys. Take a look at Encrypted Data Storage use case to find out how to encrypt data for secure storing on Clouds using Virgil Libraries and Services.
EncryptionThe process of converting plaintext to ciphertext. Encryption can be used to provide the highest levels of security to network communications, e-mails, files stored in the cloud, and other data that requires protection. Encryption can be either symmetric (using a shared secret between two or more parties) or assymetric (using [Private Key] and [Public Key]).Encrypted data representation:MIIBYgIBADCCAVsGCSqGSIb3DQEHA6CCAUwwggFIAgECMYIBGTCCARUCAQKgIgQglGxTWjgWmmryc7lSeRXmr+fiGrFbdZBvjyjaYlkC4FwwBwYDK2VwBQAEgeIwgd8CAQAwKjAFBgMrZXADIQD/8vOguHd3ClEpKGbPDzbi3qy4IYy6prmge57kZMU0YjAYBgcogYxxAgUCMA0GCWCGSAFlAwQCAgUAMEEwDQYJYIZIAWUDBAICBQAEMAAlL7ofBVQ/I9+ElQquriLGGKFpWHN8YhnCUejs0lCeFs6TVX0DqX9XyA9dn1Mq1TBRMB0GCWCGSAFlAwQBKgQQgZbvFGG39me9YQNvs1jZNwQwE0pXcuLWejT1OddNCN8RXKZL5gjeWDfgup4rzFYjKpIxuS6x66A3q5I2glzUts7GMCYGCSqGSIb3DQEHATAZBglghkgBZQMEAS4EDFaHJf0Win+Swkr7bDtgrZqq410rrkd3dXdSYWRdCXySbarLtpNI3BlH4uUThP7D64sHA7s=Useful related guides:Encrypt and decrypt data using Virgil Crypto LibraryEncrypt and decrypt data using a User's Card
Encryption AlgorithmThe way in which plaintext is turned to ciphertext, or any kind of data is changed to a format that cannot be read with the proper decryption Key and decryption Algorithm. An encryption algorithm should be designed so that the ciphertext yields no information about the original plaintext.
Encrypted CommunicationCommunication when two parties desire to communicate without a third-party understanding. This communication must not be able to be read or understood by any unauthorized party, leading to the need to use a cipher and/or code. Encrypted communication can be achieved through cryptographic means, which require the use of information-based keys to encrypt and later decrypt some message. Take a look at the Encrypted Communication use case which you can use to create an app for secure communication with Virgil Libraries and Services.
Encryption KeyA random string of data that is used to turn plaintext into ciphertext, or scramble information and make it unreadable to anyone without the proper decryption key and algorithm. The key acts as a parameter for the encryption algorithm used, and determines its output. The Key representation:MIGhMF0GCSqGSIb3DQEFDTBQMC8GCSqGSIb3DQEFDDAiBBDX6b93ZXqa+IWmIlpOJxshAgIVszAKBggqhkiG9w0CCjAdBglghkgBZQMEASoEECQxB5egjxg/GEDQp5gK+fQEQMJ5LmZmAP2Pb19nYp75F7D8wjdS/WL26VfnkyjnSDqpnVOgID499iGAGaRPXINRtiGMHIq9gU5cYzp+lAfopCg=
JSON Web Token (JWT)JWT is a unique string that is generated during program runtime and used by Virgil to authenticate you and users of your application on Virgil Services (since API V5). JWT is based on API Key and App ID and has a limited lifetime, configurable by you. Find more information at JWT specification.
Key StorageVirgil empowers developers with the ability to specify and maintain their own Private Keys storage using Virgil Libraries and also offers secure Virgil Cards Service for storing your users' Public Keys. Useful related guides:Setup Private Key storage using Virgil LibrariesCreate and publish Public Key on Cards Services
PlaintextUnencrypted data or text. This also refers to encrypted data that has already been decrypted. Plaintext can be read and understood without any kind of cipher or decryption key, has no special formatting, and is not tagged for any kind of security measure.
Private KeyPrivate Key is a user's secret key. Private keys should never be stored verbatim or in plain text on a local computer. If you need to store a private key, you should use a secure key container, which will depend on your platform of choice. The Private Key representation:MC4CAQAwBQYDK2VwBCIEIO0c2wutSgBxGw0YVo4KkkNwYPQqekqImhnjhp0Ogm5mUseful related guides:Generate the keypair using Virgil Crypto LibraryGenerate the keypair using Virgil CLI
Private Key PasswordA password of a private key adds an additional security stage and prevents any data leakage after the private key has been compromised. It is optional but highly recommended to set a private key password.
Public KeyA cryptographic key that can be obtained by anyone and used to encrypt data that can only be decrypted by its associated Private Key. A Public Key can also be used to verify the digital signature of any data signed with its related Private Key. The Public Key is generated at the same time as its associated Private Key and cannot be used to derive said Private Key.Useful related guides:Generate the keypair using Virgil Crypto LibraryGenerate the keypair using Virgil CLI
User IdentityAny type of data which is related to user (e-mail, surname, name etc.) which is signed by the Private Key. It can be used inside of Users' Virgil Cards.
Virgil CardThe Virgil Card is the main entity of Virgil Services. Every user/device is represented with a Virgil Card which contains all the necessary information to identify them. Users will also need their Virgil Card to obtain their Public Key for further cryptographic operations.Useful related guides:Card StructureHow to work with User's Card
Virgil Card IDA unique identifier of a Virgil Card.Each Virgil Card is created by passing the content snapshot, which contains all data related to the Virgil Card, and is represented as a JSON. This JSON representation is used to calculate the Virgil Card's Fingerprint. If you convert the Fingerprint to its hexadecimal representation, it will return the Virgil Card's ID.The Virgil Card ID representation:af6799a2f26376731abb9abf32b5f2ac0933013f42628498adb6b12702df1a87Useful related guides:How to calculate Virgil Card ID
Virgil KeyThe Virgil Key is a synonym of the User's Private Key which is generated with Virgil Crypto Library and never leaves its device. The Virgil Key allows only those who hold it to sign and decode a message.The Virgil Key has a DER format by default.The Virgil Key representation:MIGhMF0GCSqGSIb3DQEFDTBQMC8GCSqGSIb3DQEFDDAiBBDX6b93ZXqa+IWmIlpOJxshAgIVszAKBggqhkiG9w0CCjAdBglghkgBZQMEASoEECQxB5egjxg/GEDQp5gK+fQEQMJ5LmZmAP2Pb19nYp75F7D8wjdS/WL26VfnkyjnSDqpnVOgID499iGAGaRPXINRtiGMHIq9gU5cYzp+lAfopCg=