III. DEFINITIONS

For the purposes of these Guidelines:

[40] “Authentication” means a function [mechanism] for establishing the validity of a claimed identity of a user, device or another entity in an information system.

[41] “Confidentiality” means the property [characteristic] that information is not made available or disclosed to unauthorised individuals, entities or processes.

[42] “Cryptography” means the discipline which embodies principles, means, and methods for the transformation of data in order to hide its information content, establish its authenticity, prevent its undetected modification, prevent its repudiation, and/or prevent its unauthorised use.

[43] “Cryptographic key” means a parameter used [in conjunctional] with an algorithm to transform, validate, authenticate, encrypt or decrypt data.

[44] “Cryptographic methods” means [the] hardware and [or] software techniques, services, systems and [or] products that are used for ensuring the confidentiality, authentication, integrity, and non-repudiation of data [ensuring the conf identiality and integrity of data, including authentication and non-repudiation mechanisms].

[45] “Data” means the representation of information in a [formalised] manner [in digital form] suitable for communication, interpretation, storage, or processing.

[46] “Decryption” means the transformation of encrypted data back to its original intelligible form (plaintext) by using a cryptographic method [key and cryptographic algorithm].

[47] “Encryption” means the transformation of data to produce unintelligible data [data which is unintelligible to a third party] (encrypted data) [to ensure its conf identiality] by using a cryptographic method [key and cryptographic algorithm].

[48] “Integrity of data” means the property [characteristic] that data has not been modified or altered in an unauthorised manner.

[49] “Lawful access” means the ability to access cryptographic keys or the plaintext of encrypted data granted to third-party individuals or entities, including government entities, in accordance with law. [access by third party individuals or entities, including governments, to plaintext of encrypted data, in accordance with law.] [access to plaintext of encrypted data or access to cryptographic keys allowed, recognised or sanctioned by law.] ⁽⁷⁾

[50] “Key management system” means the [a] system for generation, storage, distribution, revocation, deletion, archiving and [or] application [use] of cryptographic keys.

[51] “Keyholder” means an [the] individual or entity [lawfully] in possession [and/or control] of cryptographic keys. A key holder is not necessarily a user of the key.

[52] “Non-repudiation” means a function [mechanism] for preventing an individual or entity from denying having performed a particular action related to data.

[53] “Plaintext” means intelligible data. the semantic content of which is available.

[54] [“User” means an [the] individual or entity that employs [uses] cryptographic methods, unless indicated otherwise by context.]