glossary.tex

\newcommand{\comma}[0]{, }

\begin{filecontents*}{glossary.csv}
%termID                           , description
Public key infrastructure (PKI)   , A set of entities\comma policies and procedures used to issue\comma manage and revoke $(\text{name}\comma \text{key})$ pairs used for authentication.
Public key                        , The public component of a cryptographic keypair. The public key can be used to verify a digital signature created using the corresponding private key.
Certificate authority (CA)        , An entity responsible for signing digital \emph{certificates}.
Digital signature                 , A cryptographic fingerprint created using a signature algorithm. A digital signature can be used to check the authenticity of a document\comma such as a \emph{certificate}.
Certificate                       , A signed digital document which binds a name to a \emph{public key}.
Altcoin                           , An umbrella term for all non-Bitcoin cryptocurrencies.
Key bridging                      , A technique used by routers to inspect TLS traffic. A benevolent form of a \emph{man-in-the-middle attack}.
Transport Layer Security (TLS)    , A protocol used to establish an authenticated and encrypted connection over the Internet.
Identity retention                , A desirable property of a \emph{public key infrastructure}\comma where an identity cannot be changed without the consent of its owner.
Man-in-the-middle attack          , An attack where an adversary sits between a server and the victim\comma intercepting all traffic between them.
Smart contract                    , An escrow operation stored on and executed by nodes operating a blockchain.
Root Certificate Authority (Root CA) , A \emph{certificate authority} with a self-signed certificate\comma typically trusted by all major web browsers and operating systems.
Intermediary Certificate Authority (Intermediary CA) , A \emph{certificate authority} with a certificate signed by a \emph{root certificate authority}.
Double spending attack            , An attack against a cryptocurrency\comma where the same money is spent twice.
Mempool                           , A memory pool of pending transactions awaiting to be included in a block on the blockchain.
Keyblock                          , A block in Bitcoin-NG signalling the change of \emph{block leader}.
Microblock                        , A block in Bitcoin-NG\comma containing transactions\comma generated by the current \emph{block leader}.
Block leader                      , A blockchain node eligible to approve transactions and adding blocks to the blockchain.
Truststore                        , A file containing trusted \emph{certificate authorities} and their \emph{public keys}.
Longest chain                     , The blockchain currently considered to be the ``correct'' chain by the blockchain network.
Block reward                      , Cryptocurrency paid to a \emph{miner} for adding a new block to the blockchain.
Coinbase transaction              , The first transaction in a block. Contains the address which receives the block reward.
Merged mining                     , A technique used by \emph{miners} to mine on more than one blockchain at a time.
Satoshi                           , The smallest unit of cryptocurrency which can be transferred between two wallets.
Follow-the-satoshi                , A technique used in \emph{Proof of Stake} to derive a \emph{block leader} by sampling a random \emph{satoshi}.
Proof of Stake                    , A blockchain \emph{consensus protocol} where ownership of cryptocurrency is the foundation for participation in the consensus process.
Simple Payment Verification (SPV) , A technique which allows a blockchain client to verify a transaction without downloading the whole blockchain.
Unspent Transaction Output (UTXO) , A set of transactions not yet referred to by other transactions. Determines the balances of wallets.
Public key pinning                , A security feature whereby a web client associates a \emph{public key} with a web server.
Certificate Transparency (CT)     , A system of public logs containing certificates issued by a \emph{certificate authority}\comma used to detect misissuance and fraudulent \emph{certificates}.
Merkle root hash                  , The hash found in the root of a Merkle tree. Comprises a compact representation of all nodes in the tree.
Domain Name System (DNS)          , A catalog service used to map an IP address to a domain name.
Certificate Signing Request (CSR) , A document sent to a \emph{certificate authority}\comma in order to apply for a \emph{certificate}.
Registration Authority (RA)       , An entity acting on behalf of a \emph{certificate authority}\comma authorised to apply for\comma reject and revoke \emph{certificates}.
Domain Validated Certificate (DV) , A \emph{certificate} obtained after proving ownership of a domain name.
Organisation Validated (OV) Certificate, A type of \emph{certificate} issued to organisations.
Extended Validation (EV) Certificate, A type of \emph{certificate} issued to organisations. Involves more scrutiny than an \emph{OV certificate}.
Automatic Certificate Management Environment (ACME), A challenge-response protocol automating the issuance of \emph{DV certificates}.
Distinguished Name (DN)           , The field in a \emph{certificate} containing owner of the \emph{public key}.
OCSP responder                    , A entity acting on behalf of a CA\comma responsible for checking the validity of \emph{certificates} by responding to queries over the OCSP protocol.
OCSP stapling                     , A technique whereby a server bundles an OCSP response with the certificate during the TLS handshake.
Consensus algorithm               , An algorithm which allows a network\comma partly consisting of malicious actors\comma to agree on a result. See \emph{Byzantine Generals' Problem}.
Fork (blockchain)                 , The name of two blockchains with the same length. A fork occurs when two blocks are created at approximately the same time.
Byzantine Generals' Problem       , A consensus problem\comma formulated in a 1982 paper \cite{Lamport82}\comma  where a set of generals try to agree on whether they should attack a city. 
Miner                             , An entity in the blockchain network trying to become the next \emph{block leader}\comma by performing computationally intensive tasks. See \emph{Proof of Work}.
Trapdoor function                 , A function in cryptography which is easy to verify\comma but hard to reverse.
Validation authority (VA)         , An entity authorised to provide revocation services on behalf of a CA.
Sybil attack                      , A type of attack against a reputation system where security is subverted by forging a large number of identities in a P2P-network. 
Multisignature (multisig) script  , A type of Bitcoin script which requires signatures from multiple public keys. One example of a multisignature scheme is Shamir Secret Sharing \cite{Shamir79}.
Label (DNS)                       , A part of a DNS domain name separated with a dot.
Object Identifier (OID)           , An identifier mechanism standardised by the International Telecommunications Union (ITU) and ISO/IEC for naming any an object (such as an algorithm\comma entity of datastructure) with a globally unambiguous name.
Full blockchain node              , A blockchain node which enforces all rules of the blockchain protocol by downloading\comma verifying and archiving every block and transaction.
Pruning node                      , A \emph{full blockchain node} which throws away old blocks and transactions to reclaim disk space.
SPV node                          , A blockchain node which does not enforce all the rules of the blockchain protocol. An SPV node typically only downloads and verifies the block headers of the longest blockchain.
Thin client                       , See \emph{SPV node}.
Bitcoin miner                     , See \emph{miner}.
Proof of Work                     , A blockchain \emph{consensus protocol} based on problems which require a lot of computing power to solve.
Internet Corporation for Assigned Names and Numbers (ICANN), Non-profit organisation responsible for the maintenance and registration of domain names. 
\end{filecontents*}


\DTLloaddb[noheader,keys={termID,description}]{words}{glossary.csv}
\DTLsort{termID=ascending}{words}
\renewcommand{\arraystretch}{1.5}
\chapter*{Glossary}
\begin{longtable}{l>{\raggedright\arraybackslash}p{.4\textwidth} p{.6\textwidth}}
  \DTLforeach{words}{
    \termID=termID,\termdesc=description}{
    & \textbf{\textit{\termID}} & \termdesc \\
  }
\end{longtable}