Cyclone DX
CycloneDX overview of the cryptographic asset types and their specific categories
These tables provide a structured overview of the cryptographic asset types and their specific categories as defined in the CycloneDX CBOM specification.
Structure and Cryptographic Asset Types
| Asset Type |
Description |
|
algorithm |
Mathematical function commonly used for data encryption, authentication, and digital signatures. |
|
certificate |
An electronic document that is used to provide the identity or validate a public key. |
|
protocol |
A set of rules and guidelines that govern the behavior and communication with each other. |
|
related-crypto-material |
Other cryptographic assets related to algorithms, certificates, and protocols such as keys and tokens. |
(cyclonedx.org, GitHub) |
related-crypto-material properties
| Material Type |
Description |
private-key |
A private asymmetric key used for decryption or signing. |
public-key |
A public asymmetric key used for encryption or signature verification. |
secret-key |
A symmetric key used for both encryption and decryption. |
key |
General term for any cryptographic key, either symmetric or asymmetric. |
ciphertext |
Encrypted data output from applying an encryption algorithm. |
signature |
Digital signature proving authenticity and integrity. |
digest |
Fixed-length hash output from applying a hash function. |
initialization-vector |
A unique value used to initialize block cipher modes. |
nonce |
A one-time-use value to prevent replay attacks. |
seed |
A value used to initialize pseudo-random number generators. |
salt |
Random value added to data before hashing, often for passwords. |
shared-secret |
Confidential data shared between parties in secure communication. |
tag |
Authentication tag used to verify the integrity of encrypted data. |
additional-data |
Arbitrary metadata related to cryptographic processes. |
password |
A human-memorable secret used for authentication. |
credential |
Data that proves identity, often a combination of username and password or key material. |
token |
A digitally encoded identity or permission artifact (e.g., OAuth token). |
other |
Any other material relevant to cryptographic processing not covered by above types. |
unknown |
Used when the type of material is unclear or not disclosed. |
Types of Cryptographic Assets
| Type |
Description |
|
private-key |
The confidential key of a key pair used in asymmetric cryptography. |
|
public-key |
The non-confidential key of a key pair used in asymmetric cryptography. |
|
secret-key |
A key used to encrypt and decrypt messages in symmetric cryptography. |
|
key |
A piece of information, usually an octet string, which, when processed through a cryptographic algorithm, processes cryptographic data. |
|
ciphertext |
The result of encryption performed on plaintext using an algorithm (or cipher). |
|
signature |
A cryptographic value that is calculated from the data and a key known only by the signer. |
|
digest |
The output of the hash function. |
|
initialization-vector |
A fixed-size random or pseudo-random value used as an input parameter for cryptographic algorithms. |
|
nonce |
A random or pseudo-random number that can only be used once in a cryptographic communication. |
|
seed |
The input to a pseudo-random number generator. Different seeds generate different pseudo-random sequences. |
|
salt |
A value used in a cryptographic process, usually to ensure that the results of computations for one instance cannot be reused by an attacker. |
|
shared-secret |
A piece of data known only to the parties involved, in a secure communication. |
|
tag |
A message authentication code (MAC), sometimes known as an authentication tag, is a short piece of information used for authenticating and integrity-checking a message. |
|
additional-data |
An unspecified collection of data with relevance to cryptographic activity. |
|
password |
A secret word, phrase, or sequence of characters used during authentication or authorization. |
|
credential |
Establishes the identity of a party to communication, usually in the form of cryptographic keys or passwords. |
|
token |
An object encapsulating a security identity. |
|
other |
Another type of cryptographic asset. |
|
unknown |
The type of cryptographic asset is not known. |
(cyclonedx.org) |
NIST
