Glossary

Based on cryptography algorithms where data can be encrypted with a public key but only decrypted with the corresponding private key. In addition, data encrypted by a private key can be decrypted with the corresponding public key with the assurance that only the given private key could have encrypted the data.

The process of verifying a user's identity or integrity of data, or the identity of the party that sent data.

The AH provides data integrity, system-level authentication and can provide anti-replay protection.

A security certificate associates (or binds) a public key with a principal--a particular person, device, or other entity. The security certificate is issued by an entity, in whom users have put their trust, called a certificate authority (CA) that guarantees or confirms the identity of the holder (person, device, or other entity) of the corresponding private key. The CA digitally signs the certificate with the CA's private key, so the certificate can be verified using the CA's public key.The format for public-key certificates is defined by the International Organization for Standardization (ISO) X.509 standard, Version 3.

Certificate authority is a trusted third party that authenticates users and issues certificates. In addition to establishing trust in the binding between a user's public key and other security-related information in a certificate, the CA digitally signs the certificate information using its private key.

Certificates are issued with a specific lifetime, defined by a start date/time and an expiration date/time. However, situations can arise, such as a compromised key value, that necessitate the revocation of the certificate. In this case, the certificate authority can revoke the certificate. This is accomplished by including the certificate's serial number on a Certificate Revocation List (CRL) updated and published on a regular basis by the CA and made available to certificate users.

Data Encryption Standard. Uses symmetric key block encryption. It is suitable for encrypting large amounts of data. Typically used with public key (i.e., RSA) digital envelope ((DES key [data]) + (recipient's public key [DES key])). Certified by US government (NIST) as a standard in 1993. It must be re-certified every 5 years.

Method to generate a symmetric key where the two parties can publicly exchange values and generate the same symmetric key. Start with prime p and generator g, which may be publicly known (typically these numbers are from a well-known "Diffie-Hellman Group"). Each party selects a private value (a and b) and generates a public value (g**a mod p) and (g**b mod p). They exchange the public values. Each party then uses its private value and the other party's public value to generate the same symmetric key ((g**a)**b mod p and (g**b)**a modp, which both evaluate to g**(a*b) mod p for future communication.

It must be combined with authentication to prevent man-in-the-middle or third party attacks (spoofing) attacks. Typically, it's combined with public/private key certificates (when sending the public value, each party signs the public value with its private key and includes a certificate).

The ESP provides confidentiality (encryption).

The process of converting data from one format to another.

A term used to refer to preferences in encryption, authentication, compression and protocol etc. for a particular end-user system.

The Security Policy database contains a hashed list of policy rules and an ordered list of policy rules. Entries in the hash list contain qualified selectors that can be hashed upon easily such as a source or destination address that has a single IP address without any network mask. The advantage of a hash list is that it takes less time to find an entry that matches a security policy query then if you had to search sequentially through an ordered list.

The Internet Key Exchange (IKE) protocol is used before the ESP or AH protocol exchanges to determine which encryption and/or authentication services will be used. IKE also manages the distribution and update of the symmetric (shared) encryption keys used by ESP and AH.The IKE protocol is a hybrid of three other protocols: ISAKMP (Internet Security Association and Key Management Protocol), Oakley and SKEME. ISAKMP provides a framework for authentication and key exchange, but does not define the actual key exchange. (ISAKMP) defines most of the message format, with non-specific key-exchange information fields). The Oakley Key Determination protocol and SKEME protocol define key exchange techniques.

IPSec Policies specify the rules according to which data is transferred securely. An IPSec policy needs to encapsulate transform information for both authentication and encryption.

HP supports the Internet Security Association and Key Management Protocol (ISAKMP) in conjunction with the Oakley Key Exchange Protocol to establish an authenticated key exchange. ISAKMP defines procedures and packet formats to establish a security association between two negotiating entities.

A message authentication code (MAC) is an authentication tag, also called a checksum, derived by application of an authentication scheme, together with a secret key, to a message. MACs are computed and verified with the same key so they can only be verified by the intended receiver, unlike digital signatures.

Hash function-based MACs (HMACS) use a key or keys in conjunction with a hash function to produce a checksum that is appended to the message. An example is the keyed-MD5 method of message authentication.

MACs can also be derived from block ciphers. The DES-CBC MAC is a widely used US and international standard. The basic idea is to encrypt the message blocks using DES CBC and output the final black in the ciphertext as the checksum.

Oakley is a key exchange protocol which works within the ISAKMP framework to generate authenticated keying material for use with other security services.

The Security Policy database contains a hashed list of policy rules and an ordered list of policy rules. Entries in the ordered list are ordered in the way the Security Administrator entered them in the Security Policy file.

With Perfect Forward Secrecy the exposure of one key permits access only to data protected by that key. When PFS is configured, the IKE daemon creates a new ISAKMP SA for each IPSec SA negotiation and performs a Diffie-Hellman exchange for each IPSec SA negotiation.

A generic term used to refer to methods used in authentication, encryption, and compression.

An ASCII string agreed upon by two systems for establishing a security association. Has limit of 128 characters.

Pre-shared keys allow users to share a secret key (a string of ASCII characters in this implementation) for the purpose of authentication; i.e., by using the pre-shared key, a principal's identify may be checked. When it is time to establish a connection to a remote site, the pre-shared key is used for encrypting a random piece of data; at the remote site, the remote key for the originator is used, since it is shared, to decrypt the data. A match in the data after decryption means successful authentication.

(Rivest, Shamir, and Adelman) Public/private key cryptosystem that can be used for privacy (encryption) and authentication (signatures). For encryption, A can send data encrypted with B's public key. Only B'x private key can decrypt the data. For authentication, A sends data with a signature - a digest or hash encrypted with A's private key. To verify, B uses A's public key to decrypt the signature and compare the decrypted hash or digest to the digest or hash that it computes for the message.

A secure communication channel and its parameters, such as encryption method, keys and lifetime.

IPSec Transforms are portions of IPSec polices. The transforms define the action(s) to be taken on the data, such as passing the data in clear text, discarding the data, encrypting the data using ESP, or authenticating the data using AH. They encapsulate the algorithm information needed to authenticate, encrypt and optionally compress packets during data transfer.