Appendix B – Terminology
170
Appendix B – Terminology
This section explains terms that are commonly used in this document.
Term
Meaning
ADSL
Asymmetric Digital Subscriber Line. A technology allowing high-speed
data transfer over existing telephone lines. ADSL supports data rates
between 1.5 and 9 Mb/s when receiving data and between 16 and 640
Kb/s when sending data.
Advanced
Encryption
Standard (AES)
The Advanced Encryption Standard is a new block cipher standard to
replace DES, developed by NIST, the US National Institute of
Standards and Technology. AES ciphers use a 128-bit block and 128,
192 or 256-bit keys. The larger block size helps resist birthday attacks
while the large key size prevents brute force attacks.
Aggressive Mode
This Phase 1 keying mode automatically exchanges encryption and
authentication keys and uses less messages in the exchange when
compared to Main mode. Aggressive mode is typically used to allow
parties that are configured with a dynamic IP address and a preshared
secret to connect or if the CyberGuard SG appliance or the remote
party is behind a NAT device.
Authentication
Authentication is the technique by which a process verifies that its
communication partner is who it is supposed to be and not an imposter.
Authentication confirms that data is sent to the intended recipient and
assures the recipient that the data originated from the expected sender
and has not been altered on route.
Automatic
Keying, Internet
Key Exchange
(IKE)
This type of keying automatically exchanges encryption and
authentication keys and replaces them periodically.
Block cipher
A method of encrypting text (to produce ciphertext) in which a
cryptographic key and algorithm are applied to a block of data (for
example, 64 contiguous bits) at once as a group rather than to one bit
at a time. DES, 3DES and AES are all block ciphers.
BOOTP
Bootstrap Protocol. A protocol that allows a network user to
automatically receive an IP address and have an operating system boot
without user interaction. BOOTP is the basis for the more advanced
DHCP.
CA Certificate
A self-signed certification authority (CA) certificate that identifies a CA.
It is called a CA certificate because it is the certificate for the root CA.