This glossary contains definitions of special terms and abbreviations used in the SSH Tectia user documentation. For more information on terms related to Internet security, see RFC 2828.
AES is the current U.S. government standard for a symmetric encryption algorithm. AES is based on the Rijndael block cipher, designed by Joan Daemen and Vincent Rijmen. It has a block size of 128 bits and a variable key length of 128, 192, or 256 bits. AES is defined by the National Institute of Standards and Technology (NIST) in FIPS 197.
ASCII (American Standard Code for Information Interchange) is an 8-bit character encoding (including a parity bit) commonly used by computers to represent characters of the keyboard.
Arcfour is a symmetric stream cipher with a variable key size. It has been tested to be equivalent of the RC4 cipher by RSA Security.
Authentication is the process of verifying that the remote entity is who it claims to be. Authentication is not the same as authorization (access control), since it is not concerned with determining which rights the remote entity has. Authentication means, for example, verifying that the correct password for the given user account has been entered, but it does not mean determining what file system permissions the user has.
Authorization is the process of determining which rights an entity has, after the entity has been authenticated.
A security service that addresses the security concerns caused by attacks that deny or degrade a network service.
Badger is a message authentication code (MAC) algorithm introduced in 2005 by the Danish data security company Cryptico. It uses universal hashing as its design principle, allowing for a rigorous proof of its security under randomness assumptions for the keys. In addition, it uses some novel ways of combining the ingredients to make it one of the fastest known MAC algorithms.
A method of representing six-bit strings of binary data (values 0-63) using 64 ASCII characters. Base-64 encoding was originally used with Privacy Enhanced Mail (PEM), thus it is sometimes referred to as PEM encoding.
A type of symmetric (secret-key) encryption algorithm that encrypts a fixed length block of plaintext (for example, 64 bits) at a time. With a block cipher, the same plaintext block will always encrypt to the same ciphertext block under the same key.
A symmetric block cipher designed by Bruce Schneier. Blowfish uses a block size of 64 bits and a key length of 32 to 448 bits.
Certificates are digital documents that are used for verifying the identity of communicating parties. In this documentation, the term certificate is commonly used to refer to X.509 public-key certificates. A public-key certificate binds identity information about an entity to the entity's public key for a certain validity period.
Certificate enrollment is an action in which a public key gets certified by a certification authority (CA). In this action a client provides the CA with a public key and some additional data in a certification request. The CA signs this key together with additional information with its own private key and returns the signed certificate to the client.
CMP defines online interactions between the end entities, the registration authorities, and the certification authority in a PKI. It is developed by the PKIX Working Group of the IETF and specified in RFC 4210.
A signed list containing the serial numbers of the certificates that have been revoked or suspended by the certificate issuer (the CA) before their expiration date. The CA usually issues new CRLs at frequent intervals. Current PKIX implementation of CRLs is the X.509 version 2 CRL. See RFC 3280 for more information.
An entity in a PKI that issues digital certificates (especially X.509 public-key certificates) and vouches for the binding between the data items in a certificate.
Certificate users (end entities) depend on the validity of information provided by a certificate. Thus, a CA should be someone that the end entities trust, and who usually holds an official position created by and granted power by a government, a corporation, or some other organization.
A certification request contains at least the public key and some identity information of the entity making the request, and it is signed with the private key of the entity. Certification requests are generated by end entities or RAs and sent to the CA. If allowed by the certificate policy of the CA, a certificate can be issued based on the request.
Text which has been encrypted by an encryption system. The opposite is plaintext.
A security service that protects data from unauthorized disclosure. Usually, unauthorized disclosure of application level data is the primary concern, but the disclosure of the external characteristics of communication can also be a concern in some circumstances. The traffic flow confidentiality service addresses this latter concern by concealing source and destination addresses, message length, or frequency of communication.
The Connection Broker is a component of SSH Tectia Client and ConnectSecure. It handles all cryptographic operations and authentication-related tasks.
CryptiCore was introduced in 2005 by the Danish data security company Cryptico. It is a set of algorithms consisting of the Rabbit stream cipher and Badger data integrity algorithm. CryptiCore enables very fast encryption and integrity checking performance, for example, when used with Secure Shell.
The branch of mathematics that studies the mathematical foundations of cryptographic methods.
DES is a U.S. Federal Information Processing Standard (FIPS) that defines the Data Encryption Algorithm (DEA). The term DES is also commonly used when referring to the algorithm.
The algorithm itself is a symmetric block cipher with a block size of 64 bits and a key length of 64 bits (of which 8 are parity bits). It was created in the 1970s by IBM, assisted by the U.S. National Security Agency (NSA).
Single DES is no longer considered secure. The controversy around DES key length and design issues has developed many variants of the original algorithm. 3DES (also known as triple-DES and Triple Data Encryption Algorithm or TDEA) is the most accepted. Most of what is known about block ciphers is due to analysis of DES. DEA and TDEA are defined in FIPS 46-3.
Denotes attacks that do not cause a security violation per se, but harm the availability of a service.
A method for key exchange between two parties. This method can be used to generate an unbiased secret key over an unsecured medium. The method has many variants. A well known attack called the man-in-the-middle attack forces the use of digital signatures or other means of authentication with the Diffie-Hellman protocol.
By encrypting a digest of a message with the private key, authentication can later be performed by applying the public key to an encrypted digest (digital signature) and comparing the result to the digest of the message.
DSA is a public-key algorithm for digital signatures. The DSA algorithm was invented by the U.S. National Security Agency (NSA) and it is defined by NIST in FIPS 186-2. See also DSS.
The U.S. digital signature standard defined by National Institute of Standards and Technology (NIST). It is a standard for digital signatures using the DSA public-key algorithm and the SHA-1 hash algorithm.
A domain name is a textual name for an Internet host, e.g.
www.ssh.com
. The Domain Name System (DNS) infrastructure is used
to map domain names to IP addresses.
See STD 13 for more information.
A protocol that provides a means to dynamically allocate IP addresses to computers on local area networks (LANs). The system administrator assigns a range of IP addresses to DHCP, and each client computer on the LAN has its TCP/IP software configured to request an IP address from the DHCP server. The request and grant process uses a lease concept with a controllable time period. DHCP is defined in RFC 2131.
EBCDIC (Extended Binary Coded Decimal Interchange Code) is an 8-bit character encoding used by IBM mainframes and other platforms to represent text. EBCDIC was designed in 1964 by IBM and it was the predecessor to ASCII. All IBM mainframe operating systems still use EBCDIC.
A security mechanism used for the transformation of data from an intelligible form (plaintext) into an unintelligible form (ciphertext), to provide confidentiality. The inverse transformation process is called decryption.
An entity in a PKI (other than a CA or an RA) to whom a certificate is issued. The end entity has also the private key counterpart of the public key in the certificate.
An entity is a party in a security relationship. An entity could, for example, be one of the following: user, company, program or process (server process/program, client process/program), machine (computer), hardware device (router, gateway). An entity must be unique, and therefore it must have a unique identifier. Depending on the entity, an identifier can be a name, e-mail address, social security number, IP address, DNS name, process ID, hardware MAC address or something else.
FIPS is a series of U.S. Government technical standards published by the National Institute of Standards and Technology (NIST).
A node located on the perimeter of an administrative domain that implements the security policy of the domain. A firewall usually performs address and port-based packet filtering and usually has proxy servers for e-mail and other services.
GSSAPI is a function interface that provides security services for applications in a mechanism-independent way. This allows different security mechanisms to be used via one standardized API. GSSAPI is often linked with Kerberos, which is the most common mechanism of GSSAPI. GSSAPI provides support for Windows domain authentication with Active Directory on Windows and Unix. GSSAPI is described in RFC 2743.
An algorithm that computes a short digest of a longer message. The digest is usually of a fixed size. See also MD5 and SHA-1.
A hashed message authentication code (HMAC) is a type of message authentication code (MAC) calculated using a cryptographic hash function in combination with a secret key. As with any MAC, it can be used to verify both the data integrity and data origin authenticity.
Any iterative cryptographic hash function, such as MD5 or SHA-1, may be used in the calculation of an HMAC. The resulting MAC algorithm are termed HMAC-MD5 or HMAC-SHA-1, respectively. The cryptographic strength of the HMAC depends upon the cryptographic strength of the underlying hash function and on the size and quality of the key.
A host is an individual machine (computer). The term host is used for both client and server machines.
HTTP is the protocol used to transfer web pages from a WWW server to the browser. The HTTP client sends requests to the server, and gets some data as a response. HTTP identifies objects on the server using a URLs. For more information, see RFC 2068.
A security service that ensures that data modifications are detectable. Integrity services need to match application requirements. Although authentication and integrity services are often cited separately, in practice they are intimately connected and almost always offered together.
An international standards body that has standardized the IP protocol and most of the other successful protocols used on the Internet. The IETF web pages are available at http://www.ietf.org/.
The network layer for the Transmission Control Protocol (TCP) protocol suite, defined in STD 5. IP is a connectionless, best-effort packet switching protocol. It provides packet routing, fragmentation, and re-assembly through the data link layer.
A protocol suite for protecting IP traffic at packet level defined by the Internet Engineering Task Force (IETF). IPSec can be used for protecting the data transmitted by any service or application that is based on IP. The IPSec protocols are defined in RFC 2401.
This is the current version of the Internet Protocol (IP).
This is a new version of the Internet Protocol (IP). Among other improvements it has an extended address space and better security. It is described in RFC 2460. There is no version five.
In IPv4, a 32-bit number that identifies the devices using the IP protocol. An IP address can be unicast, broadcast, or multicast. See STD 5 for more information.
A self-contained, independent entity of data carrying sufficient information to be routed from the source to the destination computer without reliance on earlier exchanges between this source and destination computer and the transporting network. The Internet Protocol (IP) is defined in STD 5.
Keyboard-Interactive is a generic authentication method in Secure Shell, used to implement different types of authentication mechanisms. Any authentication method that requires only the user's input can be performed with keyboard-interactive. In SSH Tectia, currently supported methods include password, PAM, RADIUS, and RSA SecurID.
LDAP is a directory access protocol, defined in RFC 2251 and RFC 1777, for accessing directories that support the X.500 Directory model, while not incurring the resource requirements of the X.500 Directory Access Protocol (DAP). This protocol is especially targeted at management applications and browser applications that provide interactive read/write access to directories. The protocol is carried directly over Transmission Control Protocol (TCP) or other transport, bypassing much of the session/presentation overhead of X.500 DAP.
A message-digest algorithm developed by Ron Rivest of RSA Security. It computes a secure, irreversible, cryptographically strong 128-bit hash value for a document. The algorithm is documented in RFC 1321. Newer 160-bit algorithms such as SHA-1 are thought to be more secure than MD5.
A message authentication code (MAC) is a short piece of information used to authenticate a message. A MAC algorithm accepts as input a secret key and an arbitrary-length message to be authenticated, and outputs a MAC. The MAC value protects the integrity and authenticity of the message, by allowing verifiers (who also possess the secret key) to detect any changes to the message content.
MVS (Multiple Virtual Storage), first released in 1974, is an operating system used on the IBM mainframe computers. Although the original MVS was discontinued several years ago, the term MVS is still commonly used to refer to operating systems based on the same architecture, including OS/390 and the current z/OS.
MVS systems are traditionally accessed by 3270 terminals, or by PCs running TN3270 emulators.
A network address translator is a device that is connected to two networks, and translates IP addresses in packets sent across it. Typically, one of the networks uses global addresses, and the other uses local addresses. NATs are common on the Internet, because the available IP address space is running scarce and NATs help large organizations to avoid renumbering their computers if they, for example, change Internet service providers.
In some applications, such as banking and e-commerce, it may be necessary to obtain certificate revocation status that is more timely than is possible with CRLs. OCSP may be used to determine the current revocation status of a digital certificate, instead of or as a supplement to checking against a periodically published CRL. OCSP is described in RFC 2560.
A passphrase is a string of characters. Whereas a password is used for authentication directly, a passphrase is only used to protect the actual information used for authentication, the private key.
A password is a string of characters such as numbers, letters and special characters, used for authenticating an entity against another. The strength of a password is measured by its "randomness", called entropy. If a password has a high level of entropy, it is difficult to guess using dictionary attacks.
This standard defines the usage of the RSA algorithm in encryption and digital signatures. It contains explicit suggestions for the encoding of keys and algorithm input formatting.
This standard defines the general syntax for data that may have cryptography applied to it. This data includes digital signatures and recursive digital envelope encoding for cryptographic objects.
This standard describes the syntax for private-key information, including the private key and the set of attributes. The standard also describes the syntax for encrypted private keys.
This standard defines a format for certification requests.
This standard defines CryptoKi, which is an interface for cryptographic devices (for example, smart cards and cryptographic accelerators).
This standard defines a portable format for storing or transporting a user's private keys, certificates, and miscellaneous secrets. PKCS #12 is supported by common web browsers for importing and exporting user private keys.
This standard defines how keys, certificates, and application-specific data may be stored on an ISO/IEC 7816 compliant smart card.
Public-Key Infrastructure (X.509); a collective name for an architecture and set of protocols based on X.509, drafted by an IETF working group of the same name.
Text which has not been encrypted. The opposite is ciphertext.
Pluggable Authentication Module is an authentication framework used in Unix systems. PAM allows stacking authentication modules and can be used to integrate login with different authentication mechanisms.
A suite of protocols for encryption, authentication, message integrity, and key management. For more information, see RFC 1421. PEM is commonly used to refer to an encoding method where binary objects such as certificates are converted to a printable format using a 64-character subset of the alphabet (this is also known as base-64 encoding).
In public-key cryptography the private key is only known to the holder, and it can be used to sign and decrypt messages.
Proxy is a cache server that acts as a firewall, protecting the local network. It allows an application inside the proxy to access resources on the global Internet.
In public-key cryptography the public key, which is included in the certificate, can be used to verify signatures and encrypt messages.
In contrast to symmetric (secret-key) cryptography with just one cipher key, in public-key cryptography each person or host has two keys. One is the private key, which is used for signing outgoing messages and decrypting incoming messages, the other is the , which is used by others to confirm the authenticity of a signed message coming from that person and for encrypting messages addressed to that person. The private key must not be available to anyone but its owner, but the public key is spread via trusted channels to anyone.
The PKCS standards are a document series from RSA Laboratories. Some of the most important PKCS standards include PKCS #1 for RSA encryption and signature formats, PKCS #7 for cryptographic message encapsulation, PKCS #10 for certification requests, and PKCS #11 for a cryptographic token interface commonly used with smart cards.
PKI consists of end entities possessing key pairs, certification authorities, certificate repositories (directories), and all the other software, components, and entities required when utilizing public-key cryptography.
Rabbit is a symmetric stream cipher introduced in 2003 by the Danish data security company Cryptico. Based on iterating a set of coupled nonlinear functions, it uses a 128-bit key and provides high security while still being extremely fast.
RADIUS is a protocol for checking a user's authentication and authorization information from a remote server. It is originally intended for authenticating dial-in users, but it is also suitable for use with Secure Shell. RADIUS is described in RFC 2865.
An optional entity in a PKI, separate from the CA(s). The functions that the RA performs will vary from case to case but may include identity authentication and name assignment, key generation, token distribution, and revocation reporting.
A document of the Internet Society under standardization. RFCs can be located at http://www.ietf.org/rfc.html.
Resource Access Control Facility (RACF) is a security system by IBM that provides access control and auditing functionality for the z/OS operating system.
A public-key encryption and digital signature algorithm, invented by Ron Rivest, Adi Shamir, and Leonard Adleman, and defined in PKCS #1. The RSA algorithm was patented by RSA Security, but the patent expired in September 2000.
The Secure Shell (SecSh) protocol was originally developed in 1995 by Tatu Ylönen, the founder of SSH Communications Security. Secure Shell replaces other, unsecured terminal applications (such as Rlogin, Telnet, and FTP), and allows forwarding arbitrary TCP/IP ports over the secure channel, enabling secure connection, for example, to an e-mail service.
There are two versions of the Secure Shell protocol. The current version, Secure Shell version 2 (SecSh v2, SSH2) provides several security improvements as compared to the original Secure Shell version 1 (SecSh v1, SSH1). SSH Tectia is based on SecSh v2, and SSH Communications Security considers SecSh v1 deprecated and does not recommend nor support its use anymore. The SSH2 protocol is defined in RFCs 4250-4256.
RSA SecurID is a widely-used two-factor authentication method based on the use of SecurID Authenticator tokens. The Authenticator token generates a random numerical code that the user needs to enter when connecting to a system. RSA ACE/Agent is used to verify the code. RSA ACE/Server acts as the management component handling the authentication requests and managing the authentication policies for enterprise networks.
A strong block cipher designed by Korea Information Security Agency (KISA) and a group of experts in 1998. SEED uses a block size of 128 bits and a key length of 128 bits. SEED is a national standard encryption algorithm in South Korea. It has also been adopted as an ISO/IEC standard (ISO/IEC 18033-3) and an IETF RFC (RFC 4269).
Improved version of the original Secure Hash Algorithm (SHA), designed by National Security Agency (NSA). The algorithm produces a 160-bit message digest and it is considered very good. It is part of the U.S. Digital Signature Standard (DSS) and it is defined by NIST in FIPS 180-1.
A shared secret, also known as pre-shared key (PSK) or simply shared key, is similar to a password in the sense that it is also used for authentication, but shared keys are often used to authenticate both entities at the same time. If both entities know the shared secret, they are assured of each others' identities.
A smart card, or an integrated circuit card, is a device for secure identification of users of information systems. Typically smart cards contain a processor that can do a private-key operation using a private key on the card, some kind of a file system that can hold certificates, public keys, or other data relevant for the use of the card.
SOCKS is a protocol for traversing through application gateway firewalls. It allows an application inside the firewall to access resources on the global Internet. The protocol is defined in RFC 1928.
The SSH Tectia client/server solution consists of SSH Tectia Client, SSH Tectia ConnectSecure, SSH Tectia Server, SSH Tectia Server for Linux on IBM System z and SSH Tectia Server for IBM z/OS.
SSH Tectia Client provides secure interactive file transfer and terminal client functionality for remote users and system administrators to access and manage servers running SSH Tectia Server or other applications using the Secure Shell protocol. It also supports (non-transparent) tunneling of TCP-based applications, and on Windows, transparent TCP tunneling.
SSH Tectia ConnectSecure is designed for FTP replacement. It is a client-side product that provides FTP-SFTP Conversion, enhanced file transfer, and transparent FTP and TCP tunneling services for connecting to a Secure Shell server.
SSH Tectia Manager is a security management platform designed to reduce the total cost of ownership of large multi-platform SSH Tectia environments. It enables administrators to enforce consistent security policy and to more efficiently monitor the state of their SSH Tectia security environments.
SSH Tectia Server is a server-side component where Secure Shell clients connect to. There are three versions of the product available: SSH Tectia Server for Linux, Unix and Windows, SSH Tectia Server for Linux on IBM System z, and SSH Tectia Server for IBM z/OS.
A subseries of Request For Comments (RFC) that specify Internet standards. The standards in the STD series also retain their RFC numbers.
A type of symmetric (secret-key) encryption algorithm that encrypts a single bit at a time. With a stream cipher, the same plaintext bit or byte will encrypt to a different bit or byte every time it is encrypted.
TN3270 is a remote-login protocol used by IBM 3270 mainframe computer terminal emulators. Like standard Telnet, TN3270 is natively unsecured.
The analysis of network traffic flow for the purpose of deducing information that is useful to an adversary. For example, frequency of transmission, the identities of the conversing parties, sizes of IP packets, and flow identifiers.
A widely used connection-oriented, reliable (but unsecured) communications protocol. This is the standard transport protocol used on the Internet. It is defined in STD 7 (RFC 793).
Transport Layer Security is a protocol providing confidentiality, authentication, and integrity for stream-like connections. It is typically used to secure HTTP connections. The protocol is being standardized by a working group of the IETF.
A strong and fast block cipher designed by Bruce Schneier. Twofish was one of the five final candidates for the United States government's new cipher standard, AES (Advanced Encryption Standard). Twofish uses a block size of 128 bits and a key length of up to 256 bits.
URLs are used to describe the location of web pages, and
are also used in many other contexts. An example of an URL is
http://www.ssh.com/products/tectia/index.html
. They are
defined in RFC 1738 and RFC 1808.
Unix System Services (USS) is a component of the IBM z/OS operating system. It allows Unix applications from other platforms to run on IBM mainframes.
A datagram-oriented unreliable communications protocol widely used on the Internet. It is a layer over the IP protocol. UDP is defined in STD 6 (RFC 768).
Virtual private networking is the use of encryption in the lower protocol layers to provide a secure connection through an otherwise unsecured network, typically the Internet. The encryption may be performed, for example, by firewall software or by a router.
The ITU-T X.509 recommendation defines the formats for X.509 certificate and X.509 CRL. Different X.509 applications are further defined by the PKIX Working Group of the IETF. These include X.509 version 3 public-key certificates and X.509 version 2 CRLs.