Manualshelf

Nonstop Volume Level Encryption Guide

ManualsBrandsHP ManualsServerHP Integrity NonStop H-Series
51525354555657585960
Glossary of terms used in this manual
A
AES Advanced Encryption Standard is an encryption standard adopted by the U.S. government. The
standard comprises three block ciphers, AES-128, AES-192 and AES-256. Each AES cipher has
a 128-bit block size, with key sizes of 128, 192 and 256 bits, respectively. AES ciphers have
been analyzed extensively and are now used worldwide.
B
Block cipher A symmetric key cipher operating on fixed-length groups of bits, termed blocks, with an unvarying
transformation. For example, a block cipher encryption algorithm might take a 128-bit block of
plaintext as input, and output a corresponding 128-bit block of ciphertext. The exact transformation
is controlled using a second input, the key. Decryption is similar: the decryption algorithm takes
a 128-bit block of ciphertext together with the secret key, and yields the original 128-bit block
of plaintext.
Blowfish Akeyed, symmetric block cipher, designed in 1993 by Bruce Schneier and included in a large
number of cipher suites and encryption products. Blowfish provides a good encryption rate in
software and no effective cryptanalysis of it has been found to date. However, the Advanced
Encryption Standard is more widely used.
C
CA Certificate Authority. Creates client certificates for authentication. A trusted third-party organization
or company that issues digital certificates used to create digital signatures and public-private key
pairs. The role of the CA in this process is to guarantee that the individual granted the unique
certificate is, in fact, who he or she claims to be.
CBC Cipher-block chaining. A block-cipher mode of operation invented by IBM in 1976. Each block
of plaintext is XORed with the previous ciphertext block before being encrypted. This way, each
ciphertext block is dependent on all plaintext blocks processed up to that point. To make each
message unique, an initialization vector must be used in the first block.
Certificate name The name of the certificate; this name is used internally by the ESKM. With the ESKM Management
Console you can click the certificate name to view properties and access the certificate information.
CN Common Name. Name of entity to which a certificate is issued.
D
DES Data Encryption Standard. A block cipher that was selected by the National Bureau of Standards
as an official Federal Information Processing Standard (FIPS) for the United States in 1976 and
which has subsequently enjoyed widespread use internationally. It is based on a symmetric-key
algorithm that uses a 56-bit key.
E
ESKM Enterprise Services Key Manager. Device that generates and stores keys.
F
FIPS Federal Information Processing Standard Publication. A standard for security categorization of
federal information and information systems.
G
GCM Galois/Counter Mode. A mode of operation for symmetric key cryptographic block ciphers. It is
an authenticated encryption algorithm designed to provide both authentication and privacy.
GCM mode is defined for block ciphers with a block size of 128 bits.
59