User`s guide

ManualsBrandsCisco ManualsComputer equipmentOL-4015-08

641

642

643

644

645

646

647

648

649

650

GL-7

Cisco Router and Security Device Manager Version 2.2 User’s Guide

OL-4015-08

Glossary

DES

Data Encryption Standard. Standard cryptographic algorithm developed and

standardized by the U.S. National Institute of Standards and Technology (NIST).

Uses a secret 56-bit encryption key. The DES algorithm is included in many

encryption standards.

DHCP

Dynamic Host Configuration Protocol. Provides a mechanism for allocating IP

addresses to hosts dynamically, so that addresses can be reused when hosts no

longer need them.

DH, Diffie-Hellman

A public key cryptography protocol that allows two parties to establish a shared

secret over insecure communications channels. Diffie-Hellman is used within

Internet Key Exchange (IKE) to establish session keys. Diffie-Hellman is a

component of Oakley key exchange.

Diffie-Hellman key

exchange

A public key cryptography protocol that allows two parties to establish a shared

secret over insecure communication channels. Diffie-Hellman is used within

Internet Key Exchange (IKE) to establish session keys. Diffie-Hellman is a

component of Oakley key exchange. Cisco IOS software supports 768-bit and

1024-bit Diffie-Hellman groups.

digest

The output of a hash function.

digital certificate

A cryptographically signed, digital representation of user or device attributes

that binds a key to an identity. A unique certificate attached to a public key

provides evidence that the key has not been compromised. A certificate is issued

and signed by a trusted certification authority, and binds a public key to its

owner. Certificates typically include the owner’s name, the owner’s public key,

the certificate’s serial number, and the certificate’s expiration date. Other

information might also be present. See X.509.

digital signature

An authentication method that permits the easy discovery of data forgery, and

prevents repudiation. Additionally, the use of digital signatures allows for

verification that a transmission has been received intact. Typically includes a

transmission time stamp.

distributed key

A shared cryptographic key that is divided into pieces, with each piece provided

to a different participant.

DLCI

data-link connection identifier. In Frame Relay connections, the identifier for a

particular data link connection between two endpoints.