This article is part 5 and the final installment of a series that describe the the acronyms that are likely found in a student’s CCNA Security studies. This article addresses the acronyms that are relevant to Virtual Private Networks.
3DES (3 Data Encryption Standard)–pronounced “Triple-Dez”, a symmetric block cipher encryption standard also known as Triple Data Encryption Algorithm that is based on the earlier standard known simply as DES
AH (Authentication Header)–cryptography protocol that provides integrity and origin authentication
AES (Advanced Encryption Standard)–encryption standard for symmetric encryption that is considered a successor to 3des and based on configureable key lengths of 128, 192 and 256 bits
CA (Certificate Authority)–in a PKI architecture, the entity that signs a key or code in the form of a digital certificate
D-H (Diffie-Hellman)–a key establishment or key agreement protocol that allows two devices (or users) to negotiate a secret key over an insecure medium without any prior keys
DTLS (Datagram Transport Layer Security)–a method for providing an encrypted tunnel similar to SSL but utilizing UDP as a transport layer
HMAC (Hash Message Authentication Codes)–process used with MD5 or SHA to provide integrity checking and authentication of a message
IKE (Internet Key Exchange)–part of the IPSec framework, a group of algorithms that are used together to negotiate security associations
IPSec (Internet Protocol Security)–suite or framework of protocols that are used together to create encrypted and authenticated tunnel between two endpoints for transmission of sensitive data over a public network
MD5 (Message Digest 5)–hash algorithm that that produces a 128 bit value. Used alongside HMAC in IPSec in order to provide integrity checking and authentication of a message
PKI (Public Key Infrastructure)–an infrastructure based on public/private key pairs that establishes a chain of trust utilizing by certificate authorities
PSK (Pre-shared Key)–a common password that is agreed upon between two peers for purposes of authentication
SHA (Secure Hash Algorithm)–hash algorithm that that produces a 160 bit value. Used alongside HMAC in IPSec in order to provide integrity checking and authentication of a message. Also available in variants that produce longer hash values
SSL (Secure Sockets Layer)–protocol that utilizes PKI to provide secure communications between endpoints. Commonly used with http in the form of https
TLS (Transport Layer Security)–successor to SSL providing secure communications between endpoints. Also commonly used with http in the form of https
VPN (Virtual Private Network)–a technique that provides a secure and encrypted connection for sensitive data over a private network