Table of Contents
Advertisement
Supported Cipher Strings and Meanings
The following table lists each supported cipher string alias and its
significance.
Table 7
Cipher Strings and Meanings
Cipher String Aliases
DEFAULT
ALL
HIGH
MEDIUM
LOW
EXPORT
EXPORT40
EXPORT56
eNULL, NULL
aNULL
kRSA, RSA
kEDH
aRSA
SSLv3, SSLv2
DH
Copyright © 2007-2008 Nortel Networks
.
Unable to download NetDirect from VPN server 181
Meaning
The default cipher list, which corresponds to
ALL@STRENGTH.
All cipher suites except the eNULL ciphers,
which must be explicitly enabled.
Cipher suites with key lengths larger than 128
bits.
Cipher suites using 128 bit encryption.
Includes cipher suites using 64 or 56 bit
encryption, but excludes export cipher suites.
Includes cipher suites using 40 and 56 bit
encryption.
Cipher suites using 40 bit export encryption
only.
Cipher suites using 56 bit export encryption
only.
Cipher suites that do not offer any encryption
at all. Because the use of such ciphers pose
a security threat, they are disabled unless
explicitly included.
Cipher suites that do not offer authentication,
like anonymous DH algorithms. The use
of such cipher suites is not recommended,
because they facilitate man-in-the-middle
attacks.
Cipher suites using RSA key exchange.
Cipher suites using ephemeral Diffie-Hellman
key agreement.
Cipher suites using RSA authentication, which
implies that the certificates carry RSA keys.
SSL version 3.0 and SSL version 2.0 cipher
suites, respectively.
Cipher suites using DH encryption algorithms,
including anonymous DH.
Nortel VPN Gateway
User Guide
NN46120-104 02.01 Standard
14 April 2008
Advertisement
Table of Contents
