Entrust nShield Security Manual page 83

Audit logging
Audit logging, also known as syslog-sign, adds a number of control messages to the
log entries that are to be audited:
• Logs generated and signed on HSM
• Tamper detection
• Deletion Detection
• Optional key usage logging
• Public key verification of audit logs
• Compatibility with syslog and SIEM.
CAST
CAST is a symmetric encryption algorithm with a 64-bit block size and a key size of
between 40 bits to 128 bits (but only in 8-bit increments).
client identifier: R
SC
This notation represents an arbitrary number used to identify a client. In the nCore
API, all client identifiers are 20 bytes long.
Data Encryption Standard (DES)
The Data Encryption Standard (DES) is a symmetric cipher approved by NIST for use
with US Government messages that are Secure but not Classified. The
implementation of DES used in the module has been validated by NIST. DES uses a
64-bit block and a 56-bit key. DES keys are padded to 64 bits with 8 parity bits.
See also
Triple DES, Advanced Encryption Standard (AES)
Diffie-Hellman
The Diffie-Hellman algorithm was the first commercially published public key
algorithm. The Diffie-Hellman algorithm can only be used for key exchange.
Digital Signature Algorithm (DSA)
Also known as the Digital Signature Standard (DSS), the Digital Signature Algorithm
(DSA) is a digital signature mechanism approved by NIST for use with US
Government messages that are Secure but not Classified. The implementation of the
DSA used by nShield modules has been validated by NIST as complying with FIPS
186.
Digital Signature Standard (DSS)
nShield® Security Manual 83 of 90