Scribd Logo
Upload

Welcome to Scribd!

  • IPSEC: Network Layer Security: Secure Sockets Layer (SSL) SSL (Continued)

    Uploaded by

    maher moon
    14 views2 pages
    Secure Socket Layer (SSL) provides security for TCP-based applications by encrypting data transmission and allowing for authentication. It is commonly used for secure web browsing (HTTPS) and protects any application using TCP. SSL uses public key cryptography for authentication, where the server has a certificate signed by a trusted certificate authority that is validated by the client. It then establishes an encrypted session using a symmetric key to encrypt all further communication. At the network layer, IPsec uses two main protocols - Authentication Header and Encapsulating Security Payload - to provide authentication, integrity and confidentiality to IP packets through security associations and encryption. These techniques are foundational aspects of network security that are applied in various scenarios like secure email, transport layers, and

    Original Description:

    security leturer

    Original Title

    5-1-4up

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Secure Socket Layer (SSL) provides security for TCP-based applications by encrypting data transmission and allowing for authentication. It is commonly used for secure web browsing (HTTPS) and protects any application using TCP. SSL uses public key cryptography for authentication, where the server has a certificate signed by a trusted certificate authority that is validated by the client. It then establishes an encrypted session using a symmetric key to encrypt all further communication. At the network layer, IPsec uses two main protocols - Authentication Header and Encapsulating Security Payload - to provide authentication, integrity and confidentiality to IP packets through security associations and encryption. These techniques are foundational aspects of network security that are applied in various scenarios like secure email, transport layers, and

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    14 views2 pages

    IPSEC: Network Layer Security: Secure Sockets Layer (SSL) SSL (Continued)

    Uploaded by

    maher moon
    Secure Socket Layer (SSL) provides security for TCP-based applications by encrypting data transmission and allowing for authentication. It is commonly used for secure web browsing (HTTPS) and protects any application using TCP. SSL uses public key cryptography for authentication, where the server has a certificate signed by a trusted certificate authority that is validated by the client. It then establishes an encrypted session using a symmetric key to encrypt all further communication. At the network layer, IPsec uses two main protocols - Authentication Header and Encapsulating Security Payload - to provide authentication, integrity and confidentiality to IP packets through security associations and encryption. These techniques are foundational aspects of network security that are applied in various scenarios like secure email, transport layers, and

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 2

    SSL (continued)

    Secure sockets layer (SSL)


    Encrypted SSL session: ❒ SSL: basis of IETF
    ❒ Server authentication: ❒ Browser generates Transport Layer Security
    ❒ PGP provides security for a
    SSL-enabled browser symmetric session key, (TLS) RFC 2246.
    specific network app. ❍
    encrypts it with server’s
    includes public keys for ❒ SSL can be used for non-
    ❒ SSL works at transport trusted CAs. public key, sends encrypted
    layer. Provides security to key to server. Web applications, e.g.,
    ❍ Browser requests server
    any TCP-based app using IMAP.
    certificate, issued by ❒ Using its private key, server
    SSL services. trusted CA. decrypts session key. ❒ Client authentication can
    ❒ SSL: used between WWW
    ❍ Browser uses CA’s public ❒ Browser, server agree that be done with client
    key to extract server’s future msgs will be certificates.
    browsers, servers for I- public key from
    commerce (shttp). certificate. encrypted.
    ❒ Visit your browser’s ❒ All data sent into TCP
    ❒ SSL security services:
    security menu to see its socket (by client or server)
    ❍ server authentication is encrypted with session
    trusted CAs.
    ❍ data encryption key.
    ❒ www.openssl.org for more
    ❍ client authentication
    info
    (optional)

    7: Network Security 39 7: Network Security 40

    Authentication Header (AH) Protocol


    IPSEC: Network Layer Security
    AH header includes:
    ❒ Network-layer secrecy: ❒ Provides source host
    ❒ RFCs 2401, 2411, 2402, 2406 authentication, data ❒ connection identifier
    ❍ sending host encrypts the
    ❒ For both AH and ESP, source, integrity, but not secrecy. ❒ authentication data: signed
    data in IP datagram
    destination handshake: ❒ AH header inserted message digest, calculated
    ❍ TCP and UDP segments;
    ❍ create network-layer between IP header and IP over original IP datagram,
    ICMP and SNMP logical channel called a providing source
    messages. data field.
    (service agreement-no) authentication, data integrity.
    (security agreement-no) ❒ Protocol field = 51.
    ❒ Network-layer authentication
    ❒ Next header field: specifies
    security association (SA) ❒ Intermediate routers
    ❍ destination host can type of data (TCP, UDP, ICMP,
    authenticate source IP ❒ Each SA unidirectional process datagrams as usual.
    etc.)
    address ❒ Uniquely determined by:
    ❍ security protocol (AH or
    ❒ Two principle protocols:
    ESP)
    ❍ authentication header
    ❍ source IP address
    (AH) protocol
    ❍ 32-bit connection ID
    ❍ encapsulation security
    payload (ESP) protocol
    7: Network Security 41 7: Network Security 42
    ESP Protocol Network Security (summary)
    ❒ Provides secrecy, host ❒ ESP authentication Basic techniques…...
    authentication, data field is similar to AH
    integrity. ❒ cryptography (symmetric and public)
    authentication field.
    ❒ Data, ESP trailer ❒ authentication
    ❒ Protocol = 50.
    encrypted. ❒ message integrity
    ❒ Next header field is in ❍ message digest
    ESP trailer. ❍ digital signatures

    …. used in many different security scenarios


    ❒ secure email
    ❒ secure transport (SSL)
    ❒ IP sec
    See also: firewalls , in network management
    7: Network Security 43 7: Network Security 44

    You might also like