This preview shows page 1. Sign up to view the full content.
Unformatted text preview: tion of session keys to encipher the message.
— The encryption technique to the enciphering of data using keys generated from the premaster key. VPN IPsec IKE v2 TLS M. Mogollon – 01/08 - 32 • The TLS and SSL protocols are used to secure a client-server communication over the Internet,
and they negotiate and provide the essential functions of a secure transaction: mutual
authentication, data encryption, and data integrity. There are two SSL versions: SSL 2.0 supports
server authentication only; SSL 3.1 supports both client and server authentication. TLS 1.0 and 1.1
support both client and server authentication.
• TLS and SSL allow users to define the level of security that best meets their needs. Both are
industry standards and are used in millions of Internet transactions. Users can select RC4, DES,
3DES, or AES for encryption and, for authentication, they can select RADIUS (username and
password), RSA SecurID (username and token + pin), or X.509 digital certificates.
• A secure client-server communication requires server and client authentication, a cryptographic
key exchange where both parties agree on a pre-master secret key, and the enciphering of data
using keys generated from the pre-master key. When a client and a server agree to communicate
using the TLS or SSL protocol, they also need to agree on several other key points: (1) Which
protocol and version (TLS 1.0, 1.1, SSL2 or SSL3) to use, as well as which cryptographic
algorithm; (2) Whether or not to authenticate each other; (3) That certain public-key encryption
techniques will be used to generate a pre-master secret key; and (4) That session keys will be
created to encipher the message. These processes are performed in the TLS or SSL Handshake
• In all TLS and SSL handshakes, the client will authenticate and verify the identity of the server
using digital certificates. The server can also request that the client sends a client digital certificate
(optional). An important advantage of TLS and SSL is their ability to negotiate unique encryptio...
View Full Document
This note was uploaded on 05/26/2010 for the course TECH 6350 taught by Professor Mogollon during the Spring '10 term at University of Arkansas for Medical Sciences.
- Spring '10