Both are industry standards and are used in millions

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: tion of session keys to encipher the message. — The encryption technique to the enciphering of data using keys generated from the premaster key. VPN IPsec IKE v2 TLS M. Mogollon – 01/08 - 32 • The TLS and SSL protocols are used to secure a client-server communication over the Internet, and they negotiate and provide the essential functions of a secure transaction: mutual authentication, data encryption, and data integrity. There are two SSL versions: SSL 2.0 supports server authentication only; SSL 3.1 supports both client and server authentication. TLS 1.0 and 1.1 support both client and server authentication. • TLS and SSL allow users to define the level of security that best meets their needs. Both are industry standards and are used in millions of Internet transactions. Users can select RC4, DES, 3DES, or AES for encryption and, for authentication, they can select RADIUS (username and password), RSA SecurID (username and token + pin), or X.509 digital certificates. • A secure client-server communication requires server and client authentication, a cryptographic key exchange where both parties agree on a pre-master secret key, and the enciphering of data using keys generated from the pre-master key. When a client and a server agree to communicate using the TLS or SSL protocol, they also need to agree on several other key points: (1) Which protocol and version (TLS 1.0, 1.1, SSL2 or SSL3) to use, as well as which cryptographic algorithm; (2) Whether or not to authenticate each other; (3) That certain public-key encryption techniques will be used to generate a pre-master secret key; and (4) That session keys will be created to encipher the message. These processes are performed in the TLS or SSL Handshake Protocol. • In all TLS and SSL handshakes, the client will authenticate and verify the identity of the server using digital certificates. The server can also request that the client sends a client digital certificate (optional). An important advantage of TLS and SSL is their ability to negotiate unique encryptio...
View Full Document

This note was uploaded on 05/26/2010 for the course TECH 6350 taught by Professor Mogollon during the Spring '10 term at University of Arkansas for Medical Sciences.

Ask a homework question - tutors are online