session_09_vpn__ipsec__and_tls_101908

In ipsec ike internet key exchange for example the

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: ges) A modular exponentiation group with a 768 bit modulus A modular exponentiation group with a 1024 bit modulus An elliptic curve group over GF [2^155] A modular exponentiation group with a 1536 bit modulus A modular exponentiation group with a 2048 bit modulus A modular exponentiation group with a 3072 bit modulus. A modular exponentiation group with a 4096 bit modulus. A modular exponentiation group with a 6144 bit modulus. A modular exponentiation group with a 8192 bit modulus. IPsec IKE v2 TLS M. Mogollon – 01/08 - 31 • In IPsec and IKEv2, the groups are predetermined and the initiator and responder agree to one of the nine groups during the Security Association. • In IPSec IKE (Internet Key Exchange), for example the Group 2 is used to identify a 1024 bit modulus. • If the Group is 2, then the receiving unit knows that g=2 p = 21536 – 21472 - 1 + 264 * { [21406 pi] + 741804 }. p= 1797693134862315907708391567937874531978602960487560117064444236841971802161585193 6894783379586492554150218056548598050364644054819923910005079287700335581663922955 3136239076508735759914822574862575007425302077447712589550957937778424442426617334 727629299387668709205606050270810842907692932019128194467627007 It has been rigorously verified that p is a prime. 31 VPN, IPSec and TLS TLS and SSL • TLS and SSL protocols are used to secure the communication between a client (Web browser) and a server (Web Server) over the Internet. • TLS versions 1.1, 1.0, and SSL 3.1 and 3.0 are very similar. TLS and SSL clients are built into all web browsers. • TLS and SSL provide mutual authentication (digital signature), confidentiality (data encryption), and data integrity (hash algorithms). • A secure client-server communication requires: — Which protocol and version (TLS 1.0, 1,1, SSL2 or SSL3) to use and which cryptographic algorithm will be used. — Whether or not to authenticate each other. Server and client authentication. — The type of cryptographic key exchange where both parties agree on a pre-master secret key — The crea...
View Full Document

Ask a homework question - tutors are online