Review Question Edit
What protocols comprise SSL ? What services are provided by the SSL Record protocol ? Edit
SSL Record Protocol - provides confidentiality (encrypts the messages) and integrity (message-authentication).
SSL Handshake Protocol - initializes a connection. Sets the shared key, the MAC and encryption algorithms to use.
SSL Cipher Spec Change Protocol - updates the cipher suite to be used. (used by the handshake protocol)
SSL Alert Protocol - provides alerts (priority and type) for events that occur in a connection (e.g. bad MAC).
1. Confidentiality - the Handshake protocol defines a shared secret key that is used for conventional encryption of SSL protocols
2. Integrity - the Handshake protocol defines a shared secret key that is used to form a message authentication code (MAC)
What is the difference between SSL Connection and SSL Session? Edit
SSL Session מכיל כמה SSL Connection.
SSL Session מגדיר פרמטרים שונים לצורך התקשורת המאובטחת, בעוד התקשורת עצמה מתבצעת דרך SSL Connection.
1. SSL connection is a transient, peer-to-peer, communication link. Each SSL connection is asociated with one SSL session.
2. SSL session is an association between client and server that has been created by the handshake protocol. It defines a set of cryptographic parameters. One SSL session can be associated with multiple SSL connections (source: Data Security Lectures)
What serrvices are provided by IPSec? Edit
Authentication - when using either Authentication Header (AH) or Encapsulating Security Payload (ESP).
Encryption - when using ESP.
Key Management - creation and exchange of secret keys.
What is an IPSec security association? Edit
An SA defines the security parameters for the traffic in one way:
Security Parameters Index (SPI)
IP Destination Address
Security Protocol Identifier - either AH or ESP.
What are two types of providing authentication in IPSec? Edit
IPSec uses HMAC with either MD5 or SHA-1 hash functions.