Professional Documents
Culture Documents
• VPN : Encrypted connection between private newtorks over public network (internet)
Must meet following requirements
Privacy خصوصية Prevent anyone from Reading the message while it is passing the Internet.
Authentication تحقق الهوية Process of Recognizing a user’s identity (not an attacker).
Data Integrity سالمة المحتوي No change in the message by someone while it is passing over Internet.
Anti-Replay Prevent anyone from Copying the message and sending it to fulfill.
IP Sec
• Contains several protocols for all security purposes.
Encryption • Sender : Encryption of Message + Adding VPN Header
• Receiver: Decryption of Message + Removing VPN Header
3 Algorithms of Encryption
- AES (Advances Encription Standard)
- DES (Data Encription Standard)
- 3DES
Key Change • Security gap key
• Must be protected from attackers while it is passing between users over internet.
DH (Defie Hellman) Protocol
- DH-1 (768 bit)
- DH-2 (1024 bit)
- DH-5 (1536 bit)
Symetric DH Asymetric DH
- Sender and Reiciever have same key - Sender and Reiciever have different key
- Fast data transfer - Slow data transfer
- Less secure - More secure
Integrity • Receiver makes sure that the message has not been changed by an attacker
Hashing function Algorithm
- MD-5 (Message Digest Alghorithm)
- SHA (Secure Hash Alghorithm)
Authentication • Pre-shared Key : Sender and Reiciever have same key
• Digital Signature
IP Sec Types
Esp AH
(Encapsulated Security Protocol) (Authentication Header)
Privacy خصوصية ✓ ✓
Authentication تحقق الهوية ✓ ✓
Data Integrity سالمة المحتوي ✓
Anti-Replay ✓
IP Sec Modes
• Transparent Mode : Adresses not encrypted, data sent only encrypted
• Tunnel Mode : (Adresses + data ) encrypted
SSL VPN (Secure Socket Layer) - Used in browsers (Google Chrome - Firefox)
- Used in to Secure connection during financial transactions
TLC (Transport Layer Security) - New developed protocol based on SSL