VPN

Virtual Private Network

• VPN : Encrypted connection between private newtorks over public network (internet)
Must meet following requirements
Privacy ‫خصوصية‬ Prevent anyone from Reading the message while it is passing the Internet.
Authentication ‫تحقق الهوية‬ Process of Recognizing a user’s identity (not an attacker).
Data Integrity ‫سالمة المحتوي‬ No change in the message by someone while it is passing over Internet.
Anti-Replay Prevent anyone from Copying the message and sending it to fulfill.
IP Sec
• Contains several protocols for all security purposes.
Encryption • Sender : Encryption of Message + Adding VPN Header
• Receiver: Decryption of Message + Removing VPN Header
3 Algorithms of Encryption
- AES (Advances Encription Standard)
- DES (Data Encription Standard)
- 3DES
Key Change • Security gap key
• Must be protected from attackers while it is passing between users over internet.
DH (Defie Hellman) Protocol
- DH-1 (768 bit)
- DH-2 (1024 bit)
- DH-5 (1536 bit)
Symetric DH Asymetric DH
- Sender and Reiciever have same key - Sender and Reiciever have different key
- Fast data transfer - Slow data transfer
- Less secure - More secure

Integrity • Receiver makes sure that the message has not been changed by an attacker
Hashing function Algorithm
- MD-5 (Message Digest Alghorithm)
- SHA (Secure Hash Alghorithm)
Authentication • Pre-shared Key : Sender and Reiciever have same key
• Digital Signature
IP Sec Types
Esp AH
(Encapsulated Security Protocol) (Authentication Header)
Privacy ‫خصوصية‬ ✓ ✓
Authentication ‫تحقق الهوية‬ ✓ ✓
Data Integrity ‫سالمة المحتوي‬ ✓ 
Anti-Replay ✓ 
IP Sec Modes
• Transparent Mode : Adresses not encrypted, data sent only encrypted
• Tunnel Mode : (Adresses + data ) encrypted
SSL VPN (Secure Socket Layer) - Used in browsers (Google Chrome - Firefox)
- Used in to Secure connection during financial transactions
TLC (Transport Layer Security) - New developed protocol based on SSL