Chapters 22 & 23

SSL Alert Protocol

Responsible for conveying TLS-related alerts to the peer entity

Change Cipher Spec Protocol

Responsible for maintaining the cipher suite to be used for a particular connection

What protocols comprise SSL?

- Handshake Protocol - Alert Protocol - Change Cipher Spec Protocol - Heartbeat Protocol - Record Protocol

What is a Certificate Authority?

- In cryptography, a certificate authority is a third party entity responsible for issuing digital certificates, which certify the ownership of a public key by the named entity within the certificate - Therefore, whenever an entity needs another entity's public key, for message authentication, communication, etc., the entity can simply obtain the certificate via the certificate authority and verify the validity via the trusted signature attached to the certificate.

What is the difference between S/MIME and DKIM?

- S/MIME supports both encryption and signing while DKIM only supports signing - With S/MIME, signature generation and encryption is performed by the sender. With DKIM, signatures are applied by the mail server of the sender's domain - Similarly, DKIM is verified by the mail server of the recipient's domain while S/MIME signature and encryption are verified by the final recipient.

What are the two ways of providing authentication in IPSec?

- The combined authentication/encryption function known as Encapsulating Security Payload (ESP) - The authentication-only function called the Authentication Header

SSL Handshake Protocol

Allows the server and client to authenticate each other and to negotiate an encryption and MAC algorithm and cryptographic keys to be used to protect data sent between the two parties

What is an IPSec security association?

An IPSec security association is a one-way relationship between a sender and receiver that affords security services, namely authentication and confidentiality, to the traffic carried on it.

What is DKIM?

DomainKeys Identified Mail provides a specification for cryptographically signing e-mail messages, thereby allowing a signing domain to claim responsibility for a message sent.

List four functions supported by S/MIME

Enveloped data: - Encrypted content of any type and encrypted-content encryption keys for one or more recipients Signed data: - Digital signature formed by taking the message digest of the content to be signed, then encrypting that with the private key of the signer - A signed data message can only be viewed by a recipient with S/MIME capabilities Clear-signed data: - A digital signature of the content is formed; however, recipients without S/MIME capability can view the message content, although they cannot verify the signature Signed and enveloped data: - Signed-only and encrypted-only entities may be nested, so encrypted data may be signed, and signed data or clear-signed data may be encrypted.

What is the purpose of HTTPS?

HTTPS (HTTP over SSL) is the combination of HTTP and SSL to implement secure communication between a Web browser and a Web server. When HTTPS is used, the following communication elements are encrypted: - URL of request document - Contents of the document - Contents of the browser forms (filled in by browser user) - Cookies sent from browser to server and vice versa - Contents of the HTTP header

What services are provided by IPSec?

Packet authentication: - Assures that a received packet was transmitted by the party identified as the source in the header of the received packet - Assures that the packet has not been altered during transit Confidentiality: - Enables communicating nodes to encrypt messages to prevent eavesdropping by third parties Key management: - Provides a mechanism for the secure exchange of keys

SSL Heartbeat Protocol

Protocol consisting of the sending/receiving of heartbeat_request/heartbeat_response messages This protocol serves the following two purposes: 1. It assures the sender that the recipient is still alive, even though there may be little traffic over the underlying TCP connection for some time 2. The heartbeat generates activity across the connection during idle periods, so as to avoid closure by firewalls that prohibits idle connections

What is the difference between an SSL connection and an SSL session?

SSL Connection: - A connection is a transport, established between two remote hosts, that provides a suitable type of service and each connection is associated with one session SSL Session: - A session is an association between a client and server. Sessions define a set of cryptographic security parameters, which can be shared among multiple connections. In addition, sessions are used to avoid the negotiation of new security parameters for each connection.

What is S/MIME?

Secure/Multipurpose Internet Mail Extension is a security enhancement for the MIME Internet e-mail format standard, which itself extends the format of email messages to support text in character sets other than ASCII as well as attachments of audio, video, images, and application programs S/MIME provides the capability of signing and/or encrypting email-messages created using the MIME format standard

SSL Record Protocol

responsible for the fragmentation, compression, encryption, and attachment of an SSL header to the plaintext prior to transmission Provides the following two services for SSL connections: - Confidentiality - Message integrity