Chapter 22

Difference between http and https

Http operates at application level while https operates at the transfer level. Http also does not require SSL certificates, while it is required for Https. There is also no encryption in Http, while there is data encryption before sending in Https.

What services are provided by IPsec

Access control, Connectionless integrity, Data origin authentication, rejection of replayed packets (a form of partial sequence security), Confidentiality (encryption), Limited traffic flow confidentiality

Difference between transfer and tunnel modes

In transport mode, the IP addresses in the outer header are used to determine the IPsec policy that will be applied to the packet. In tunnel mode, two IP headers are sent. The inner IP packet determines the IPsec policy that protects its contents.

How is TLS used

Transport Layer Security (TLS) encrypts data sent over the Internet to ensure that eavesdroppers and hackers are unable to see what you transmit.

What are the two ways of providing authentication in IPsec

Tunnel and Transport modes.

What is the difference between an SSL connection and an SSL session

an SSL connection is a transport between two media (browser and server) which offers secure communication without any interrupt. An SSL session is a process of maintaining a secured connection during the secured communication.

What services are provided by the SSL Record Protocol

1. Confidentiality: the Handshake Protocol defines a shared secret key that is used for conventional encryption of the SSL payloads. 2. Message integrity: the Handshake Protocol also defines a shared secret key that is used to form a message authentication code (MAC).

What is an IPsec security association

A security association is a one way relationship between sender and receiver defining security services It specifies things like: - authentication algorithm (AH) - encryption algorithm (ESP) - keys - key lifetimes - lifetime of security association

What is DKIM

DKIM (Domain Keys Identified Mail) is an email authentication technique that allows the receiver to check that an email was indeed sent and authorized by the owner of that domain. This is done by giving the email a digital signature. This DKIM signature is a header that is added to the message and is secured with encryption.

List four functions supported by S/MIME

Enveloped Data: enveloped content and associated keys Signed Data: encoded message + signed digest Clear signed data: cleartext message + signed digest signed and enveloped data: nesting of signed and encrypted entities

difference between S/MIME and a domain key

S/MIME and DKIM are totally independent from each other. S/MIME signature and encryption is applied by the sender (end user) while DKIM signatures are applied by the mail server of the senders domain.

What protocols comprise SSL

The Hypertext Transfer Protocol (HTTP) operates on top of the SSL, but the following are defined as part of the SSL: - the Handshake Protocol - the Change Cipher Spec Protocol - Alert Protocol.

What is the purpose of HTTPS

to implement secure communication between a Web browser and a Web server.