8: 5 Transport Encryption Flashcards
TLS
Transport Layer Security - Encrypts network communication over public networks using keys. Uses other cryptographic algorithms.
How does TLS work
Client sends request to server, asking that server initiates a secure session using a list of cypher suites. Server then analyzes the list of suites and sends a message back indicating the preferred list of cypher suites and the server’s digital certificate. Client then validates the certificate using CA’s public key and all information is valid/matches. Then client creates a session key that is encrypted by the server’s public key before being send to the server. Server then decrypts. TLS handshake and key destroyed afterword.
Session key
Random encryption key that is symmetric that will be used for single session between client and server.
SSL
Secure Sockets Layer (insecure predecessor to TLS)
OpenSSL
Open-source TLS project for every operating system.
SSL Inspection
Performs a friendly man-in-the-middle attack to inspect network traffic.
IPsec
Internet Protocol Security - set of protocols meant to add security to TCP/IP
ESP protocol
Encapsulating Security Payload - used by IPSec to provide confidentiality and integrity protection for packet payloads
AH protocol
Authentication Header - used by IPSec to provide integrity protection for packet headers and payloads
SA
Security Associations - Identifies cryptographic algorithms
Site-to-Site VPNs
Encrypted tunnels connecting two networks together in a manner that is transparent to users (tunnel mode)
End-User VPNs
Provide encrypted remote network access for individual systems (transport mode)
HTTPS
Adds TLS to web browsing, providing security for entire web session
Telnet vs SSH
Both used to connect remotely to systems using command line. Telnet is insecure, SSH is secure.
FTP
File Transfer Protocol used to send files
