Skip to content

Page143

SSL and TLS

Secure Sockets Layer (SSL) brought the power of PKI to the Web. SSL authenticates and provides confidentiality to Web traffic. Transport Layer Security (TLS) is the successor to SSL. They are commonly used as part of HTTPS (Hypertext Transfer Protocol Secure).

When you connect to a website such as https://www.isc2.org, the data is encrypted. This is true even if you have not pre-shared a key: the data is encrypted out of the gate. This is done via asymmetric encryption: your browser downloads the digital certificate of www.isc2.org, which includes the site’s public key, signed by the Certificate Authority’s private key. If your browser trusts the CA (such as VeriSign), then this signature authenticates the site: you know it’s isc2.org and not a rogue site. Your browser then uses that public key to securely exchange a symmetric session key. The private key is stored on the isc2.org Web server, which allows it to decrypt anything encrypted with the public key. The symmetric key is then used to encrypt the rest of the session.

The ciphers used for authentication, key exchange, and symmetric encryption are flexible: your browser will negotiate each with the server. Supported algorithms include (but are not limited to) RSA and Diffie-Hellman for key exchange, RSA and Digital Signature Algorithm (DSA) for authentication, and AES and triple DES for confidentiality.

SSL was developed for the Netscape Web browser in the 1990s. SSL 2.0 was the first released version; SSL 3.0 fixed several security issues with version 2. TLS was based on SSL 3.0. TLS is very similar to that version, with some security improvements. Although typically used for HTTPS to secure Web traffic, TLS may be used for other applications such as Internet chat and email client access. TLS 1.3 is the current version.

IPsec

IPsec (Internet Protocol Security) is a suite of protocols that provide a cryptographic layer to both IPv4 and IPv6. It is one of the methods used to provide Virtual Private Networks (VPN), which allow you to send private data over an insecure network, such as the Internet (the data crosses a public network but is “virtually private”). IPsec includes two primary protocols: Authentication Header (AH) and Encapsulating Security Payload (ESP). AH and ESP provide different, and sometimes overlapping functionality.

Supporting IPsec protocols include Internet Security Association and Key Management Protocol (ISAKMP) and Internet Key Exchange (IKE).

Note
This chapter describes the cryptographic aspects of IPsec: see Chapter 5, Domain 4: Communication and Network Security, for the network-related aspects of IPsec.

AH and ESP

Authentication Header provides authentication and integrity for each packet of network data. AH provides no confidentiality; it acts as a digital signature for the data. AH also protects against replay attacks, where data is sniffed off a network and resent, often in an attempt to fraudulently reuse encrypted authentication credentials.

Encapsulating Security Payload primarily provides confidentiality by encrypting packet data. It may also optionally provide authentication and integrity.

Security Association and ISAKMP

AH and ESP may be used separately or in combination. An IPsec Security Association (SA) is a simplex (one-way) connection that may be used to negotiate ESP or AH parameters. If two systems communicate via ESP, they use two SAs (one for each direction). If the systems leverage AH in addition to ESP, they use two more SAs, for a total of four. A unique 32-bit number called the Security Parameter Index (SPI) identifies each simplex SA connection. The Internet Security Association and Key Management Protocol (ISAKMP) manages the SA creation process.