Security Protocols

Security Protocols

Security Protocols

Layer 2 Tunneling Protocol (L2TP)

• Supports non TCP/IP protocols in VPN, Data-Link layer

Internet Protocol Security (IPSec)

• Authentication and Encryption over Internet, Network Layer, secures layers above it

Secure Socket Layer (SSL)

• Based on RSA public key encryption, secure Session Layer (service independent)

• Security for 802.11b wireless network

• Uses RC4 encryption, 40, 64, 128 bits long

• Uses random key (Initialization Value, or IV, and preset key)

Wi-Fi Protected Access (WPA)

• Enhance WEP (integrated through simple software upgrade)

• TKIP: Temporal Key Integrity Protocol encrypts the key, harder to intercept

• User Authentication: Uses EAP (Extensible Authentication Protocol) to ensure user is valid

802.1x

• Asks access point for permission to enter and provides its credentials, server send back an accept message, no encryption (authentication only)

Password Authentication Protocol (PAP)

• Simple system of Username and Password

Challenge Handshake Authentication Protocol (CHAP)

• Improvement over PAP

• Shared secret stored locally in clear text

• Username/Password never cross the wire

• Client/Server configured with same text phrase (shared secret)

- Server sends out random value (nonce) plus an ID value
- Client takes two strings, concatenates shared secret, hashes, sends back
- If they match, client is validated

Microsoft Challenge Handshake Authentication Protocol (MS-CHAP)

• Encrypt the shared secret locally

• Mutual Authentication (client ensures server is valid as well) (Version 2+ only)

• Windows-only protocol

• Encryption method used is DES

Remote Authentication Dial-In User Service (RADIUS)

• Authenticating users over various types of links (including dialup)

• Central location for usernames/password

Top 5 Contributors to this article