Networking II To create a secure connection to a web site, you use an encrypted

Question

Networking II

To create a secure connection to a web site, you use an encrypted connection with transport layer security. Secure Socket Layer (SSL) has been broken and should be disabled on both the server and the Client. Transport layer Security (TLS) has been broken for TLS1.0, and TLS1.1. This leaves TLS 1.2 as the only SSL type encryption available. TLS 1.3 is in test.

The IETF has said that they would like to encrypt all traffic on the Internet. All that being said: IPv6 has the capability to do encryption with IPSec. Could IPSec be used for web sites communications and could it be used to encrypt all traffic?

Explanation / Answer

Follw the below answer.

Could IPSec be used for web sites communications and could it be used to encrypt all traffic?

Answer:

Internet Protocol Security (IPsec) protocol suite is used for secure website communications involving authenticity and encryption for each IP Packet over a communication network in the transmission session where it supports network-level peer authentication, data integrity, data secrecy through encryption and rejoin protection.

IPsec is required to establish a mutual authenticity among the agents when the session begins to negotiate using cryptographic keys for protecting data flows in a (host-to-host) connectivity or security gateways for network-to-network and a network-to-host connectivity.

As IPsec be a pair wise security scheme involving to execute in the Internet Layer where as Transport Layer Security (TLS) , Secure shell (SSH), Secure Socket Layer (SSL)can operate in the upper layers of the Transport Layer (TLS) and the Application layer (SSH).

There fore it is concluded that IPsec protects all application traffic over a network at the IP layer,such as secure intra node connectivity , remote access , extranet and intranet connectivity over the Internet using SSL,SSH.

For ensuring a secure networking the organizations use various security methodologies for application security purpose.

Generally there are three different security domains like virtual private networks where IPsec is very much appropriate for security like application-level security and routing security, using two modes of operation like transport mode and tunnel mode.

Incase of transport mode, the source and sink will directly operate through all cryptographic operations as an encrypted data is forwarded by a tunnel L2TP (Layer 2 Tunneling Protocol) where cipher text data is encrypted by the source and retrieved by sink for establishing an end-to-end security.

On the other hand operating in tunnel mode gateways are required for cryptographic processing for the source and destination hosts.

Generally there are two types of data packet encodings (DPE) are used such as authentication header (AH) providing authenticity and packet integrity through MACs message authentication codes , and another mode is encapsulating security payload (ESP) where header is required for encryption, data encapsulation and data confidentiality through symmetric key encryption and using security parameter index (SPI) algorithm.

IPsec can maintain a database of the security association (SA) which is called as Security Association Database (SAD) to store all SAs on behalf of gateways, firewall, router and end user.

Related Questions

Navigate

• Browse (All)
• Browse N
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.