issuhub.com

CEH

(Jeff_L) #1

Applications of Cryptography 71


coercing a user to accept a self-signed certificate, exploiting vulnerabilities in a web
browser, or taking advantage of the certificate approval process to receive a valid certificate
and apply it to the attacker’s own site.


Applications of Cryptography


Cryptography can be applied in communication of data and information, which we will see
in the form of IPSec, SSL, and PGP. In this section we will examine these applications and
see how cryptography fits in.


IPSec


Internet Protocol Security (IPSec) is a set of protocols designed to protect the confidential-
ity and integrity of data as it flows over a network. The set of protocols is designed to oper-
ate at the Network layer of the OSI model and process packets according to a predefined
group of settings.
Some of the earliest mechanisms for ensuring security worked at the Application layer of
the OSI model. IPSec is a new technology that works at the Network layer of the OSI model
and has proven to be more successful than many of the previous methods. IPSec has been
widely adopted not only because of its tremendous security benefits, but also because of
its ability to be implemented without major changes to individual computer systems. IPsec
is especially useful for implementing virtual private networks and for remote user access
through dial-up connection to private networks.
IPSec provides two mechanisms for protecting information: Authentication Header and
Encapsulating Security Payload. The two modes differ in what they provide:


■ Authentication Header (AH) provides authentication services and provides a way to


authenticate the sender of data.

■ Encapsulating Security Payload (ESP) provides a means to authenticate information as


well as encrypt the data.

The information associated with each of these services is inserted into the packet in a
header that follows the IP packet header. Separate key protocols, such as the ISAKMP/Oak-
ley protocol, can be selected.
The following steps show you how to create an IPSec Negotiation policy on Computer A:



  1. On Computer A, click Start ➢ All Programs ➢ Administrative Tools, and then select
    Local Security Policy.

  2. Right-click the IP Security Policies on the Local Computer node, and then choose Cre-
    ate IP Security Policy.

  3. On the Welcome screen of the IP Security Policy Wizard, click Next.

  4. In the Name field, type Secure21. In the Description field, type Policy to encrypt FTP,
    and then click Next.

Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2025. All rights reserved.