16. Real-Time Communication Security
A real-time protocol is one in which the parties negotiate interactively to authenticate each other and establish a session key, in contrast to a protocol such as email in which one party prepares a message that can later be decrypted and authenticated by the intended recipient. Standards for real-time public-key-based security protocols include IPsec, SSL/TLS, and SSH. In this chapter we cover the problems and solutions generically, rather than diving into the idiosyncracies of particular protocols, because the actual protocols (especially the ones defined by committee) are gratuitously complex. The subsequent chapters deal with the specifics of IPsec and SSL/TLS.
At a minimum, the protocols provide mutual ...
Get Network Security: Private Communication in a Public World, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.