Chapter 16. Real-Time Communication Security

A real-time protocol is one in which the parties negotiate interactively to authenticate each other and establish a session key, in contrast to a protocol such as email in which one party prepares a message that can later be decrypted and authenticated by the intended recipient. Standards for real-time public-key-based security protocols include IPsec, SSL/TLS, and SSH. In this chapter we cover the problems and solutions generically, rather than diving into the idiosyncracies of particular protocols, because the actual protocols (especially the ones defined by committee) are gratuitously complex. The subsequent chapters deal with the specifics of IPsec and SSL/TLS.

At a minimum, the protocols provide ...

Get Network Security: Private Communication in a Public World, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.