SECUR Exam Cram™ 2 (Exam 642-501)

Origin Authentication

IPSec guarantees that the endpoint of the connection is indeed the peer whom they claim to be. This check is performed via authentication during the D-H key agreement protocol. Remember, D-H is used to obtain a shared secret key over an unsecure medium. There are a few ways we can perform authentication for a peer:

Using a shared secret key
Using digital signatures
Using encrypted nonces

Preshared Keys

Both sides agree upon a shared secret key. (This is not one of the derived D-H keys.) What one sides encrypts, the other can decrypt, and it is therefore authentic.

RSA Signatures

RSAsignatures, also called digital signatures, allow both sides to obtain a digital certificate, which validates that a public key (remember RSA and ...

Get SECUR Exam Cram™ 2 (Exam 642-501) now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

SECUR Exam Cram™ 2 (Exam 642-501) by Raman Sud, Ken Edelman

Origin Authentication

Preshared Keys

RSA Signatures

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly