|
Tcpcrypt
In computer networking, tcpcrypt is a transport layer communication encryption protocol. Unlike prior protocols like TLS (SSL), tcpcrypt is implemented as a TCP extension. It was designed by a team of six security and networking experts: Andrea Bittau, Mike Hamburg, Mark Handley, David Mazières, Dan Boneh and Quinn Slack. Tcpcrypt has been published as an Internet Draft. Experimental user-space implementations are available for Linux, Mac OS X, FreeBSD and Windows. There is also a Linux kernel implementation. The TCPINC (TCP Increased Security) working group was formed in June 2014 by IETF to work on standardizing security extensions in the TCP protocol. In May 2019 the working group released and as an experimental standard for Tcpcrypt. Description Tcpcrypt provides opportunistic encryption — if either side does not support this extension, then the protocol falls back to regular unencrypted TCP. Tcpcrypt also provides encryption to any application using TCP, even ones th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Dan Boneh
Dan Boneh (; he, דן בונה) is an Israeli-American professor in applied cryptography and computer security at Stanford University. In 2016, Boneh was elected a member of the National Academy of Engineering for contributions to the theory and practice of cryptography and computer security. Biography Born in Israel in 1969, Boneh obtained his Ph.D. in Computer Science from Princeton University in 1996 under the supervision of Richard J. Lipton. Boneh is one of the principal contributors to the development of pairing-based cryptography, along with Matthew K. Franklin, Matt Franklin of the University of California, Davis. He joined the faculty of Stanford University in 1997, and became professor of computer science and electrical engineering. He teaches massive open online courses on the online learning platform Coursera. In 1999 he was awarded a fellowship from the David and Lucile Packard Foundation. In 2002, he co-founded a company called Voltage Security with three of his s ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Obfuscated TCP
Obfuscated TCP (ObsTCP) was a proposal for a transport layer protocol which implements opportunistic encryption over Transmission Control Protocol (TCP). It was designed to prevent mass wiretapping and malicious corruption of TCP traffic on the Internet, with lower implementation cost and complexity than Transport Layer Security (TLS). In August 2008, IETF rejected the proposal for a TCP option, suggesting it be done on the application layer instead. The project has been inactive since a few months later. In 2010 June, a separate proposal called tcpcrypt has been submitted, which shares many of the goals of ObsTCP: being transparent to applications, opportunistic and low overhead. It requires even less configuration (no DNS entries or HTTP headers). Unlike ObsTCP, tcpcrypt also provides primitives down to the application to implement authentication and prevent man-in-the-middle attacks (MITM). Historical origin ObsTCP was created by Adam Langley. The concept of obfuscating TCP com ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Transmission Control Protocol
The Transmission Control Protocol (TCP) is one of the main protocols of the Internet protocol suite. It originated in the initial network implementation in which it complemented the Internet Protocol (IP). Therefore, the entire suite is commonly referred to as TCP/IP. TCP provides reliable, ordered, and error-checked delivery of a stream of octets (bytes) between applications running on hosts communicating via an IP network. Major internet applications such as the World Wide Web, email, remote administration, and file transfer rely on TCP, which is part of the Transport Layer of the TCP/IP suite. SSL/TLS often runs on top of TCP. TCP is connection-oriented, and a connection between client and server is established before data can be sent. The server must be listening (passive open) for connection requests from clients before a connection is established. Three-way handshake (active open), retransmission, and error detection adds to reliability but lengthens latency. A ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
IPsec
In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in virtual private networks (VPNs). IPsec includes protocols for establishing mutual authentication between agents at the beginning of a session and negotiation of cryptographic keys to use during the session. IPsec can protect data flows between a pair of hosts (''host-to-host''), between a pair of security gateways (''network-to-network''), or between a security gateway and a host (''network-to-host''). IPsec uses cryptographic security services to protect communications over Internet Protocol (IP) networks. It supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection (protection from replay attacks). The initial IPv4 suite was developed with few s ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
