Two hosts A and B wish to communicate securely. In one configuration, A and B es

Question

Two hosts A and B wish to communicate securely. In one configuration, A and B establish a single ESP SA providing both authentication and encryption. In a second configuration A and B establish a ESP SA providing only encryption, but this traffic is intercepted by two gateways that provide authentication to all traffic between A and B using an AH IPSec SA. What is the difference in the protection level provided by these two configurations? What is the difference in the overhead required by these two configurations?

Explanation / Answer

Solution:

Let's call the configuration=> A and B establish a single ESP SA providing both authentication and encryption.as first configuration

and A and B establish an ESP SA providing only encryption, the second configuration

So the first configuration is providing more configuration since it is providing the authentication twice, well it is not about how many times you are authenticating more than once it is about where the message can be intercepted so when at ESP SA the attackers are intercepting to communicate then without authentication there is a vulnerability.

in the system.

So we can conclude that second configuration is more secure in terms of that.

The overhead is more at the second configuration since the authentication is being done at the two gateways which are placed in between A and B.

I hope this helps if you find any problem. Please comment below. Don't forget to give a thumbs up if you liked it. :)

Related Questions

Navigate

• Browse (All)
• Browse T
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.