Popis: |
TLS and IPsec are two protocols that provide secure communication on the Internet. They provide similar services but operate on different levels. This report compiles some of thecurrent known vulnerabilities that exist in those two protocols. It also describes attacks that exploit those vulnerabilities. Based on the vulnerabilities this paper gives guidelines onhow to avoid them when implementing TLS and IPsec. This paper also demonstrates a proof-of-concept that shows how IPsec can be configured to avoid some of the vulnerabilities. Theproof-of-concept also shows how IPsec can be used to setup a secure connection between two peers, using Near Field Communication, on an ad hoc network. |