Filter
Top Products
16 Security in Detail
XPort Pro™ User Guide 137
Secure Sockets Layer (SSL)
SSL uses digital certificates for authentication and cryptography against
eavesdropping and tampering. Sometimes only the server is authenticated,
sometimes both server and client. The XPort Pro can be server and/or client,
depending on the application. Public key encryption systems exchange information
and keys and set up the encrypted tunnel.
Efficient symmetric encryption methods encrypt the data going through the tunnel
after it is established. Hashing provides tamper detection.
Applications that can make use of SSL are Tunneling, Secure Web Server, and
WLAN interface.
The XPort Pro supports SSlv3 and its successors, TLS1.0 and TLS1.1.
Note: An incoming SSlv2 connection attempt is answered with an SSlv3 response. If
the initiator also supports SSLv3, SSLv3 handles the rest of the connection.
CipherSuites
The SSL standard defines only certain combinations of certificate type, key exchange
method, symmetric encryption, and hash method. Such a combination is called a
cipher suite.
XPort Pro currently supports the following list of cipher suites:
Certificate Key exchange Encryption Hash
DSA DHE 3DES SHA1
RSA RSA 128 bits AES SHA1
RSA RSA Triple DES SHA1
RSA RSA 128 bits RC4 MD5
RSA RSA 128 bits RC4 SHA1
RSA 1024 bits RSA 56 bits RC4 MD5
RSA 1024 bits RSA 56 bits RC4 SHA1
RSA 1024 bits RSA 40 bits RC4 MD5
Whichever side is acting as server decides which cipher suite to use for a connection.
It is usually the strongest common denominator of the cipher suite lists supported by
both sides.
Certificates
The goal of a certificate is to authenticate its sender. It is analogous to a paper
document that contains personal identification information and is signed by an
authority, for example a notary or government agency.