Which two data integrity algorithms are commonly used in VPN solutions? (Choose two)
A.
RSA
B.
HMAC-SHA-1
C.
DH2
D.
HMAC-MD5
E.
DH1
Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions
This is ONE TIME OFFER
50%
PLease explain why answer is RSA & HMAC-SHA1, and not HMAC-SHA1 & MD5
0
0
http://www.internet-computer-security.com/VPN-Guide/Data-Integrity.html
Two algorithms a VPN gateway uses for verifying integrity of data are Hash algorithms hmac-md5 and hmac-sha1, Hmac-sha1 being the strongest.
The answer are B and D.
0
0
Data integrity ensures data has not been altered in the transmission. A data-integrity algorithm adds a hash to the message to guarantee the integrity of the message.
A Hashed Message Authentication Code (HMAC) is a data-integrity algorithm that ensures the integrity of the message. Two popular algorithms a VPN gateway uses for verifying integrity of data are HMAC-Message Digest 5 (HMAC-MD5) and HMAC-Secure Hash Algorithm 1 (HMAC-SHA1)
+ HMAC-MD5 uses a 128-bit shared-secret key of any size. The variable-length message and shared-secret key are combined and run through the HMAC-MD5 hash algorithm. The output is a 128-bit hash. The hash is appended to the original message and is forwarded to the remote end.
+ HMAC-SHA-1 uses a secret key of any size. The variable-length message and the shared-secret key are combined and run through the HMAC-SHA-1 hash algorithm. The output is a 160-bit hash. The hash is appended to the original message and is forwarded to the remote end.
Diffie-Hellman Group 1 (DH-1) & Diffie-Hellman Group 2 (DH-2) are two encryption algorithms for VPN, not data integrity algorithms.
RSA is also an encryption algorithm, not data integrity algorithm.
(Reference: Implementing Cisco IOS Network Security IINS)
0
0
Beautiful explanation
0
0
Wow that was odd. I just wrote an very long comment
but after I clicked submit my comment didn’t appear. Grrrr…
well I’m not writing alll that over again. Anyway, just wanted
too say superb blog!
0
0