Home Page

Firewalls

Email & Spam

Security Terminology

Security Topics

VPN & Cryptography

Wireless

 

 

 

VPN Terminology

VPN Tutorial Guide

3DES

AES

Aggressive Mode

Authentication Header

Asymmetric Encryption

Authentication

Certification Authority

Data Integrity

DES

Diffie-Hellman

Digital Certificate

Dynamic IP addresses

Encryption

ESP

IKE Oakley & ISAKMP

IPSec

IPSec Quick Mode

L2TP

Main Mode

MD5

NAT-T

PFS

PKI

Policy-vs-Route-VPN

PPTP

Pre-Shared Key

Remote Access User

RSA

Security Association

Sha-1

Site to Site VPN

SSL VPN

Transform Sets

Tunnel mode and Transport mode

VPN client tunneling option

VPN Topologies

VPN Tunnel

 

Security Products Guide

Which Anti-Virus Software?

Which Firewall?

Which Spam Filter?

Which Internet Security Suite?

 

What is Guide

What is a Firewall?

What is a Virus?

What is Spam?

 

Essential Security Guides

Securing Windows XP Guide

Securing Windows Vista Guide

A Guide to Wireless Security

 

Other

Top 8 Internet Security tips

Why both, Firewall and Anti Virus?

Free or purchased security - Which one?

 

 

Data Integrity and VPN Guide

 

 

Data Integrity protects data from interception and modification. So integrity ensures data has not been altered when in transmit. In the case with VPN's, data has not been intercepted and changed when traveling from one VPN gateway to another VPN gateway. We use a hash mechanism to accomplish the integrity of data. If one bit has been modified, the hash will not match. Data integrity guarantees integrity of a message. A one way hash of the data has to match exactly. If one bit is different then the message has been changed. Two algorithms a VPN gateway uses for verifying integrity of data are Hash algorithms hmac-md5 and hmac-sha1, Hmac-sha1 being the strongest.

A one way hash simply takes a variable length string and data, and produces a fixed length hash value. The hash along with its data is then sent to the receiver. The receiver will compute the same hash function on the data to compare this to the sending hash result, and if they are the same, then the message will be accepted. We can say that the message has not been modified in transit.

Common hashing algorithms developed to ensure integrity of data are the SHA family of algorithms, the MD family of algorithms, Haval and Tiger.

Further Reading

Wikipedia's guide to Data Integrity