•  AH – integrity, origin authentication.
                          •  ESP – encryption – integrity, origin
                              authentication, anti-replay.
                          •  SA – simplex connection (contains IP
                              address, AH/ESP, and SPI).
                          •  SPI – identifies SA.
                          •  Transport adjacency – using the same
                              packet to apply multiple security
                              protocols without invoking tunneling.
                          •  Transport mode – encrypts end-to-
                              end:
                                 ▪  Iterated tunneling – multiple
                                     layers of security protocols
                                     through IP tunnels.
                          •  SSH – uses RSA.  Does compression,
                              confidentiality, and integrity.

               WLAN
                   •  EAP:
                          •  The ‘E’ in EAP means extensible
                              (extendable), thus the ability to add
                              two factors to an essentially one
                              factor (PAP/CHAP) system.
                          •  One factor – EAP-MD5, LEAP, PEAP-
                              MSCHAP, TTLS-MSCHAP, EAP-SIM.
                          •  Two-factor – EAP-TLS, TTLS w/ OTP,
                              PEAP-GTC.
                   •  Static WEP – same key.
                   •  Dynamic WEP – change keys.
                   •  Temporal Key Integrity Protocol (TKIP) –
                       uses RC4 with 128-bit keys (key + MAC +