Lecture: Modern Network Security Mechanisms in Linux
MACSec, wireguard and TLS 1.3
This presentation takes a deep-dive into upcoming network security primitives in Linux. I will present promising tools across the different layers 2-4, which I expect to be heavily used in the future. In particular this will be MACSec (802.1ae) for layer 2, which is already part of the kernel since 4.9. On layer 3 I'll present wireguard, which is still experimental, but slick and performs very well compared to IPSec. Lastly, TLS 1.3 at layer 4 was recently standardized, and I'll cover the new features as well as the differences in the standardization process compared to previous versions of SSL.