What is IPSec? It is a set of protocols developed by IETF to support a secure exchange of packets at the IP Layer. IPSec has been deployed to implement Virtual Private Networks (VPNS).
IPSec supports two different encryption modes, one being Transport Mode and the other being Tunnel Mode. Transport Mode encrypts data portion (payload) of each packet only, but leaves the header untouched. Tunnel Mode securely encrypts both header and payload. An IPSec-compliant device will decrypt each packet.
There are different types of IPSec such as:
Encapsulating Security Payload (ESP)
Authentication Header (AH)
Data Encryption Standard (DES)
Message Digest 5 (MD5)
Secure Hash Algorithm (SHA)
Diffie-Hellman (DH)
ESP
The main job of the ESP is to provide privacy that users seek for IP datagrams encrypting them. ESP supports its own authentication scheme like that used in AH.
AH
The main job of the AH is to provide integrity authentication services to IPSec-capable devices, so they can verify that messages are received intact from other devices.
DES
DES is a widely-used method of data encryption using a private key that was judged so difficult to break by that it was restricted for exportation to other countries.
MD5
MD5 is used to check the integrity of the file content. If file is transferred using network, recipient can calculate the MD5 hash and check it with the MD5 check sum, and if both are the same, the user can be sure that file is not corrupted.
D-H
D-H is used within IKE to establish session keys.
References:
http://www.webopedia.com/TERM/I/IPsec.html
http://www.tcpipguide.com/free/t_IPSecEncapsulatingSecurityPayloadESP.htm
http://www.javvin.com/protocolAH.html
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_tech_note09186a0080094203.shtml
No comments:
Post a Comment