IP Security
This tutorial discusses how authentication and security, including secure password transmission, encryption, and digital signatures on datagrams, are implemented under IP through the Authentication Header ( AH ) and Encapsulating Security Payload ( ESP ) options. Before examining the IP Security Protocol ( IPsec ), however, we will take a look at the IP security architecture described in RFC 2401, " Security Architecture for the Internet Protocol, " and the different pieces of that architecture.
IPv4 as originally designed offered no real security features; it was intended simply as an internetworking protocol. While not necessarily a problem for a networking protocol used largely in research and academic settings, the increase in importance of IP networking to the general business and consumer networking environments makes the potential harm resulting from attacks more devastating than ever. This section examines the following.
- Issues of security for IP
- Security goals defined for IP
- Cryptographic elements of IPsec
- Protocol elements of IPsec
- Implementing IPsec
The next section takes a look at the specifi cs of IPsec, as well as some of the tools being assembled to achieve these goals.
In this tutorial:
- IP Security Issues
- Security Goals
- Encryption and Authentication Algorithms
- Symmetric Encryption
- Public Key Encryption
- Key Management
- Secure Hashes
- Digital Signature
- IPSEC: The Protocols
- IP and IPSEC
- Security Associations
- Using Security Associations
- Tunnel and Transport Mode
- Encapsulating Security Payload (ESP)
- Authentication Header
- Calculating the Integrity Check Value (ICV)
- IPsec Headers in Action
- Implementing and Deploying IPSEC