SlideShare a Scribd company logo

Encapsulating security payload in Cryptography and Network Security

Download as PPTX, PDF
K
Koushil Mankali

Encapsulating security payload PPT in cryptography and network security.

Engineering
1 of 14
Encapsulating Security Payload Presented By: KCEALABS.blog spot.com
IPSecurity  IPsecurity encompasses three functional areas: 1. Authentication 2. Confidentiality 3. Key Management  IPSecurtiy can be implemented by using two protocols I. ESP (Encapsulating Security Payload) II. AH (Authentication Header)
Encapsulating Security Payload:  ESP can be used to provide 1. Confidentiality 2. Authentication 3. Integrity  Encryption and authentication can be individually done on a packet irrespective of each other but it is not preferred due to security reasons i.e., only encryption or only authentication may lead to insecurity.  Now, let us see ESP packet format. Encapsulating Security Payload:
ESP Packet Format ESP Packet Format : • ESP Packet size is 32 bits. • It contains 7 fields and the 7th field is optional. FIELDS: 1. Security Parameters Index(SPI). 2. Sequence Number. 3. ESP Payload Data. 4. Padding. 5. Pad Length. 6. Next Header. 7. ESP Authentication Data.
Security Parameters Index(SPI):  It is the 32 bit field which determines the security association.  An association is a one-way logical connection between a sender and a receiver that affords security services to the traffic carried on it.  If a peer relationship is needed for two-way secure exchange, then two security associations are required. Client Server
Sequence Number:  A monotonically increasing counter value; this provides an anti-replay function.  Every packet is given a unique sequence number.  When a duplicate packet is received again with the help of sequence number it can identify that it is a duplicate packet and drop that packet.
ESP Payload Data:  This is a transport-level segment (transport mode) or IP packet (tunnel mode) that is protected by encryption.  We will see transport and tunnel modes later…  Payload data, padding, pad length, next header all are encrypted by using one of the encryption algorithm.
Padding:  The Padding field serves several purposes:  If an encryption algorithm requires the plaintext to be a multiple of some number of bytes, the Padding field is used to expand the plaintext to the required length.  The ESP format requires that the Pad Length and Next Header fields be right aligned within a 32-bit word. Equivalently, the ciphertext must be an integer multiple of 32 bits. The Padding field is used to assure this alignment.  Additional padding may be added to provide partial traffic-flow confidentiality by concealing the actual length of the payload.
Pad Length , Next Header, ESP Authentication Data :  Indicates the number of pad bytes immediately preceding this field.  NEXT HEADER: 1. Identifies the type of data contained in the payload data field. 2. It also tells about next payload. • ESP Authentication Data / Integrity Check Value : 1. It is optional field. 2. It is a variable-length field that contains the Integrity Check Value which is obtained after applying any authentication algorithm.
Transport and Tunnel Modes:  IPSecurity can be implemented in two ways : 1. Transport Mode. 2. Tunnel Mode.  In Transport mode encryption is directly provided between the two hosts.  In tunnel mode encryption will be done between two gateways.  We have different considerations for IPv4 and IPv6.  Before adding ESP header the original packet will be like this…
Original Ip packet format
Transport Mode: 1. In transport mode only the payload will be Encrypted. 2. Header part will not be Encrypted. 3. In IPv4 and IPv6 ESP header is added after the original header and a ESP trailer is added at end of the packet.
Tunnel Mode: 1. In tunnel mode the entire packet will be encrypted including the header part. 2. In IPv4 and IPv6 ESP header is added prior to the original header. 3. Here new IP header will be added to the packet.
THANK YOU

Recommended

Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)Haris Ahmed
 
Public Key Cryptosystem
Public Key CryptosystemPublic Key Cryptosystem
Public Key CryptosystemDevakumar Kp
 
DES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationDES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationsarhadisoftengg
 
IP Security
IP SecurityIP Security
IP SecurityKeshab Nath
 
Blow fish final ppt
Blow fish final pptBlow fish final ppt
Blow fish final pptAjay AJ
 
One time pad Encryption:
One time pad Encryption:One time pad Encryption:
One time pad Encryption:Asad Ali
 
Block Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption StandardBlock Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption StandardDr.Florence Dayana
 
Ipsec
IpsecIpsec
IpsecBaidyanath Dutta
 

Recommended

Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)Haris Ahmed
 
Public Key Cryptosystem
Public Key CryptosystemPublic Key Cryptosystem
Public Key CryptosystemDevakumar Kp
 
DES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationDES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationsarhadisoftengg
 
IP Security
IP SecurityIP Security
IP SecurityKeshab Nath
 
Blow fish final ppt
Blow fish final pptBlow fish final ppt
Blow fish final pptAjay AJ
 
One time pad Encryption:
One time pad Encryption:One time pad Encryption:
One time pad Encryption:Asad Ali
 
Block Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption StandardBlock Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption StandardDr.Florence Dayana
 
Ipsec
IpsecIpsec
IpsecBaidyanath Dutta
 
IPsec Basics: AH and ESP Explained
IPsec Basics: AH and ESP ExplainedIPsec Basics: AH and ESP Explained
IPsec Basics: AH and ESP ExplainedAndriy Berestovskyy
 
Block Cipher and its Design Principles
Block Cipher and its Design PrinciplesBlock Cipher and its Design Principles
Block Cipher and its Design PrinciplesSHUBHA CHATURVEDI
 
Network Security- Secure Socket Layer
Network Security- Secure Socket LayerNetwork Security- Secure Socket Layer
Network Security- Secure Socket LayerDr.Florence Dayana
 
BAIT1103 Chapter 6
BAIT1103 Chapter 6BAIT1103 Chapter 6
BAIT1103 Chapter 6limsh
 
Message digest 5
Message digest 5Message digest 5
Message digest 5Tirthika Bandi
 
Steganography
Steganography Steganography
Steganography Uttam Jain
 
Ipsec
IpsecIpsec
IpsecRupesh Mishra
 
block ciphers
block ciphersblock ciphers
block ciphersAsad Ali
 
PPT steganography
PPT steganographyPPT steganography
PPT steganographyparvez Sharaf
 
Asymmetric Cryptography
Asymmetric CryptographyAsymmetric Cryptography
Asymmetric CryptographyUTD Computer Security Group
 
Transposition cipher techniques
Transposition cipher techniquesTransposition cipher techniques
Transposition cipher techniquesSHUBHA CHATURVEDI
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacyPawan Arya
 
Hash Function
Hash FunctionHash Function
Hash Functionstalin rijal
 
Hash Function.pdf
Hash Function.pdfHash Function.pdf
Hash Function.pdfSantosh Gupta
 
Different types of Symmetric key Cryptography
Different types of Symmetric key CryptographyDifferent types of Symmetric key Cryptography
Different types of Symmetric key Cryptographysubhradeep mitra
 
Confusion and Diffusion.pptx
Confusion and Diffusion.pptxConfusion and Diffusion.pptx
Confusion and Diffusion.pptxbcanawakadalcollege
 
IP Security
IP SecurityIP Security
IP SecurityAmbo University
 
Hash Function
Hash FunctionHash Function
Hash FunctionSiddharth Srivastava
 
S/MIME
S/MIMES/MIME
S/MIMEmaria azam
 
Message Authentication
Message AuthenticationMessage Authentication
Message AuthenticationRam Dutt Shukla
 
ESP.ppt
ESP.pptESP.ppt
ESP.pptShineStar21
 
Ipsecurity
IpsecurityIpsecurity
IpsecurityChinmay Patel
 

More Related Content

What's hot

IPsec Basics: AH and ESP Explained
IPsec Basics: AH and ESP ExplainedIPsec Basics: AH and ESP Explained
IPsec Basics: AH and ESP ExplainedAndriy Berestovskyy
 
Block Cipher and its Design Principles
Block Cipher and its Design PrinciplesBlock Cipher and its Design Principles
Block Cipher and its Design PrinciplesSHUBHA CHATURVEDI
 
Network Security- Secure Socket Layer
Network Security- Secure Socket LayerNetwork Security- Secure Socket Layer
Network Security- Secure Socket LayerDr.Florence Dayana
 
BAIT1103 Chapter 6
BAIT1103 Chapter 6BAIT1103 Chapter 6
BAIT1103 Chapter 6limsh
 
Steganography
Steganography Steganography
Steganography Uttam Jain
 
block ciphers
block ciphersblock ciphers
block ciphersAsad Ali
 
Transposition cipher techniques
Transposition cipher techniquesTransposition cipher techniques
Transposition cipher techniquesSHUBHA CHATURVEDI
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacyPawan Arya
 
Different types of Symmetric key Cryptography
Different types of Symmetric key CryptographyDifferent types of Symmetric key Cryptography
Different types of Symmetric key Cryptographysubhradeep mitra
 

What's hot (20)

IPsec Basics: AH and ESP Explained
IPsec Basics: AH and ESP ExplainedIPsec Basics: AH and ESP Explained
IPsec Basics: AH and ESP Explained
 
Block Cipher and its Design Principles
Block Cipher and its Design PrinciplesBlock Cipher and its Design Principles
Block Cipher and its Design Principles
 
Network Security- Secure Socket Layer
Network Security- Secure Socket LayerNetwork Security- Secure Socket Layer
Network Security- Secure Socket Layer
 
BAIT1103 Chapter 6
BAIT1103 Chapter 6BAIT1103 Chapter 6
BAIT1103 Chapter 6
 
Message digest 5
Message digest 5Message digest 5
Message digest 5
 
Steganography
Steganography Steganography
Steganography
 
Ipsec
IpsecIpsec
Ipsec
 
block ciphers
block ciphersblock ciphers
block ciphers
 
PPT steganography
PPT steganographyPPT steganography
PPT steganography
 
Asymmetric Cryptography
Asymmetric CryptographyAsymmetric Cryptography
Asymmetric Cryptography
 
Transposition cipher techniques
Transposition cipher techniquesTransposition cipher techniques
Transposition cipher techniques
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacy
 
Hash Function
Hash FunctionHash Function
Hash Function
 
Hash Function.pdf
Hash Function.pdfHash Function.pdf
Hash Function.pdf
 
Different types of Symmetric key Cryptography
Different types of Symmetric key CryptographyDifferent types of Symmetric key Cryptography
Different types of Symmetric key Cryptography
 
Confusion and Diffusion.pptx
Confusion and Diffusion.pptxConfusion and Diffusion.pptx
Confusion and Diffusion.pptx
 
IP Security
IP SecurityIP Security
IP Security
 
Hash Function
Hash FunctionHash Function
Hash Function
 
S/MIME
S/MIMES/MIME
S/MIME
 
Message Authentication
Message AuthenticationMessage Authentication
Message Authentication
 

Similar to Encapsulating security payload in Cryptography and Network Security

Network security
Network securityNetwork security
Network securityanoop negi
 
1. IP security mechanism can be not only used for security communica.pdf
1. IP security mechanism can be not only used for security communica.pdf1. IP security mechanism can be not only used for security communica.pdf
1. IP security mechanism can be not only used for security communica.pdffortmdu
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network SecurityKathirvel Ayyaswamy
 
IP security Part 1
IP security Part 1IP security Part 1
IP security Part 1CAS
 
Ipv4 packet structure
Ipv4 packet structureIpv4 packet structure
Ipv4 packet structurevlsirajagopal
 
The Security layer
The Security layerThe Security layer
The Security layerSwetha S
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network securityPriyadharshiniVS
 

Similar to Encapsulating security payload in Cryptography and Network Security (20)

ESP.ppt
ESP.pptESP.ppt
ESP.ppt
 
Ipsecurity
IpsecurityIpsecurity
Ipsecurity
 
IPsec for IMS
IPsec for IMSIPsec for IMS
IPsec for IMS
 
Network IP Security.pdf
Network IP Security.pdfNetwork IP Security.pdf
Network IP Security.pdf
 
Network security
Network securityNetwork security
Network security
 
IP Sec - Basic Concepts
IP Sec - Basic ConceptsIP Sec - Basic Concepts
IP Sec - Basic Concepts
 
IPSec and VPN
IPSec and VPNIPSec and VPN
IPSec and VPN
 
1. IP security mechanism can be not only used for security communica.pdf
1. IP security mechanism can be not only used for security communica.pdf1. IP security mechanism can be not only used for security communica.pdf
1. IP security mechanism can be not only used for security communica.pdf
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
 
Ip Security.pptx
Ip Security.pptxIp Security.pptx
Ip Security.pptx
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensics
 
Unit 6
Unit 6Unit 6
Unit 6
 
IP SEC.ptx
IP SEC.ptxIP SEC.ptx
IP SEC.ptx
 
IP security Part 1
IP security Part 1IP security Part 1
IP security Part 1
 
Ipv4 packet structure
Ipv4 packet structureIpv4 packet structure
Ipv4 packet structure
 
Ipsec rbe guide
Ipsec rbe guideIpsec rbe guide
Ipsec rbe guide
 
The Security layer
The Security layerThe Security layer
The Security layer
 
IS Unit-4 .ppt
IS Unit-4 .pptIS Unit-4 .ppt
IS Unit-4 .ppt
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network security
 
Lecture14..pdf
Lecture14..pdfLecture14..pdf
Lecture14..pdf
 

Recently uploaded

Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...srsj9000
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )Tsuyoshi Horigome
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Christo Ananth
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile servicerehmti665
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSKurinjimalarL3
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024hassan khalil
 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSSIVASHANKAR N
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxpranjaldaimarysona
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxwendy cai
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Dr.Costas Sachpazis
 

Recently uploaded (20)

Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile service
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCRCall Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
 
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024
 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
 
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and RoutesRoadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptx
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptx
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
 
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxExploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
 

Encapsulating security payload in Cryptography and Network Security

  • 1. Encapsulating Security Payload Presented By: KCEALABS.blog spot.com
  • 2. IPSecurity  IPsecurity encompasses three functional areas: 1. Authentication 2. Confidentiality 3. Key Management  IPSecurtiy can be implemented by using two protocols I. ESP (Encapsulating Security Payload) II. AH (Authentication Header)
  • 3. Encapsulating Security Payload:  ESP can be used to provide 1. Confidentiality 2. Authentication 3. Integrity  Encryption and authentication can be individually done on a packet irrespective of each other but it is not preferred due to security reasons i.e., only encryption or only authentication may lead to insecurity.  Now, let us see ESP packet format. Encapsulating Security Payload:
  • 4. ESP Packet Format ESP Packet Format : • ESP Packet size is 32 bits. • It contains 7 fields and the 7th field is optional. FIELDS: 1. Security Parameters Index(SPI). 2. Sequence Number. 3. ESP Payload Data. 4. Padding. 5. Pad Length. 6. Next Header. 7. ESP Authentication Data.
  • 5. Security Parameters Index(SPI):  It is the 32 bit field which determines the security association.  An association is a one-way logical connection between a sender and a receiver that affords security services to the traffic carried on it.  If a peer relationship is needed for two-way secure exchange, then two security associations are required. Client Server
  • 6. Sequence Number:  A monotonically increasing counter value; this provides an anti-replay function.  Every packet is given a unique sequence number.  When a duplicate packet is received again with the help of sequence number it can identify that it is a duplicate packet and drop that packet.
  • 7. ESP Payload Data:  This is a transport-level segment (transport mode) or IP packet (tunnel mode) that is protected by encryption.  We will see transport and tunnel modes later…  Payload data, padding, pad length, next header all are encrypted by using one of the encryption algorithm.
  • 8. Padding:  The Padding field serves several purposes:  If an encryption algorithm requires the plaintext to be a multiple of some number of bytes, the Padding field is used to expand the plaintext to the required length.  The ESP format requires that the Pad Length and Next Header fields be right aligned within a 32-bit word. Equivalently, the ciphertext must be an integer multiple of 32 bits. The Padding field is used to assure this alignment.  Additional padding may be added to provide partial traffic-flow confidentiality by concealing the actual length of the payload.
  • 9. Pad Length , Next Header, ESP Authentication Data :  Indicates the number of pad bytes immediately preceding this field.  NEXT HEADER: 1. Identifies the type of data contained in the payload data field. 2. It also tells about next payload. • ESP Authentication Data / Integrity Check Value : 1. It is optional field. 2. It is a variable-length field that contains the Integrity Check Value which is obtained after applying any authentication algorithm.
  • 10. Transport and Tunnel Modes:  IPSecurity can be implemented in two ways : 1. Transport Mode. 2. Tunnel Mode.  In Transport mode encryption is directly provided between the two hosts.  In tunnel mode encryption will be done between two gateways.  We have different considerations for IPv4 and IPv6.  Before adding ESP header the original packet will be like this…
  • 12. Transport Mode: 1. In transport mode only the payload will be Encrypted. 2. Header part will not be Encrypted. 3. In IPv4 and IPv6 ESP header is added after the original header and a ESP trailer is added at end of the packet.
  • 13. Tunnel Mode: 1. In tunnel mode the entire packet will be encrypted including the header part. 2. In IPv4 and IPv6 ESP header is added prior to the original header. 3. Here new IP header will be added to the packet.