2. What is IP Security
The IP security (IPSec) is an Internet Engineering Task Force (IETF) standard
suite of protocols between 2 communication points across the IP network
that provide data authentication, integrity, and confidentiality.
It also defines the encrypted, decrypted and authenticated packets.
3. Ip Security Provide
Confidentiality: By encrypting our data, nobody except the sender and receiver
will be able to read our data.
Integrity: We want to make sure that nobody changes the data in our packets. By
calculating a hash value, the sender and receiver will be able to check if changes
have been made to the packet.
Authentication: The sender and receiver will authenticate each other to make
sure that we are really talking with the device we intend to.
Anti-replay: Even if a packet is encrypted and authenticated, an attacker could
try to capture these packets and send them again. By using sequence numbers,
IPsec will not transmit any duplicate packets.
4. What is IP Security
InternetProtocolSecurity(IPSec):Itissetsofprotocolsthat allowsecurecommunication
betweentwo computerover an unsecurednetwork.
IPSechas twogoal:
ToprotectIPpackets
Providing defenseagainst network attack.
5. Uses of IP Security
IPsec can be used to do the following things:
To encrypt application layer data.
To provide security for routers sending routing data across the public
internet.
To provide authentication without encryption, like to authenticate that
the data originates from a known sender.
7. Encryption Technologies
There are two encryption modes available for IPsec. Both modes have their own
uses and should be used with caution depending upon the solution.
Tunnel Mode
This encrypts both the payload and the header. IPsec in tunnel mode is used when
the destination of the packet is different than the security termination point. The
most common use of this mode is between gateways or from end station to
gateway. The gateway serves as a proxy for the hosts. So when the origin of the
packets differs from the device that is providing security, tunnel mode is used.
Transport Mode
In this encryption mode, only the data portion of each packet is encrypted. This
mode is applicable between end stations or between end station and gateway.
8. Working of IP Security
The host checks if the packet should be transmitted using IPsec or not. These
packet traffic starts the security policy for themselves. This is done when the
system sending the packet apply an appropriate encryption. The incoming
packets are also checked by the host that they are encrypted properly or not.
Then the IKE Phase 1 starts in which the 2 hosts( using IPsec ) authenticate
themselves to each other to start a secure channel. It has 2 modes. The Main
mode which provides the greater security and the Aggressive mode which
enables the host to establish an IPsec circuit more quickly.
9. Working of IP Security
The channel created in the last step is then used to securely transfer the way the
IP circuit will encrypt data across the IP circuit.
Now, the IKE Phase 2 is conducted over the secure channel in which the two
hosts transfer the type of cryptographic algorithms to use on the session and
agreeing on secret keying material to be used with those algorithms.
Then the data is exchanged across the newly created IPsec encrypted tunnel.
These packets are encrypted and decrypted by the hosts using IPsec SAs.
When the communication between the hosts is completed or the session times out
then the IPsec tunnel is terminated by discarding the keys by both the hosts.