Tuesday, September 15, 2015

What Is IP Security or IPSec Protocol?

One of the weakness of original Internet Protocol is, it cannot ensure authenticity and privacy of the data passed over the internet. Any IP datagram that travels between two devices over unknown network can be intercepted and changed. So, security enhancements were needed in IP for critical applications and IP Security or IPSec was developed for that purpose.



A number of methods have evolved over the years to ensure security over the internet. Most of them deals with higher layers of the OSI protocol stack. These solutions were undoubtedly valuable for certain scenarios, but they are mostly particular to certain applications. For example, Secure Sockets Layer is good for World Wide Web access or FTP, but there are lots of applications, where this technology is not intended to work with. We needed a solution to ensure security in the IP layer, so that all the layers above it in the OSI protocol stack can take advantage and IPSec was developed.



IPSec

IPSec comprises two different components :


  • Authentication Header or AH
  • Encapsulating Security Payload or ESP







Authentication Header or AH : This protocol provides authentication services to IPSec. The recipient of the message can verify the authenticity of the sender. This protocol also enables verification of the received data, protecting it from 'replay attack' where the sent message is captured by an unauthorized user and re-sent.


Encapsulating Security Payload or ESP : Authentication Header ensures authenticity and integrity of the data, but not its privacy. Using ESP protocol, the payload of the IP datagram is encrypted, so that no one can extract information from it.

These two protocols can also be implemented together.



Mode of Operation of IPSec

There are specific two modes of operations defined for IPSec :


  • Transport mode
  • Tunnel mode


Selection of modes determines what specific parts of the IP datagram are protected and how the headers are arranged.

Transport Mode : When IPSec is used in transport mode, IPSec header is applied only on the IP payload and not on the IP header. AH and ESP headers appear in between the original IP header and the IP payload. This mode encrypts the data part of each packet and leaves the header intact.

Tunnel Mode : In this mode, the entire IP datagram is encrypted and encapsulated within another IP datagram. Here, the IPSec headers appear in front of the original IP header and new IP header is added in front of the IPSec header.


And when two devices communicate to each other, they must share a public key to send and receive information securely. To ensure that, a protocol known as Internet Security Association and Key Management Protocol/Oakley (ISAKMP/Oakley) is used.

You would find more information on Internet Security Association and Key Management Protocol/Oakley (ISAKMP/Oakley) here : Internet Security Association and Key Management Protocol/Oakley (ISAKMP/Oakley).


This is the overall concept of IP Security or IPSec. 


You would find more information on how IPSec Protocol works here : How does IPSec work ?


No comments:

Post a Comment