Basics of Internet Protocol Security.

1. IP Sec
Shubham Ghimire

2. What is IPSec?
• Framework for ensuring private, secure communications over Internet
Protocol (IP) networks.
• provides authenticated and encrypted traffic between hosts at the IP
protocol level
• Provides aggressive protection against private network and Internet attacks
through end-to-end security.
• Protects communication between any two parties.

3. Services
Authentication & Verification
• Authentication means that ensuring that data has come from authentic user only
• Verification means that ensuring that data is not altered during the journey
Confidentiality
• Ensures that data is not visible to third party – during the journey

4. IPSec Protocols
• Authentication Header (AH)
- Authenticates the data flowing over connection
• Encapsulating Security Payload (ESP)
- Encrypts+Authenticate the data flowing over connection

5. Modes of Operation
Transport Mode Tunnel Mode
Provides a secure connection between two end-points Provides a secure connection between two gateways or either of
the end is a gateway i.e. host-to-gateway communication & vice
versa
Encapsulates IP Payload only Encapsulates complete IP packet (IP Header + Payload)
Simply a secured IP connection Primarily used for VPN

6. Transport vs Tunnel Mode

7. Why IPSec ?
• IPv4 not designed with security in mind
• Attacks possible with IPv4
• Eavesdropping
• Data modification
• Identity spoofing (IP address spoofing)
• Denial-of-service attack
• Man-in-the-middle attack
• These can be avoided by use of IPSec

8. IPSec RFCs
• IPSec documents:
• RFC 2401: An overview of security architecture
• RFC 2402: Description of a packet authentication extension to IPv4 and
IPv6
• RFC 2406: Description of a packet encryption extension to IPv4 and
IPv6
• RFC 2408: Specification of key managament capabilities