Friday, 25 May 2012

IPSec (ESP, AH, DES, MD5, SHA, DH)


IPSec (ESP, AH, DES, MD5, SHA, DH)
ESP - Encapsulating Security Payloads.
AH - Authentication Headers
DES - Data Encryption Standard
MD5 - Message-digest Algorithm.
SHA - Secure Hash Algorithm
DH - Diffie-Hellman
Internet Protocol Security (IPSec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating each IP packet of a communication session. It also includes protocols for establishing mutual authentication. Operating at Internet layer of the internet protocol suite, it is an end-to-end security scheme. It is also used to protect data flow between a pair of hosts, pair of security gateways or between security gateway and a host.
- host-to-host
- network-to-network
-network-to-host
IPSec suite is an open standard. It uses some of the following protocols to perform various functions.

1) Authentication Headers (AH) – provides connectionless integrity and data origin authentication for IP datagrams and provides protection against replay attacks.
- Member of IPsec protocol suite.
- Guarantees connectionless integrity and data origin authentication of IP packets.
- Uses sliding window technique to protect against replay attacks.
2) Encapsulating Security Payloads (ESP) – provides confidentiality, data-origin authentication, connectionless integrity, anti-replay service and limited traffic-flow confidentiality.
- Member of IPsec protocol suite.
- Provides origin authenticity, integrity, and confidentiality protection of packets.
- Supports encryption-only and authentication-only configurations



DES - Data Encryption Standard
- A previously predominant algorithm for the encryption of electronic data.
MD5 - Message-digest Algorithm.
- A widely used cryptographic hash function that produces a 128-bit hash value. It is commonly used to check data integrity. An MD5 hash is typically expressed as a 32-digit hexadecimal.
SHA - Secure Hash Algorithm
- One of a number of cryptographic hash functions.
DH - Diffie-Hellman
- A public-key cryptography protocols. It allows two parties to establish a shared secret key used by encryption algorithms over an insecure communications channel.

http://en.wikipedia.org/wiki/Encapsulating_Security_Payload#Encapsulating_Security_Payload
http://en.wikipedia.org/wiki/Data_Encryption_Standard
http://en.wikipedia.org/wiki/MD5
http://en.wikipedia.org/wiki/Secure_Hash_Algorithm
http://www.ciscopress.com/articles/article.asp?p=25470&seqNum=5

Posted by at

2 comments:

  1. 1105997I26 May 2012 at 00:04

    Hi,
    It’s an informative post. I have a basic understanding of various types of Internet Protocol Security. You briefly explained every term (i.e. ESP, AH, DES, MD5, SHA, DH) and I’m able to know what do they stands for.

    However, I think it would be better if you maintain the format, so that readers can get a better view of the post and understanding.

    Anyway, you did a good job!
    Keep it up! ^ ^

    ReplyDelete
  2. Bob27 May 2012 at 06:44

    Its me again ameer

    YOU have clearly elaborated well in the public key infrastructure and this is another well explained post on ipsec. i think you SHOULD have included some other protocols diagram. please do not STOP doing such good blog post. i will be TAKING notes for MY blog to improve. i will continue to SPOT different technique used IN your GOOGLE searches for different DOCUMENTS.
    -Xudong

    ReplyDelete

Subscribe to: Post Comments (Atom)