INTERNET PROTOCOL SECURITY

BY-

SWAPNIL B. PATIL

INTRODUCTION

Internet Protocol Security (IPsec) is a protocol suite for securing internet protocol communications by authentication and encryption each IP packet of a communication session. IPsec includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic key to be used during the session. IPsec can be used in protecting data flows between a pair of hosts (host-to-host), between a pair of security gateways (network-to-network), or between a security gateway and a host (network-to-host)

OBJECTIVE IPsec is designed to provide interoperable, high quality,

cryptographically-based security for IPv4 and IPv6. The set of security services offered includes access

control, connectionless layer protocols, integrity, data origin authentication, protection against replays, confidentiality and limited traffic flow confidentiality.

These objectives are met through the use of two traffic security protocols, the Authentication Header (AH) and the Encapsulating Security Payload (ESP), and through the use of cryptographic key management procedures and protocols.

ABSTRACTThe goal of this architecture is to provide various security services

for traffic at the IP layer, in both the IPv4 and IPv6 Environments. IPSec security properties are critically depend on the underlying

key exchange protocols, known as IKE (Internet Key Exchange).The IP security protocols (IPsec) may be used via security

gateways that apply cryptographic operations to provide security services to datagrams, and this mode of use is supported by an increasing number of commercial products. Goal that IPsec is capable of achieving, and we provide criteria that entail that a network with particular IPsec processing achieves its security goals.

SECURITY AT DIFFERENT LAYERS

Link layer: WEP / 802.11iApplication layer: PGPTransport layer: SSLNetwork layer: IPsec

IP SECURITY IP datagrams have no inherent security

IP source address can be spoofed Content of IP datagrams can be sniffed, modified and replayed.

IPSec is a method for protecting IP datagrams Standardized by IETF: dozens of RFCs. Only sender and receiver have to be IPsec compliant Rest of network can be regular IP

IPSEC ARCHITECTURE

PROS AND CONS OF IPSEC

PROS

Transparency to applications

Diffie-Hellman groups

Authentication method

Firewall packet filtering

CONS

IPSec Remote-Access Approach

No Portable Transmission

SECURITY ISSUES WITH IP

Eavesdropping

Data modification

Identity spoofing (IP address spoofing)

Denial-of-service attack

Man-in-the-middle attack

Sniffer attack

PROTECTION AGAINST ATTACKS ESP

Checksum

Mutual Verification 

Mutual Authentication

Filtering Methodology

REFERENCES http://docs.oracle.com/cd/E19683-01/817-2694/ipsec-ov-1/index.html

http://technet.microsoft.com/en-us/library/cc700826.aspx

http://en.wikipedia.org/wiki/IPsec

www.sans.org/.../vulnerabilitys-ipsec-discussion-weaknesses-ipsec-imple

THANK YOU