Friday, March 20, 2020

Free Essays on Analysis Of IPsec

Topic: Analysis of IPsec. 1) IPSec protocol is used for creating means for secure exchange of information between systems and networks on the Internet. IPsec protocol helps users to create â€Å"private groups† based on common interest, independently from specifications of the networks they are using. 2) IPSec protocol includes two protocols: Authentication Header (AH) and Encapsulating Secure Payload (ESP). AH creates an envelope that ensures authentication of the source of the information, the completeness and protection from double messaging. à ¼ This way AH offers layers of ways to protect from malicious users. With help of AH every packet is authenticated, which makes ineffective programs that are trying to capture the administration of the session. Besides this AH protocol tries to ensure the authentication of the headers of IP-packets, not depending on the location of the IP-headers outside of the envelope it is creating. AH Authentication prevents IP-header line manipulation during the transfer of the packet. Because of this reason protocol cannot be used in the environment where NAT (Network Address Translation – is a mechanism used for transferring network addresses) is being used. This is because NAT requires IP-header manipulation, which AH Authentication will not allow. à ¼ ESP protocol ensures confidentiality of the information and executes functions of the AH protocol protection of the encrypted not authenticated information. IPSec specification allows ESP protocol use without AH functions. However, it’s not a good idea to do this, unless you really know what you are doing and why. In ESP protocol it’s possible to use fictitious encryption, which is equal to AH implementation without IP-header. This allows using NAT mechanism, because in this method the addresses in the headers can be modified. ESP and AH protocols are registered in IANA organization (Internet Address Naming Authority) and are ... Free Essays on Analysis Of IPsec Free Essays on Analysis Of IPsec Topic: Analysis of IPsec. 1) IPSec protocol is used for creating means for secure exchange of information between systems and networks on the Internet. IPsec protocol helps users to create â€Å"private groups† based on common interest, independently from specifications of the networks they are using. 2) IPSec protocol includes two protocols: Authentication Header (AH) and Encapsulating Secure Payload (ESP). AH creates an envelope that ensures authentication of the source of the information, the completeness and protection from double messaging. à ¼ This way AH offers layers of ways to protect from malicious users. With help of AH every packet is authenticated, which makes ineffective programs that are trying to capture the administration of the session. Besides this AH protocol tries to ensure the authentication of the headers of IP-packets, not depending on the location of the IP-headers outside of the envelope it is creating. AH Authentication prevents IP-header line manipulation during the transfer of the packet. Because of this reason protocol cannot be used in the environment where NAT (Network Address Translation – is a mechanism used for transferring network addresses) is being used. This is because NAT requires IP-header manipulation, which AH Authentication will not allow. à ¼ ESP protocol ensures confidentiality of the information and executes functions of the AH protocol protection of the encrypted not authenticated information. IPSec specification allows ESP protocol use without AH functions. However, it’s not a good idea to do this, unless you really know what you are doing and why. In ESP protocol it’s possible to use fictitious encryption, which is equal to AH implementation without IP-header. This allows using NAT mechanism, because in this method the addresses in the headers can be modified. ESP and AH protocols are registered in IANA organization (Internet Address Naming Authority) and are ...

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.