Friday, January 11, 2008


Well for all of you who are wondering what is IPSec here is a small introduction to rock your mind off from what ever it is. IPSec is a security protocol which works in the 3rd layer of the OSI stack. It can ensure the following

  • Make sure that routing or a routing advertisement came from an authorized router.
  • An redirect message came from the original router where the initial request was sent.
  • Make sure that routing update was not forged.
There are two types of IPSec connections

1. Tunnel Mode
Encrypts the entier IP packet and authenticates the entire IP packet.Original IP header should be replaced by the new IP header which has the next hop router address. Slow and good for VPN's and gateway to gateway security

2. Transport Mode
Encrypts and authenticates the payload of the IP packet. The original IP packet stay intact. Faster than Tunnel mode and is used for traffic analysis purpose.

Benifts of IPSec over SSL/TSL

  1. Encrypts entire IP packet
  2. Independent of IP address
  3. No impact on security gateway to security gateway communications
  4. Protocol Independent

Pitfalls with IPSec

  1. Many way to configure and can be complex at times
  2. Can be configured in a wrong way
  3. Client security is an issue
IPSec guidelines

  1. Use SHA1 over SHA and MD5
  2. Use 3DES AES or blowfish
  3. Never use DES
  4. Tunnel mode
  5. Encrypt entire packet
  6. Use certificates for key exchange
Extracted from the lecture slides of Dr. Kasun De Zoysa. Department of Communication and media technologies, Department of Computer Science, University of Colombo School of Computing(UCSC) Sri Lanka(LK)

No comments: