Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Docsity AI
Docsity AI
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search for your university

Find the specific documents for your university's exams

Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

Understanding IPSec: Authentication, Encryption, and Implementation, Slides of Applications of Computer Sciences

Bengal Engineering & Science UniversityApplications of Computer Sciences

An overview of ipsec, a security protocol used to protect network traffic. Ipsec adds security to ip packets without modifying applications, and is used in wireless networks, vpns, and non-trusted lans. The basics of ip packets, the insecurities of ip, and how ipsec addresses these issues through authentication and encryption. Two modes of ipsec, tunnel and transport, are explained, as well as the process of keying. The document also mentions the use of ns simulator for testing ipsec.

Typology: Slides

2011/2012

Uploaded on 07/18/2012

padmavati
padmavati 🇮🇳

4.6

(24)

154 documents

1 / 29

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
After Seventh Semester Onwards…….
docsity.com
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d

Partial preview of the text

Download Understanding IPSec: Authentication, Encryption, and Implementation and more Slides Applications of Computer Sciences in PDF only on Docsity!

After Seventh Semester Onwards…….

What is IPSec?

  • IPSec stands for Internet Protocol Security
  • It is at a most basic level a way of adding security

to your network traffic without having to modify

the applications that are using IP

Where is IPSec Used?

• Wireless nets

• Virtual Private Networks (VPNs)

• Non-trusted Local Area Networks (LANs)

IP Basics

• The IP protocol breaks down information

that is to be sent out into small manageable

pieces called packets

• Packets are reassembled at the receiving

side

Parts of the Header

• Source Address

• Destination Address

• Protocol

• Fragment Flag

• Total Length

• Type of Service

• And more…

Data Section

• This portion holds all of the data that you

are trying to transmit

What IPSec does.

• Authentication

• Encryption

• With Two Major modes

  • Tunnel
  • Transport
    • AH + ESP
    • AH
    • ESP

Authentication

  • An Authentication Headers (AH) portion is added

to the IP Packet

  • The AH contains fields
    • Next Header
    • AH payload length
    • Security Parameters Index (SPI)
    • Anti-Replay Sequence number
    • Authentication Data field (Information dependent on the cipher used)

Tunnel mode

IP Header

AH Header

SPI and Sequence Number

IP Header

Upper Protocol Headers and Packet Data

ESP Trailer

ESP Authentication Data

Note: Fields in Green are Encrypted

Transport mode

IP Header

AH Header

SPI and Sequence Number

Upper Protocol headers and Packet Data

ESP Trailer

ESP Authentication Data

Note: Fields in Green are Encrypted

Section II

Proposed Algorithm

1. Route Discovery by SAODV SAODV route Discovery: Source Destination [Shared key of both source and destination will be exchanged during this phase] 2. Establishment of SA Data_Message= ((Sequence Number Counter +AH Information/ESP Information) EKS- priv) EKD-pub: SourceDestination (With First UDP Packet) [AH information: authentication algorithm, shared secret key, key lifetime] [ESP information: encryption algorithm, shared secret key, key lifetime] 3.Data Transmission IF (AH implemented packet) Packet with AH header: Source to Destination and Destination to Source ELSE IF (ESP implemented packet) Packet with AH header: Source to Destination and Destination to Source 4. ACK_PKT IF (Check (Authentication)= = true)) Send ACK_PKT ELSE IF ((De encapsulate (Packet) & & check (Authentication)) = = true) Send ACK_PKT ELSE Drop PKT 5. Receive ACK_PKT IF sender Receive (ACK_PCK) = = true) Send next packet Else Retransmit same data packet 6. END

Create a Basic NS Simulation

1. Create event scheduler

2. Create nodes and links

3. Create connections

4. Create traffic sources/sinks

5. Enable tracing

TclClass

Static class TcpClass : public TclClass { public: TcpClass( ) : TclClass(“ Agent/Echo ”) {} TclObject* create(int, const charconst) { return (new EchoAgent ()); } } class echo;

TclObject

Agent

Agent/Echo

TclObject

Agent

EchoAgent

NsObject (^) ??

C++ mirroring OTcl