The IPsec standard provides a method to manage authentication and data
protection between multiple crypto peers engaging in secure data transfer.
IPsec includes the Internet Security Association and Key Management Protocol
(ISAKMP)/Oakley and two IPsec IP protocols: Encapsulating Security Protocol
(ESP) and Authentication Header (AH).
IPsec uses symmetrical encryption algorithms for data protection. Symmetrical
encryption algorithms are more efficient and easier to implement in hardware.
These algorithms need a secure method of key exchange to ensure data protection.
Internet Key Exchange (IKE) ISAKMP/Oakley protocols provide this capability.
This solution requires a standards-based way to secure data from eavesdropping
and modification. IPsec provides such a method. IPsec provides a choice of
transform sets so that a user can choose the strength of their data protection.
IPsec also has several Hashed Message Authentication Codes (HMAC) from
which to choose, each giving different levels of protection for attacks such as
man-in-the-middle, packet replay (anti-replay), and data integrity attacks.
Best Regards,
Deepak Arora
No comments:
Post a Comment