![Internet protocol security (ipsec) ,[object Object],NishithModi(09BCE029) Chinmay Patel (09BCE038)](https://image.slidesharecdn.com/ipsecurity-110920121339-phpapp01/85/Ipsecurity-1-320.jpg)
![Flow of presentation ,[object Object]](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
Recommandé
Contenu connexe
Tendances
Similaire à Ipsecurity
Similaire à Ipsecurity (20)
Dernier
Dernier (20)
Ipsecurity
- 3. Benefits of Ipsec
- 4. Modes of operation
- 11. authentication
- 12. confidentiality
- 13. key management
- 16. is resistant to bypass
- 17. is below transport layer, hence transparent to applications
- 18. can be transparent to end users
- 19. can provide security for individual users if desired
- 20. additionally in routing applications:
- 21. assure that router advertisments come from authorized routers
- 22. neighbor advertisments come from authorized routers
- 23. insure redirect messages come from the router to which initial packet was sent
- 27. Rejection of replayed packets
- 28. a form of partial sequence integrity
- 32. IPsec in transport mode does not protect Ipheader.It protects what is delivered from the transport layer to the network layer.
- 33. In this mode,theIpsec header and tailer are added to the information coming from the transport layer.The IP header is added later.
- 36. Tunnel mode is used when either the sender or the receiver is not a host.
- 39. Security Parameters Index (SPI)
- 40. a bit string
- 43. could one-way relationship between sender & receiver that affords security for traffic flow
- 44. d be end user, firewall, router
- 46. indicates if SA is AH or ESP
- 47. has a number of other parameters
- 48. seq no, AH & EH info, lifetime etc
- 51. It uses a hash function and a symmetric key to create message authentication code.
- 52. It can be considered analogous to the algorithms used to calculate checksums or perform CRC checks for error detection.
- 54. The destination device does the same calculation using the key the two devices share, which enables it to see immediately if any of the fields in the original datagram were modified (either due to error).
- 55. ICV does not change the original data.
- 63. ESP provides source authentication, data integrity and privacy(confidentiality) and also provides protection against replay attacks.
- 65. ESP packet is identified by the protocol field of an IPv4 header and the “Next Header” field of an IPv6 header. It’s IP protocol number is 50.
- 68. ENCAPSULATION SECURITY PAYLOAD (ESP)
- 75. IPsec does not stop traffic analysis.
- 76. Ipsec provides encryption without authentication using ESP which is very dangerous.
- 78. Computer networks by Andrew Tanenbaum
- 79. Cryptography and Network Security by William Stallings