|
|
United States-English | |
|
|
 |
|
HP-UX IPSec version A.01.06 Administrator's Guide: HP-UX 11i Version 2 > Chapter 1 HP-UX IPSec Overview
Encapsulating Security Payload (ESP) |
|
|
The IPSec Encapsulating Security Payload (ESP) provides data privacy. The ESP protocol also defines an authenticated format that provides data authentication and integrity, with data privacy (described in “Authenticated ESP”). ESP takes the data carried by IP, such as a TCP packet, and encrypts it using an encryption algorithm and cryptographic key. The output is ciphertext that is difficult to decode without knowing the key. The receiving IPSec ESP entity uses an associated decryption algorithm and the same key to extract the original data. The cryptography used by ESP is referred to as symmetric key cryptography or shared key cryptography because the sender and receiver must use the same key. In addition, the key must only be known by the sender and receiver, so this class of cryptography is sometimes referred to as secret key cryptography. HP-UX IPSec supports the following encryption algorithms for ESP: AES128-CBC is the most secure form of encryption for HP-UX IPSec. AES128-CBC encryption throughput rates are comparable to or better than DES-CBC and 3DES-CBC. For more information about HP-UX IPSec performance, refer to the HP-UX IPSec Sizing and Performance document available at www.docs.hp.com. DES-CBC has been cracked (data encoded by DES has been decoded by a third party). For added security, use ESP with authentication, as described in “ESP with Authentication and Encryption”. The ESP header can be used in transport mode or tunnel mode. In transport mode, the original IP header is followed by the ESP header. Only the upper-layer (e.g., TCP, UDP, IGMP) is encrypted. The IP header is not encrypted. In IPv6 ESP transport mode, IPSec inserts the ESP header after the following headers and extensions:
The items listed below follow the ESP header and are encrypted:
In tunnel mode, IPSec encloses, or encapsulates, the original IP datagram, including the original IP header, within a second IP datagram. All of the original IP datagram, including the original header, is encrypted. If ESP is used in tunnel mode on gateways, the outer, unencrypted IP header will contain the IP addresses of the gateways, and the inner, encrypted IP header will contain the ultimate IP source and destination addresses. This prevents eavesdroppers from detecting or analyzing traffic between the ultimate source and destination addresses. The ESP encryption algorithms by themselves not provide authentication or guarantee data integrity, so you should use ESP encryption with an authentication and data integrity service. There are two ways to do this:
With authenticated ESP, IPSec encrypts the payload using one symmetric key, then calculates an authentication value for the encrypted data using a second symmetric key and the HMAC-SHA1 or HMAC-MD5 algorithm. The ESP authentication value is appended to the end of the packet. The recipient computes its own authentication value for the encrypted data using the second symmetric key and the same algorithm. The recipient compares the result with the transmitted authentication value. If the values match, the recipient then decrypts the encrypted portion of the packet with the first symmetric key and extracts the original data. An ESP packet can be nested within an AH packet. For example, a 3DES-CBC ESP packet can be nested within an HMAC-MD5 packet. IPSec uses 3DES-CBC to build an ESP packet with the payload data encrypted using a symmetric key. IPSec then nests the ESP packet within an AH packet, using a second symmetric key. All the contents of the packet are authenticated, except the mutable fields of the IP header. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 Printable version |
|
|
|
|
|
|||||||||||||||
|
|||||||||||||||
