Differences between revisions 27 and 28
Revision 27 as of 2007-05-19 07:01:10
Size: 1516
Editor: JoergMayer
Comment:
Revision 28 as of 2008-04-12 17:51:29
Size: 1524
Editor: localhost
Comment: converted to 1.6 markup
Deletions are marked like this. Additions are marked like this.
Line 12: Line 12:
 * [http://www.ietf.org/rfc/rfc4301.txt RFC4301], Security Architecture for the Internet Protocol, S. Kent, K. Seo, December 2005, PROPOSED STANDARD.  * [[http://www.ietf.org/rfc/rfc4301.txt|RFC4301]], Security Architecture for the Internet Protocol, S. Kent, K. Seo, December 2005, PROPOSED STANDARD.
Line 14: Line 14:
 * [http://www.ietf.org/rfc/rfc4302.txt RFC4302], IP Authentication Header, S. Kent, December 2005, PROPOSED STANDARD.  * [[http://www.ietf.org/rfc/rfc4302.txt|RFC4302]], IP Authentication Header, S. Kent, December 2005, PROPOSED STANDARD.
Line 16: Line 16:
 * [http://www.ietf.org/rfc/rfc4303.txt RFC4303], IP Encapsulating Security Payload (ESP), S. Kent, December 2005, PROPOSED STANDARD.  * [[http://www.ietf.org/rfc/rfc4303.txt|RFC4303]], IP Encapsulating Security Payload (ESP), S. Kent, December 2005, PROPOSED STANDARD.
Line 18: Line 18:
The Algorithms to use and their requirements are described in [http://www.ietf.org/rfc/rfc4305.txt RFC4305]: Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (["ESP"]) and Authentication Header (["AH"]), D. Eastlake 3rd, December 2005, PROPOSED STANDARD. The Algorithms to use and their requirements are described in [[http://www.ietf.org/rfc/rfc4305.txt|RFC4305]]: Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload ([[ESP]]) and Authentication Header ([[AH]]), D. Eastlake 3rd, December 2005, PROPOSED STANDARD.
Line 23: Line 23:
If linked with Libcrypt Wireshark provides some advanced features such as Decryption of ESP Payloads and/or Authentication Checking. see ["ESP_Preferences"] If linked with Libcrypt Wireshark provides some advanced features such as Decryption of ESP Payloads and/or Authentication Checking. see [[ESP_Preferences]]

IPsec (Internet Protocol Security)

A set of protocols developed by the IETF to support secure exchange of packets at the IP layer.

IPsec Algorithms And Keys

The currently used version of IPsec (or more specifically IKE) is version 1, which is specified in RFCs 2401-2412 (plus some more).

Version 2 of IPsec is mainly described by the three following RFCs. Note though, that there are very few products that already implement IPsec version 2.

  • RFC4301, Security Architecture for the Internet Protocol, S. Kent, K. Seo, December 2005, PROPOSED STANDARD.

  • RFC4302, IP Authentication Header, S. Kent, December 2005, PROPOSED STANDARD.

  • RFC4303, IP Encapsulating Security Payload (ESP), S. Kent, December 2005, PROPOSED STANDARD.

The Algorithms to use and their requirements are described in RFC4305: Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH), D. Eastlake 3rd, December 2005, PROPOSED STANDARD.

You also may use some other Cryptographic Algorithms (have a look at the IANA for some other examples).

Wireshark

If linked with Libcrypt Wireshark provides some advanced features such as Decryption of ESP Payloads and/or Authentication Checking. see ESP_Preferences

Is this true for Win32? UlfLamping

IPsec (last edited 2008-04-12 17:51:29 by localhost)