Online Learning
CLICK HERE TO ORDER YOUR ASSIGNMENT

IPSec and Cryptography

IPsec is very vital since it offers numerous solutions to virtual private Networking (VPN), by giving communication security against untrusted network like the internet. Cryptography refers to the change of plaintext information into a coded form. The aim of cryptography is to offer the necessary security and frontier access to private information. This paper offers a clear discussion of the major functions of IPsec in relation to the cryptographic functions employed by the protocol suite during the packet exchange process. The paper further discusses the limitations of the IPsec in relation to the used algorithms and attacks against IPsec. Functions of IPsec There are numerous functions that the IPsec performs. First, the IPsec is used for data confidentiality. The function is achieved by the IP sec sender encrypting the data packets prior to sending them to another network. The second function is data integrity. This requires the IPsec receiver to authenticate the data packets received from the IPsec sender in order to guarantee the safety of the received data packets. The third function of IPsec is data authentication. This enables the IP sec receiver to confirm the origin of the sent IPsec packets, although the success of this function relies on the data service. The replay function is the fourth function played by the IPSec (Pachghare, 2009). In the execution of this function the IP sec receiver is capable of sensing and eliminating the repeated packets. The above services are offered at the IP layer, thus they can be employed at any upper layer protocol. Such as TCP, UDP, and ICMP, just to mention a few. The IP DOI is also responsible for the provision of the IP compression. this is achieved through the encryption that is done in the IPsec. This hinders sufficient compression by the lower protocol layers (Elkelany, 2002). At the IP layer, the IPsec offers the necessary security that allows the system to choose the suitable security protocols, establish the algorithms to be employed for the task and reorganize the cryptographic keys needed to offer the application. IPsec are capable of providing sufficient security to more than one path between a protection gateway and host (Pachghare, 2009). IP sec can establish the areas that are susceptible to attacks, thus providing the necessary security. This is achieved by configuring admission lists that are further interfaced in the crypto map sets (Pachghare, 2009). At this point the traffic may be chosen in basing on the origin and destination. There can be several users on a particular traffic, and at the same time the crypto map set might have several admission lists. In order to guarantee the security, a specific sequence must be employed when searching the crypto maps. The traffic usually tries to match the packet in order to gain admittance. When packet gain admittance to a specific data list, the corresponding crypto map is marked as Cisco and the required connections made. IPsec is usually activated whenever the crypto connection is marked as ipsec-isakmp. In the absence of the SA that the IPsec can use to provide the protection to the affected routes, the Internet Key Exchnage (IKE) is usually used to discuss with the secluded users in order to come up with the required IP sec to facilitate the smooth streaming of information. The discussions are usually based on the data specified in the crypto m

IPSec and Cryptography