I. Define how IP Security (IPSec) is the cryptographic authentication and encryption product of the IETF’s IP Protocol Security Working Group. Emphasize that this protocol is used to create virtual private networks (VPNs) and is an open framework for security development within the TCP/IP family of protocol standards.
II. Compare and contrast the two modes of operation IPSec works in: transport mode and tunnel mode.
• In transport mode, only the IP data is encrypted, not the IP headers.
• In tunnel mode, the entire IP packet is encrypted and is then placed as the payload in another IP packet.
III. Evaluate the IPSec protocol and describe how it operates to students.Use Figure 10-9 as a visual aid to assist with the explanation.
• IPSec combines several different cryptosystems in its operations:
• Diffie-Hellman key exchange for deriving key material between peers on a public network.
• Public-key cryptography for signing the Diffie-Hellman exchanges to guarantee the identity of the two parties.
• Bulk encryption algorithms, such as DES, for encrypting the data.
• Digital certificates signed by a certificate authority to act as digital ID cards.
• An IP layer security is obtained by using an application header protocol or an encapsulating security payload protocol.
• The application header (AH) protocol provides system-to-system authentication and data integrity verification, but it does not provide secrecy for the content of a network communication.
• The encapsulating security payload (ESP) protocol provides secrecy for the contents of network communications as well as system-to-system authentication and data integrity verification.