IPSec was designed to work at Layers 3 and 4.
Using different options can:
– Check for data integrity
– Encrypt the payload portion of IP
IPSec can be used between:
– Two gateways
– Two hosts
– Host and its gateway
Two primary protocols:
– Authentication Header (AH)
– Encapsulation Security Protocol (ESP)
AH – Authentication Header
– data integrity
Does not provide encryption
Uses one-way has function (also called an HMAC) to guarantee data integrity and
origin of the packet.
Entire IP packet put through one-way hash.
Includes IP header which could lead to problems.
TTL must be “zeroized: to give a “standard header”
Produces a new AH header for the packet to be transmitted.
AH may be applied alone, in combination with the IP ESP.
ESP – Encapsulating Security Protocol
ESP is primarily used to provide payload encryption.
With current revisions of the RFC, it also includes the ability for authentication
Because ESP can include all three services, authentication, integrity, and
encryption, most implementations do not include an AH options.
IPSec can use different algorithms for payload encryption such as:
Tunnel Mode versus Transport Mode
Both AH and ESP can operate in two modes:
– Transport Mode
– Tunnel Mode (default)
Transport Mode – The original IP packet is put through the ESP and/or AH options and then the
original IP header is reused with the packet, which would be the original packet plus added information
from ESP and/or AH.
Tunnel mode – The original IP packet is put through the ESP and/or AH options and the a new IP
header is created for the new packet, which is a combination of the original packet plus ESP and/or AH information plus a new IP header.
– Current IP header has been used in the hashing algorithm and therefore cannot be
changed from sender to receiver.
– If the packet goes through any device that performs NAT/PAT, then a portion of the
IP header is changed and you will never get the same hash output, because of
different inputs at the sender and receiver ends.
– Therefore, the packet will never be validated at the receiving end.
– Should only be used if:
• You have control of the network from end to end
• Guarantee no IP packet manipulation will take place.
– A new IP header is used from gateway device to gateway device, and the original packet is
– Once the receiving end receives the packet:
• Removes the new IP header
• Decrypts original header
• A new tunnel header can be added, which can get manipulated (NAT) throughout the network without
affecting the tunneled protocol.
Tunnel Mode versus Transport Mode
In transport mode end hosts do IPSec encapsulation of their own data
(host-to-host) therefore IPSec has to be implemented on each of the endhosts.
– The application endpoint must be also the IPSec endpoint.
– ESP transport mode is used between hosts.
In tunnel mode IPSec gateways provide IPSec services to other hosts
in peer-to-peer tunnels, and end-hosts are not aware of IPSec being used to
protect their traffic.
SA - Security Associations
Before an IPSec tunnel/transport can be created, certain parameters must be
negotiated and kept track of.
Security Associations (SAs) represent a policy contract between two peers or
hosts, and describe how the peers will use IPSec security services to protect network
SAs contain all the security parameters needed to securely transport packets between
the peers or hosts, and define the security policy used in IPSec.
Every VPN device has to have some form of security policy database (SPD), referred to
as a Security Associate (SA).
VPN devices store all their active SAs in a local database called the SA database
An SA is a single connection and all the parameters associated with it that are
agree upon by the two devices participating in the exchange.
Each SA is unidirectional.
There will always be at least two SAs in your SPD, one for A to B and B to A.
Possible to have multiple peers in a VPN network (NAS).
Each SA gets a unique 32 bit Security Parameter Index (SPI) number that is
sent in every packet pertaining to the specific SA.
The SA keeps track of general information such as :
– source IP
– destination IP
– IPSec protocols used
– SPI, encryption and authentication algorithms
– key lifetime (sets the amount of time and/or byte count that a key is valid for;
longer the time, the more vulnerable the data is.)