Internet Protocol Security, short for IPSec, is a suite of protocols for securing communications across the TCP/IP stack. This suite is based on the use of mathematical functions along with encryption and authentication algorithms to ensure the privacy, integrity, and authenticity of information from each IP packet transmitted on the network.
IPSec is a framework that helps protect information flowing through the Internet.
IPSec makes this possible through the four key elements that make up it:
1. Encryption
2. Integrity
3. Authentification
4. Anti-replay
IPSec is a framework, that is, the structure on which an app is built, that allows us to add new protocols and change the existing ones.
Regardless of the topic, be it data encryption or establishing their integrity, if we build a new protocol then we will be able to integrate it into IPSec to secure our applications or VPN tunnels.
1. In case of encryption we have the following protocols:
a. DES, 3DES
b. AES, BlowFish, RC4
2. In the case of establishing data integrity, the protocols are:
a. MD5, SHA1
b. SHA2, SHA3
3. In the case of authentication, we have two main methods:
a. User and password
b. Certified digital
The 4th element, which is Anti-replay implies the fact that the recipient from an IPSec-based connection can detect the data fields that were sent in the first phase. This defense mechanism ensures that the sender does not attempt to send the data for malicious purposes a second time, thus trying to negate the data that was posted in the first instance.
Besides, IPSec is based on two significant headers encapsulating the standard IP packet:
1. AH – Authentication Header which establishes integrity and authenticates traffic but does not encrypt it.
2. ESP – Encapsulating Security Payload ensures the four elements mentioned above.
Thus, encrypting the entire header, IPSec or in this ESP, adds a new IP field and changes the current IP address with a false IP to hide the source and the destination making the two sources anonymous.
The VPN tunnels are of two kinds:
1. IPSec
2. SSL
When we connect from a phone or a laptop to a VPN server, the connection will be an SSL VPN. If we want to connect two networks, we will need to create an IPSec VPN tunnel.
IPSec is currently one of the most commonly used methods of securing Internet transmission, along with SSL (Secure Sockets Layer) and TLS (Transport Layer Security). Unlike these, IPSec protocols are found at level 3 of the TCP / IP and ISO-OSI stack, which makes it possible to secure all applications using the TCP/IP stack.
IPSec has an end-to-end architecture that is compatible with both IPv4 and IPv6, where integration of security features is native since the protocol was designed. The IETF officially describes the IPsec model through a series of RFCs.
Through the IPsec suite, communications between two or more independent computers are secured between two or more subnets each behind a gateway that uses the cryptographic functions for each subnet under its management, as well as between an independent computer and a subnet behind a gateway. IPsec is built on cryptographic properties of such models as Diffie-Hellman, RSA or DSA, and encryption and authentication algorithms such as DES, 3 DES, AES, MD5, SHA1.