Is there any brief explanation for IP security? And Why do we use it?
+3
A:
If you mean IPsec It encrypts network traffic at the IP packet level. You use it to prevent other people -- in general -- from extracting the data travelling through your network -- especially sensitive data that is meant to be encrypted, however the application in question doesn't support encryption.
Hassan Syed
2010-01-22 13:34:11
A:
Encryption is just one aspect of security. Sometimes, you don't really care if the data can be read by anyone --- you just want to ensure that no one has tampered with it. In this case, the sender can use IP security (IPSec) to just integrity protect the data. The data is now tamper-evident: that is, any attempt to tamper with the data will be discovered by the receiver as integrity verification will fail. In this case NULL algo for encryption (i.e. no encryption) and SHA1 algo for integrity will be used.
Also, note that encryption without integrity protection is not very useful as an attacker can tamper with the data and the receiver won't be able to discover it. You may have to use application level checks to discover tampering and this is not foolproof.
IPSec also gives you protection against replay attacks: an attacker will not be able to capture the packets and replay them back later in an attempt to impersonate the sender.
So, use integrity protection alone (if the data is not sensitive) or integrity plus encryption.
Babu Srinivasan
2010-10-24 14:47:35