10-26-2006 03:57 AM - edited 03-05-2019 12:28 PM
I have just been reading up on this, which part is the encryption, is it the ip-sec part or the 3DES ? im unsure of what does what ? please help
10-26-2006 04:33 AM
Hi carl ,
The following info may clear your dought.
IPSec is a security addition to the IP protocol, that enables security and privacy to TCP/IP communication. With IPSec enabled communication, no one, except the receiver, can read what is sent over the network (like the Internet).Normally IPSec consists of two parts: The key management (IKE/ISAKMP) and the encryption part (ESP). IPSec is the most widely used protocol for VPN's (Virtual Private Networks). To ensure privacy, data is encrypted with an encryption algorithm. An encryption algorithm is a way of changing data so that only the ones who knows how it was changed can reconstruct it. To describe the process of changing and reconstructing data, the analogy to a lock and key has been made. You can lock data with a key, and only that key can unlock it. Triple DES (3DES) encryption algorithm is unbreakable today, and the widest used algorithm for strong encryption. If you want to find the right key for an encrypted text, you could try all possible keys, but prepare to be patient ! Triple DES has an effective number of keys that is approximately 2^112 (2*2*2*2 ... 112 times) that is 112 bits.
10-26-2006 05:13 AM
thanks for that, so, what does the ike/isakmp do ? , what does the esp do ? and what does the 3des do ?
10-26-2006 05:50 AM
IPSec provides security to IP flows through the use of authentication and encryption. Authentication verifies that data is not altered during transmission and ensures that users are communicating with the individual or organization that they believe they are communicating with.
Encryption makes data confidential by making it unreadable to everyone except the sender and intended recipient. IPSec comprises two encapsulating protocols:
Encapsulating Security Payload (ESP) provides confidentiality and authentication functions to every data packet.
Authentication Header (AH) provides authentication to every data packet.
Internet Key Exchange (IKE) is a means of dynamically creating IP Security (IPSec) connections. IPSec uses encryption and authentication to create virtual private networks over an insecure network. IPSEC provides Internet Key Exchange to automatically exchange randomly generated keys which are transmitted using asymmetric encryption technology, according to negotiated algorithm details
A mode of the DES encryption algorithm that encrypts data three times. Three 64-bit keys are used, instead of one, for an overall key length of 192 bits (the first encryption is encrypted with second key, and the resulting cipher text is again encrypted with a third key).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide