IP/Network

IPSec

The security algorithm specially designed for IP layer communication is called 'IPSec'.  It is a protocol suite designed to provide secure communication over IP networks, such as the internet. It provides security services at the IP layer, allowing it to protect all IP-based protocols, including TCP, UDP, and ICMP.

Components of IPsec

IPSec is composed of three main protocols: Authentication Header (AH), Encapsulating Security Payload (ESP), and Internet Key Exchange (IKE). AH provides authentication and integrity protection for IP packets, while ESP provides confidentiality protection for IP packets. IKE is used to establish a shared secret key between two parties.

Technically AH and ESP are the algorithm designed for IPSec and IKE is a kind of protocol that is used to exchange secrete keys which will be used for AH/ESP algorithm. So AH/ESP and IKE has a little bit different functionality. Each of these components are explained in separate notes as follows :

• IP Security : AH

• IP Security : ESP
• IP Security : IKE

Reference :