- Tech know how online

encapsulating security payload (IPsec) (ESP)

The Encapsulating Security Payload(ESP) is used to encryptIP data packets and, like the Authentication Header( AH), uses the Hash-Based Message Authentication Code( HMAC) as its algorithm.

The ESP header uses cryptographic methods such as the Data Encryption Standard( DES) and encrypts all data that lies between the ESP header and the ESP trailer. At the end of a data packet, an optional ESP authentication block can provide additional authenticity.

IPSec in transport and tunnel mode

IPSec in transport and tunnel mode

The Encapsulating Security Payload, specified in RFC 2406, authenticates only the IP content in transport mode, not the IP header. This mode is mainly used within a secure network.

In tunnel mode, on the other hand, the IP header is encrypted to protect internal address information from unauthorized access. This mode is prescribed in the IPsec framework for secure tunneling between two firewalls in virtual private networks( VPN).

Englisch: encapsulating security payload (IPsec) - ESP
Updated at: 04.07.2011
#Words: 139
Links: event stream processing (EDA) (ESP), data, authentication header (IPv6) (AH), hash-based message authentication code (IP) (HMAC), algorithm
Translations: DE

All rights reserved DATACOM Buchverlag GmbH © 2023