
	Where results make sense

Topic: Encapsulating Security Payload

Related Topics

Differentiated services

Routing

Traffic shaping

L2TPv3

VLAN

Traffic engineering

	ietf-ipngwg-esp-00.txt
		Atkinson [Page 1] Internet Draft IPv6 Encapsulating Security 16 February 1995 1.1 OVERVIEW The IPv6 Encapsulating Security Payload (ESP) seeks to provide confidentiality and integrity by encrypting data to be protected and placing the encrypted data in the data portion of the IPv6 Encapsulating Security Payload.
		A security gateway is a system which acts as the communications gateway between external untrusted systems and trusted hosts on their own subnetwork and provides security services for the trusted hosts when they communicate with external untrusted systems.
		In the case where a security gateway is providing services on behalf of one or more hosts on a trusted subnet, the security gateway is responsible for establishing the security association on behalf of its trusted host and for providing security services between the security gateway and the external system(s).
	ietfreport.isoc.org /idref/draft-ietf-ipngwg-esp (4350 words)

	RFC 1827 (rfc1827) - IP Encapsulating Security Payload (ESP)
		Encapsulating the protected data is necessary to provide confidentiality for the entire original datagram.
		In Tunnel-mode ESP, the original IP datagram is placed in the encrypted portion of the Encapsulating Security Payload and that entire ESP frame is placed within a datagram having unencrypted IP headers.
		Cryptographic transforms for ESP which use a block-chaining algorithm and lack a strong integrity mechanism are vulnerable to a cut-and- paste attack described by Bellovin and should not be used unless the Authentication Header is always present with packets using that ESP transform [Bel95].
	www.faqs.org /rfcs/rfc1827.html (3618 words)

	IPsec - Wikipedia, the free encyclopedia
		IPsec (IP security) is a standardized framework for securing Internet Protocol (IP) communications by encrypting and/or authenticating each IP packet in data stream.
		It must then be encapsulated into a new IP packet for routing to work.
		IPsec was intended to provide either transport mode: end-to-end security of packet traffic in which the end-point computers do the security processing, or tunnel mode: portal-to-portal communications security in which security of packet traffic is provided to several machines (even to whole LANs) by a single node.
	en.wikipedia.org /wiki/Ipsec (1476 words)

	ESP, Encapsulating Security Payload
		Security services can be provided between a pair of communicating hosts, between a pair of communicating security gateways, or between a security gateway and a host.
		The ESP header is inserted after the IP header and before the next layer protocol header (transport mode) or before an encapsulated IP header (tunnel mode).
		ESP can be used to provide confidentiality, data origin authentication, connectionless integrity, an anti-replay service (a form of partial sequence integrity), and (limited) traffic flow confidentiality.
	www.networksorcery.com /enp/protocol/esp.htm (808 words)

	[No title]
		ESP may be applied alone, in combination with the IP Authentication Header (AH) [KA97b], or in a nested fashion, e.g., through the use of tunnel mode (see "Security Architecture for the Internet Protocol" [KA97a], hereafter referred to as the Security Architecture document).
		The ESP header is inserted after the IP header and before the upper layer protocol header (transport mode) or before an encapsulated IP header (tunnel mode).
		ESP is used to provide confidentiality, data origin authentication, connectionless integrity, an anti-replay service (a form of partial sequence integrity), and limited traffic flow confidentiality.
	www.ietf.org /rfc/rfc2406.txt (5926 words)

	[No title]
		Security Parameters Index (SPI) The SPI is an arbitrary 32-bit value that is used by a receiver to identify the SA to which an incoming packet is bound.
		Payload Data Payload Data is a variable-length field containing data (from the original IP packet) described by the Next Header field.
		Security Association Lookup ESP is applied to an outbound packet only after an IPsec implementation determines that the packet is associated with an SA that calls for ESP processing.
	www.ietf.org /rfc/rfc4303.txt (11898 words)

	RFC 2406 (rfc2406) - IP Encapsulating Security Payload (ESP)
		The position of ESP in tunnel mode, relative to the outer IP header, is the same as for ESP in transport mode.
		The construction of the outer IP header/extensions during the encapsulation process is described in the Security Architecture document.
		Security Considerations Security is central to the design of this protocol, and thus security considerations permeate the specification.
	www.faqs.org /rfcs/rfc2406.html (5946 words)

	Encapsulating Security Payload
		ESP does not normally sign the entire packet unless it is being tunneled—ordinarily, just the IP data payload is protected, not the IP header.
		ESP indicates itself in the IP header using the IP protocol ID of 50.
		ESP is inserted after the IP header and before an upper layer protocol, such as TCP, UDP, or ICMP, or before any other IPSec headers that have already been inserted.
	www.microsoft.com /resources/documentation/Windows/2000/server/reskit/en-us/cnet/cndb_ips_jhsq.asp?frame=true (504 words)

	IPsec ESP: IP Encapsulating Security Payload (RFC 2406)
		Encapsulating Security Payload (ESP) is a key protocol in the IPsec (Internet Security) architecture, which is designed to provide a mix of security services in IPv4 and IPv6.
		ESP is used to provide confidentiality, data origin authentication, connectionless integrity, an anti-replay service, and limited traffic flow confidentiality.
		ESP is defined by IETF (www.ietf.org) in RFC 2406.
	www.javvin.com /protocolESP.html (417 words)

	[No title]
		Atkinson Standards Track [Page 2] RFC 1827 Encapsulating Security Payload August 1995 1.2 Requirements Terminology In this document, the words that are used to define the significance of each particular requirement are usually capitalised.
		The key management mechanism is used to negotiate a number of parameters for each security association, including not only the keys but other information (e.g., the cryptographic algorithms and modes, Atkinson Standards Track [Page 3] RFC 1827 Encapsulating Security Payload August 1995 security classification level, if any) used by the communicating parties.
		Atkinson Standards Track [Page 4] RFC 1827 Encapsulating Security Payload August 1995 3.1 Fields of the Encapsulating Security Payload The SPI is a 32-bit pseudo-random value identifying the security association for this datagram.
	www.rfc-editor.org /rfc/rfc1827.txt (3616 words)

	Encapsulating Security Payload -- dmeredit@cs.hmc.edu
		The more security we add to every packet on the net, the less space is available for the data we are trying to protect in the first place.
		Thus the ESP header has made allowances for this in the form of padding at the end of the packet.
		The payload is the original packet "encapsulated" by the ESP protocol headers and then encrypted using one of the approved algorithms.
	www.cs.hmc.edu /~dmeredit/abstracts/ESP-abstract.html (837 words)

	RFC 4305 - Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and ...
		Encapsulating Security Payload The implementation conformance requirements for security algorithms for ESP are given in the tables below.
		Security Considerations The security of cryptographic-based systems depends on both the strength of the cryptographic algorithms chosen and the strength of the keys used with those algorithms.
		The security also depends on the engineering and administration of the protocol used by the system to ensure that there are no non-cryptographic ways to bypass the security of the overall system.
	rfc.sunsite.dk /rfc/rfc4305.html (1766 words)

	ESP, Encapsulating Security Payload
		If authentication is negotiated for an ESP SA, the receiver also may elect to enforce an anti-replay service with the same features as the AH anti-replay service.
		The scope of the authentication offered by ESP is narrower than for AH, i.e., the IP header(s) "outside" the ESP header is(are) not protected.
		If only the upper layer protocols need to be authenticated, then ESP authentication is an appropriate choice and is more space efficient than use of AH encapsulating ESP. Note that although both confidentiality and authentication are optional, they cannot both be omitted.
	filibusta.crema.unimi.it /docs/rfc/esp.htm (319 words)

	IP Encapsulating Security Payload (ESP)
		Payload Data is a variable-length field containing data described by the Next Header field.
		ESP is applied to an outbound packet only after an IPsec implementation determines that the packet is associated with an SA that calls for ESP processing.
		Security is central to the design of this protocol, and thus security considerations permeate the specification.
	xml.resource.org /public/rfc/xml/rfc2406.xml (5570 words)

	Encapsulating Security Payload
		The difference between ESP and the Authentication Header (AH) protocol is that ESP provides encryption, while both protocols provide authentication, integrity checking, and replay protection.
		The ESP trailer and the optional authentication data are appended to the payload.
		ESP uses a symmetric key that both communicating parties use to encrypt and decrypt the data they exchange.
	www.redbooks.ibm.com /pubs/html/as400/v4r5/ic2924/info/RZAJAESP.HTM (532 words)

	Encapsulating Security Payload (ESP) - The Community's Center for Security
		Security services can be provided between a pair of communicating hosts, between a pair of communicating security gateways, or between a host and a gateway.
		The ESP header is encapsulated by the IP header, and the ESP header encapsulates either the upper layer protocol header (transport mode) or an IP header (tunnel mode).
		ESP can provide data confidentiality service, data origin authentication service, connectionless data integrity service, an anti-replay service, and limited traffic flow confidentiality.
	www.linuxsecurity.com /content/view/116805/141 (252 words)

	Infosecwriters.com
		IP Security is a large and complicated specification that has many options and is very flexible.
		The Encapsulating Security Payload protocol can handle all of the services IPsec requires.
		This paper will attempt to discuss the Encapsulating Security Payload (ESP) protocol — a comparison with Authentication Header, and ESP weaknesses and strengths.
	www.infosecwriters.com /texts.php?op=display&id=196 (66 words)

	Encapsulating Security Payload
		ESP DES-CBC Cipher Algorithm With Explicit IV (RFC2405)
		Use of HMAC-MD5-96 within ESP and AH (RFC2403)
		Use of HMAC-SHA-1-96 within ESP and AH (RFC2404)
	www.xtrj.org /ssm10/ipsec.htm (188 words)

	IETF IPSEC Protocol Encapsulating Security Payload Vulnerability
		Home Bugtraq Vulnerabilities Mailing Lists Security Jobs Tools
		RFC 2406 : IP Encapsulating Security Payload (ESP) (IETF)
		[security bulletin] SSRT5957 rev.0 - HP Tru64 UNIX IPSEC Tunnel ESP Mode Remote (Security Alert
	www.securityfocus.com /bid/13562/references (44 words)

	IPsec ESP: IP Encapsulating Security Payload (RFC 2406)
		ESP is defined by IETF (http://www.ietf.org) in RFC 2406.
		Network Security Map: All you must know about Network Security on One Chart.
		All commonly used network protocols fully explained and illustrated!
	www.networkdictionary.com /protocols/esp.php (517 words)

Try your search on: Qwika (all wikis)