Encryption Above IP

• Layer inserted between IP and transport

• IPSec (IP Security) on IETF standards track

  • many vendors, including open source (FreeSWAN)

• Protects transport header along with application

• Can be used end-to-end, or to carry other IP packets in “tunnel” mode

• Increased header overhead, esp with authentication

  • IP fragmentation issues
  • no VJ TCP/IP header compression
  • unavoidable for strong packet-level security

Previous slide

Next slide

Back to first slide

View graphic version