Secure Sockets Layer (SSL)
The SSL protocol is positioned below the Application Layer and above the TCP/IP Layer (see Figure 4). SSL provides services to applications such as http.
The protocol supports authentication of the host and, if required, authentication of the user, as well as encrypted data exchange. A key feature of SSL is the fast set-up and tear-down of the secure connection.
SSL is supported by all major browsers and is therefore available to any Web-based client. Although initially developed to support credit card and electronic transactions, SSL is now also used for VPN applications where the use of standard hardware by the client is a major advantage over IPSec.
IPSec has been defined to support VPN applications. It is a Network Layer security protocol that is transparent to the applications above it and to the underlying Link Layer.
IPSec supports two modes: transport, where the existing IP header is reused and therefore not protected; and tunnel, where the entire TCP/IP packet is encrypted and then packed with a new IP header. There are also two IPSec protocols: Authentication Header (AH) and Encapsulating Security Payload (ESP).
Figure 5 shows the IPSec protocols. At the top, we have the original IP packet with a header and payload. Below, we show the packet with the Authentication Header (AH) added. The AH is added between the IP header and the payload. The IP header is modified to reflect the new packet size. At the destination, the AH is recalculated and checked against the received packet. Using AH, the destination can be confident of the source – but the payload can be read by anyone listening in.
The third packet shows the Encapsulating Security Payload (ESP). The payload is encrypted and the ESP field is added after the IP Header. Again, the source is authenticated, but this time the payload can be read only by the intended destination.
Finally, at the bottom, we show the most common IPSec implementation, an ESP tunnel. Here the original IP packet, including the header and payload, is encrypted, protecting not only the payload but also the identity of the source and destination.
SSL and IPSec each consist of three main operations; key exchange, authentication, and encryption.
Before encrypted data can be sent, there must be a key exchange. The key exchange protocol sets up a number of Security Associations (SAs), which are one-way associations that define the protocol, destination, and security parameters used on a secure link. The main cryptographic algorithm for SSL key exchange is RSA.
For IPSec, the Internet Key Exchange protocol (IKE) is used. IKE is based on the Diffie-Hellman public key exchange algorithm and has two modes of operation. The main mode uses an SA for both setup and data exchange, while the aggressive or quick mode uses the SA only for data exchange.
To ensure authentication of the source, destination, and data, a number of algorithms are used, including DSA, MD5, and SHA-1. Most security processors support all these algorithms.
IPSec defines a number of bulk encryption algorithms, but 3DES is the most widely used. 3DES is the Data Encryption Standard (DES) applied three times. An alternative bulk encryption algorithm for IPSec is the relatively new Advanced Encryption Standard (AES).
To look at a test of carrier-class IPSec equipment, see Carrier-Class IPSec: the Bigger the Better.