Today, you can make just about any kind of transaction online. Sensitive data, like your banking information, often traverse great distances, including, crossing continents. At the center of this, is the idea that the privacy of that information is being secured. The irony, though, is that the internet, as we know, was not originally designed with security in mind. Early transmissions went were virtually unprotected.
By the early 1990s, with the introduction of the world wide web, the face of commerce was about to change. And within a few years, we were looking at the end of the old internet addressing protocol, IPv4, and thinking about the future where internet devices will eventually outnumber people. Around this time, plans were being formulated to create a successor to IPv4, called IPv6, which will work alongside a new security protocol suite, called IPsec.
Internet Protocol Security, or just IPsec, was standardized by the Internet Engineering Task Force, and it protects information flowing through a connection shared by two endpoints; for example, host-to-host, network-to-network, or network-to-host; the information is secured through processes, like, authentication and encryption.
Authentication relates to users’ verification; for example, usernames and passwords. Whereas encryption uses algorithmic keys to encrypt and decrypt information.
As stated earlier, IPsec was created, mostly, to work with IPv6, and working together they forge a very secure communication protocol. But as the internet continues to wait upon the IPv6 revolution [which is inevitable, but no one seems to know when it will happen], IPsec has been mostly regulated to IPv4 traffic where it is used for securing tunnels, like, in VPNs.
How does IPsec work?
So how does IPsec work? Well, to begin, it’s a low-level security protocol: Which means, unlike many others, like SSH and TLS, which operate at the application layer, IPsec functions at the internet layer, or layer-3, of the OSI model — Making it possible for the encryption of individual packets.
When it comes to securing its connections, though, IPsec uses many open source protocols. Here are some examples:
The Authentication Header, or AH, is used for authentication.
The Encapsulating Security Payload, or ESP, implements encryption and authentication.
And the Internet Key Exchange, IKE, is used for exchanging encrypting and decrypting keys.
IPsec also uses various cryptographic algorithms. For example:
SHA, which is used for integrity and authenticity.
And AES, which deals confidentially.
Because IPv4 still remains the dominant version of the two internet addressing protocols, for the sake of compatibility, IPsec is equipped to function in one of two modes.
In Transport mode, only the packet’s payload is encrypted, not the source and destination IP addresses. This works fine for IPv6 traffic. But services, like, Network Address Translation have difficulty with this particular mode because of the Authentication Header, which makes it impossible to modify a packet’s IP address — A process that is necessary, especially for IPv4 traffic, where multiple computers are sharing the same gateway.
In Tunnel mode the entire packet is encrypted. This includes the payload along with the source and destination IP addresses. The newly encrypted packet is then placed into another packet with new IP addresses. Because these new addresses are not locked by the authentication header, they can be modified. Therefore, making Network Address Translation possible and providing the ability to secure and route IPv4 traffic. Tunnel mode is commonly used in virtual private networks.
So even though security was not a major concern for the designers of the early internet, it has become a priority in modern times. And though it may be impractical to rebuild the entire infrastructure, security measures, like IPsec, can mitigate threats and help to protect our most private information.