What is IPSEC and how it works

IPSEC (Internet Protocol Security) are 3 cryptographic protocols useful to encrypt communications through a network, usually used for VPN, but applicable to protect the IP (Internet Protocol) in different cases. IPSEC is part of IPV6 while optional for IPV4. The 3 protocols composing IPSEC are AH (Authentication Header), ESP (Encapsulating Security Payload) and IKE (Internet Key Exchange). While AH and ESP work in different ways, both of them can be combined to provide different functions.

While the protocol AH is an authentication protocol, the ESP protocol provides authentication and encryption too.

Security Association:

The association consists in the keys administration and establishing a secure connection between the devices, this is the first step in a connection and is carried out by the protocol IKE (Internet Key Exchange).


In this case the authentication does not provide encryption because the information is not ciphered, the function of the AH protocol and it’s authentication is to confirm the delivered packet wasn’t intercepted and modified or “broken” during the transference. The AH protocol helps to verify the transferred data integrity and the implicated IP addresses. Using IPSEC with AH won’t protect our information from a Man In the Middle attack but it will let us know about it by detecting differences between the received IP packet’s header and the original one. To do it the AH protocols identifies packets adding a layer with a sequence of numbers.

AH, Authentication Header as its name specifies also verifies the IP header layer, while the ESP doesn’t include the IP header.

Note: IP Header is an IP’s packet layer containing information on the established connection (or going to get connected), such as the source and destination address among more.

Encryption :

In contrast to the protocol AH which only authenticates the integrity of the packets, senders in IP headers, ESP (Encapsulating Security Payload) packet additionally offers encryption which means if an attacker intercepts the packet he won’t be able to see the content because it is ciphered.

Asymmetric and Symmetric encryptions

IPSEC combines both asymmetric and symmetric encryptions to provide security while keeping speed.

Symmetric encryptions have a single key shared between users, while asymmetric encryption is the one we use when authenticating with public and private keys. The asymmetric encryption is safer because it allows us to share a public key with many users while the security relies on the private key, symmetric encryption is less safe because we are forced to share the only key.

Symmetric encryption advantage is the speed, a permanent interaction between two devices permanently authenticating with asymmetric encryption would be slow. IPSEC integrates both of them, first the asymmetric encryption authenticates and establishes a safe connection between the devices using protocols IKE and AH and then it changes to symmetric encryption to keep the connection speed, the SSL protocol also integrates both asymmetric and symmetric encryptions but SSL or TLS belong to higher layer of the IP protocol, that’s why IPSEC can be used for TCP or UDP (you can also use SSL or TLS but is not the norm).

Using IPSEC is an example of the need to add additional support to our kernel to be used as explained in a previous article on the Linux Kernel. You can implement IPSEC on Linux with strongSwan, on Debian and Ubuntu systems you can type:

apt install strongswan -y

An article was also published on VPN services including IPSEC easy to setup on Ubuntu.

I hope you found this article useful to understand IPSEC protocols and how they work. Keep following LinuxHint for more tips and updates on Linux.

ONET IDC thành lập vào năm 2012, là công ty chuyên nghiệp tại Việt Nam trong lĩnh vực cung cấp dịch vụ Hosting, VPS, máy chủ vật lý, dịch vụ Firewall Anti DDoS, SSL… Với 10 năm xây dựng và phát triển, ứng dụng nhiều công nghệ hiện đại, ONET IDC đã giúp hàng ngàn khách hàng tin tưởng lựa chọn, mang lại sự ổn định tuyệt đối cho website của khách hàng để thúc đẩy việc kinh doanh đạt được hiệu quả và thành công.
Bài viết liên quan

Ethical Hacking Types, Functions and its Major Roles

If you are new to the field of cybersecurity and this field intrigues you, then you have come to the right place. Also know...

Top 10 tools for Penetration Testing on Linux

Previously, i have written an article which i suggested to learn certain tools a lot if you are in the penetration testing...

Top 5 Vulnerability Scanning Tools

The process of recognition, categorization and mitigation of vulnerabilities present in a network or application is called...
Bài Viết

Bài Viết Mới Cập Nhật

Huớng dẫn dùng proxy cho ios, iphone 2023

Cách gắn set proxy cho điện thoại android, oppo, giả lập android, Ldplayer Bằng Proxydroid

Mua Proxy Socks5 VN Chơi Game Gia Lập Tăng Cường Trải Nghiệm Chơi Game

Mua Proxy Mỹ, Us Nuôi Tài Khoản Etsy, eBay Tìm Hiểu Về Mua Proxy Mỹ tại Onet.com.vn

Mua Proxy Game – Giải pháp tuyệt vời cho việc chơi game trên mạng mà không bị giới hạn về vị trí địa lý