IPsec Protection Mechanisms
IPsec provides two security protocols for protecting data:
An AH protects data with an authentication algorithm. An ESP protects data with
an encryption algorithm. Optionally, an ESP protects data with an authentication algorithm. Each
implementation of an algorithm is called a mechanism.
The authentication header provides data authentication, strong integrity, and replay protection to IP datagrams. AH
protects the greater part of the IP datagram. As the following illustration shows,
AH is inserted between the IP header and the transport header.
The transport header can be TCP, UDP, SCTP, or ICMP. If a
tunnel is being used, the transport header can be another IP header.
Encapsulating Security Payload
The encapsulating security payload (ESP) module provides confidentiality over what the ESP encapsulates. ESP also provides the
services that AH provides. However, ESP only provides its protections over the part
of the datagram that ESP encapsulates. The authentication services of ESP are optional.
These services enable you to use ESP and AH together on the same
datagram without redundancy. Because ESP uses encryption-enabling technology, ESP must conform to U.S.
export control laws.
ESP encapsulates its data, so ESP only protects the data that follows its
beginning in the datagram, as shown in the following illustration.
In a TCP packet, ESP encapsulates only the TCP header and its
data. If the packet is an IP-in-IP datagram, ESP protects the inner IP
datagram. Per-socket policy allows self-encapsulation, so ESP can encapsulate IP options when ESP needs
If self-encapsulation is set, a copy of the IP header is made to
construct an IP-in-IP datagram. For example, when self-encapsulation is not set on a
TCP socket, the datagram is sent in the following format:
[ IP(a -> b) options + TCP + data ]
When self-encapsulation is set on that TCP socket, the datagram is sent in
the following format:
[ IP(a -> b) + ESP [ IP(a -> b) options + TCP + data ] ]
For further discussion, see Transport and Tunnel Modes in IPsec.
Security Considerations When Using AH and ESP
The following table compares the protections that are provided by AH and ESP.
Table 19-2 Protections Provided by AH and ESP in IPsec
Protects packet from the IP header to the transport header
integrity, data authentication:
Protects packet following the beginning of ESP in the
With encryption option, encrypts the IP datagram. Ensures confidentiality
With authentication option, provides
the same protection as AH
With both options, provides strong integrity, data
authentication, and confidentiality
Replay, cut-and-paste, eavesdropping
Authentication and Encryption Algorithms in IPsec
IPsec security protocols use two types of algorithms, authentication and encryption. The AH
module uses authentication algorithms. The ESP module can use encryption as well as
authentication algorithms. You can obtain a list of the algorithms on your system
and their properties by using the ipsecalgs command. For more information, see
the ipsecalgs(1M) man page. You can also use the functions that are described
in the getipsecalgbyname(3NSL) man page to retrieve the properties of algorithms.
IPsec on a Solaris system uses the Solaris cryptographic framework to access the
algorithms. The framework provides a central repository for algorithms, in addition to other
services. The framework enables IPsec to take advantage of high performance cryptographic hardware
accelerators. The framework also provides resource control features. For example, the framework enables
you to limit the amount of CPU time spent in cryptographic operations in
the kernel. For more information, see the following:
Authentication Algorithms in IPsec
Authentication algorithms produce an integrity checksum value or digest that is based on
the data and a key. The AH module uses authentication algorithms. The ESP
module can use authentication algorithms as well.
Encryption Algorithms in IPsec
Encryption algorithms encrypt data with a key. The ESP module in IPsec uses
encryption algorithms. The algorithms operate on data in units of a block size. By
default, the DES-CBC, 3DES-CBC, AES-CBC, and Blowfish-CBC algorithms are installed. The key sizes
that are supported by the AES-CBC and Blowfish-CBC algorithms are limited to 128
AES-CBC and Blowfish-CBC algorithms that support key sizes that are greater than 128
bits are available to IPsec when you install the Solaris Encryption Kit. However,
not all encryption algorithms are available outside of the United States. The kit
is available on a separate CD that is not part of the Solaris
10 installation box. The Solaris 10 Encryption Kit Installation Guide describes how to install the kit. For more information,
see the Sun Downloads web site. To download the kit, click the Downloads A-Z
tab, then click the letter S. The Solaris 10 Encryption Kit is
among the first twenty entries.