Encryption Authentication

One common  technique  used to encrypt and authenticate in VPNs is IP security. IP sec  is a collection of protocols designed by the IETF( Internet Engineering  Task Force) to provide  security for a packet carried by the internet. instead it provides a framework and  a mechanism it leaves the selection of the  encryption authentication method  to the user.

IP sec  uses an authentication heard. The  authentication header  is an extra header  added to the data packet at the transport layer before  the IP  header is added.

When  an IP datagram carries an authentication header the protocols  field sin the IP header changes to a value of 51 show that the  datagram carries an AH A  field inside  the AH defines  the original  value  of eh protocols fields.

IP sec  uses  a mechanism  called encapsulation security  payload. ESP first  the  data  packet at the  transport layer  then  adds one extra header and one  extra trailer.

The ESP  header  define the algorism used for encryption. The ESP  trailer aligns the  packet  to the length required by some  encryption  algorithms. The ESP  trailer aligns tains  the authentication data  for the  whole packet excluding the IP  header. The value  of the  protocols  fields is 50 in the IP header  to indicate the use  of ESP.