The note of zhuanzhe ：

1. This article reprints Caoshihong Sir's blog ; I am on my own IPSec On the basis of practical application , Add chapter numbers to this blog post ; stay In the chapter of encapsulation agreement 、 Delete two packet capturing pictures .
2. IPSec The two ends of communication are mutual client 、server The way , Peer to peer encryption and authentication .

1. IPSec Concept introduction

What is? IPSec？

IPSec（Internet Protocol Security） yes IETF（Internet Engineering Task Force） A set of open network security protocols . It's not a separate agreement , But a series for IP The network provides a collection of security protocols and services .

IPSec Used to solve IP Technology of Layer Security .IPSec Designed to support both IPv4 and IPv6 The Internet .

IPSec It mainly includes security protocols AH（Authentication Header） and ESP（Encapsulating Security Payload）, Key management exchange protocol IKE（Internet Key Exchange） And some algorithms for network authentication and encryption .

IPSec Mainly through encryption and verification , by IP Packets provide security services .

IPSec Services provided ：

IPSec Through encryption and verification , From the following aspects to ensure the user business data in Internet Secure transmission in ：

Data source validation ： The receiver verifies whether the sender's identity is legal .
Data encryption ： The sender encrypts the data , In the form of ciphertext Internet Send up , The receiver decrypts the received encrypted data or forwards it directly .
Data integrity ： The receiver verifies the received data , To determine whether the message has been tampered with .
Anti replay ： The receiver rejects old or duplicate packets , Prevent attacks by malicious users by repeatedly sending captured packets .

Why implement IPSec?

The biggest motivation for implementation is to save money .

2. IPSec frame

IPSec It's a framework , It does not refer specifically to an agreement , It defines a framework , Formed by various agreement groups and negotiations . The framework mainly involves , encryption algorithm 、 Verification algorithm 、 Encapsulation protocol 、 Encapsulation mode 、 The validity of the secret key, etc .

Reprint note ：
Personal understanding ,IPSec The framework is a solution for network applications , Describe the business flow flow rules and details ;

2.1 encryption ：

Encryption algorithms fall into two categories . Symmetric algorithm and asymmetric algorithm .

Symmetric encryption algorithm ：

characteristic ： Symmetric secret key algorithm ： Use the same secret key for addition and subtraction .

Encryption and decryption process ：

encryption ： Plaintext data ----- Shared secret key encryption -------- Ciphertext data

Decrypt ： Ciphertext data ----- Shared secret key decryption -------- Plaintext data

Advantages of symmetric encryption algorithm ：

• Fast
• Security
• compact

Disadvantages of symmetric encryption algorithm ：

• Clear text transfer shared secret key , It is easy to have problems of hijacking and eavesdropping .
• The number of secret keys increases by the square of the number of participants . That's exponential growth .
• Because there are too many , So there will be big problems in management and storage .
• Digital signature and non repudiation are not supported .

It is suitable for big data encryption .

Common symmetric algorithms ：

• DES, Data encryption standard DES（Data Encryption Standard） It USES 56 Bit key to a 64 The plaintext block of bit is encrypted .

• 3DES,3DES（Triple Data Encryption Standard）,3DES It's an enhanced DES standard , It's used on data that needs to be protected 3 Time DES, Use three different 56 Bit DES secret key （ common 168 A key ） Encrypt plaintext .

• AES, Advanced encryption standards AES（Advanced Encryption Standard）
  AES Designed to replace 3DES, Provides faster and more secure encryption .AES You can use three kinds of keys ：AES-128、AES-192 and AES-256, The key length is divided into 128 position 、192 position 、256 position .

With the increase of key length , The higher the confidentiality and security requirements of encryption algorithm , But the slower the calculation . In general 128bit Can fully meet the security needs .

Asymmetric encryption algorithm ：

characteristic ： Asymmetric secret key algorithm , A pair of keys , Public and private keys . Public key encryption , Private key decryption .

Encrypt with private key , Public key decryption is called digital signature .

Only for key exchange （ Encryption key ） And digital signatures （ Encryption hash ）.

The advantages of asymmetric encryption algorithm ：

• Security
• Because you don't have to send the key to the recipient , Therefore, asymmetric keys do not have to worry about the problem that the key is intercepted halfway .
• The number of keys is the same as the number of participants .
• There is no need to establish a relationship between the participants in advance to exchange keys .
• Technical support for digital signatures and non repudiation .

The disadvantages of asymmetric encryption algorithm ：

• Very, very slow .
• The ciphertext will be very long .

Suitable for small data encryption .

Common asymmetric encryption algorithms ：

RSA, 512/768/1024/2048bit ro lager.
DH,768,、102/1536bit or lager. Only applicable to virtual private network .

Reprint note :
Digital envelope ---- Perfect solution ：

The encryption process is essentially 、 It is the application process of symmetric plus asymmetric algorithm ：

The encryption process ：

1. Apply symmetric key to encrypt plaintext to get ciphertext .
2. Encrypt the symmetric key of plaintext with the private key of asymmetric key to get the key package .

The decryption process ：

1. Apply the public key of the other party to decrypt the key packet to obtain the symmetric key of plaintext .
2. Decrypt ciphertext with symmetric key , Get plaintext data .

2.2 verification ：

Verification algorithm , Also called HASH Algorithm , Hash function .

Purpose ：

• Verify data integrity

characteristic :

• Fixed size
• Avalanche effect
• One way irreversible
• Conflict avoidance （SHA-2）

working principle ：

Plaintext data ----------- Hash algorithm （MD5 Algorithm ）-------- Calculate the hash value 1（12345）
Plaintext data + The hash value is sent to the opposite end

verification ：
Plaintext data ---------- The same hash algorithm （MD5 Algorithm ）--------- Calculate the hash value 2（67890）
If the hash value 1 And hash 2 identical , The verification is successful , If the hash values are different , Description validation failed

Common verification algorithms ：

• MD5
  A summary of the news MD5（Message Digest 5）, Enter messages of any length ,MD5 produce 128 Signature of .
  MD5 Than SHA faster , But it's a little less secure .

• SHA1
  Secure hash algorithm SHA（Secure Hash Algorithm） By NIST Developed . stay 1994 To the original HMAC The function has been revised , go by the name of SHA1. The input length is less than 264bit The news of ,SHA1 produce 160 Message summary of bits .

SHA1 Than MD5 slower , But it's safer . Because it has a long signature , It has more powerful anti attack function , And can discover the shared key more effectively .

• SHA2
  SHA2 yes SHA1 Enhanced version of ,SHA2 The algorithm is relative to SHA1 The length of encrypted data has increased , The safety performance is much higher than SHA1.SHA2 The algorithm includes SHA2-256、SHA2-384 and SHA2-512, The key length is 256 position 、384 Bit and 512 position .

As the key length goes up , Authentication algorithm is more secure , But the slower the calculation . In general 256 Bit can fully meet the security needs .

Working process diagram of digital signature ：

Private key encryption , Public key decryption ------ digital signature
Achieve integrity , Source Authentication Undeniable?

Implementation process ：

 Plaintext data ---------hash Algorithm （md5）----------hash value （128bit- for example 12345）------- Private key encryption ------------ digital signature     
  digital signature  -------- Decrypt with the other party's public key ------hash value 12345
  Plaintext data --------hash Algorithm （md5) ---hash value 12345
 If the hash value 1 And hash 2 identical , The verification is successful , If the hash values are different , Description validation failed 

• 1
• 2
• 3
• 4

Application of digital signature ：

Driver signature
PDF Signature
IPSec Virtual private network Digital signature authentication .
Digital certificate adopts digital signature .

2.3 Encapsulation protocol （ Security protocols ）：

IPSec Use certification head AH（Authentication Header） And package security ESP（Encapsulating Security Payload） Two security protocols to transmit and encapsulate data , Provide authentication or encryption and other security services .

2.3.1 AH：

AH It's based on IP Transport layer protocol , The agreement number is 51.
Only authentication is supported , Encryption is not supported .
The entire head is certified .

• AH working principle ：
  Its working principle is in every data package standard IP Add a AH Message header . As shown below ：
  
  chart ：AH Header structure
  AH On the packet and authentication key Hash Calculation , When the receiver receives the packet with the calculation result , Do the same Hash Calculation and comparison with the original calculation results , Any changes to the data during transmission will invalidate the calculation , This provides data source authentication and data integrity verification .AH The scope of protocol integrity verification is the whole IP message .
  AH Message header field meaning ：

2.3.2 ESP：

ESP Support encryption and authentication .

ESP It's based on IP Transport layer protocol , The agreement number is 50. Its working principle is in every data package standard IP Add a ESP Message header , And add a ESP tail （ESP Tail and ESP Auth data）. And AH The difference is ,ESP The payload in the data is encrypted and then encapsulated in the data package , To ensure the confidentiality of data , but ESP No, right IP The content of the header is protected .

ESP Header fields ：

2.4 Encapsulation mode

Encapsulation mode means to put AH or ESP The relevant fields are inserted into the original IP In the message , To realize the authentication and encryption of messages , There are two modes of encapsulation: transport mode and tunnel mode .

2.4.1 transmission mode ：

In transport mode ,AH Head or ESP The head is inserted into IP Between header and transport layer protocol header , Protect TCP/UDP/ICMP load . The transmission mode does not change the message header .

chart ： Packet encapsulation in transmission mode
In transmission mode ,AH The scope of protocol integrity verification is the whole IP message .ESP The integrity check part of the protocol verification message includes ESP head 、 Transport layer protocol header 、 Data and ESP Report the end , But does not include IP head , therefore ESP The agreement does not guarantee IP The safety of the head .ESP The encryption part of the includes the transport layer protocol header 、 Data and ESP Report the end .
Judgment method ：

1. The address of the communication point is the same as that of the encryption point
2. The communication point address can be routed

2.4.2 Tunnel model ：

In the original IP Insert before the head ESP/AH Head , At the same time, new IP Head .

chart ： Tunnel model
Tunnel mode ,AH The scope of integrity verification of the protocol includes new IP The whole... Including the head IP message .ESP The integrity check part of the protocol verification message includes ESP head 、 primary IP head 、 Transport layer protocol header 、 Data and ESP Report the end , But does not include new IP head , therefore ESP The agreement does not guarantee a new IP The safety of the head .ESP The encryption part of includes the original IP head 、 Transport layer protocol header 、 Data and ESP Report the end .

Judgment method ：

Communication point address and encryption point address are different
Address of communication point to internet Can it be routed , It must be a tunnel

2.4.3 Comparison between transmission mode and tunnel mode ：

The difference between transmission mode and tunnel mode is ：
In terms of security , Tunnel mode is better than transmission mode . It can be completely original IP Datagram verification and encryption . Tunnel mode can hide the inside IP Address , Protocol type and port .
In terms of performance , Tunnel mode because there's an extra IP head , So it's going to take up more bandwidth than the transport mode .
When security protocols are used at the same time AH and ESP when ,AH and ESP The protocol must adopt the same encapsulation pattern .

2.5 The key is valid for ：

The default is 86400s, namely 24 Hours ; The configuration file can be modified .

3 IPSec Related links

3.1 authentication 、 Encryption related

IKEv1 Agreement reference ：IKEv1 protocol
IKEv2 Agreement reference ：IKEv2 protocol

digital certificate PKI principle

3.2 IPSec Examples of various scenario configurations

IPSec Examples of each scenario configuration

3.3 IPSec application

IPSec  Virtual private network NAT Crossing technology NAT-T
IPSec  Highly reliable （ High availability ）
GRE over IPSec Technical principle

Link to the original text ：
IPSec The basic principle _ Cao Shihong's blog -CSDN Blog _ipsec

Extend reading Links ：
strongSwan - Documentation
IPSEC Of IKE The negotiation process , Main mode and savage mode

Reference resources ：

IPSec The basic principle _ Cao Shihong's blog -CSDN Blog _ipsec

Network security _ Cao Shihong's blog -CSDN Blog