Internet Protocol Security |
IPSec provides the following properties for secured communications:
Non-Repudiation Verifies that the sender of the message is the only person who could have sent it. The sender cannot deny having sent the message. Non-repudiation is a property of messages containing digital signatures when using public key technology. With public key technology, the sender's private key is used to create a digital signature that is sent with the message. The receiver uses the sender's public key to verify the digital signature. Because only the sender has possession of the private key, only the sender could have generated the digital signature. Non-repudiation is not a property of message authentication codes and hashes on messages using secret key technologies, because both the sender and the receiver have the secret key.
Anti-Replay Also called replay prevention, it ensures the uniqueness of each IP packet. Anti-replay ensures that data captured by an attacker cannot be re-used or "re-played" to establish a session or gain information illegally. This protects against attempts to intercept a message and then use the identical message to illegally gain access to resources, possibly even months later.
Integrity Protects data from unauthorized modification in transit, ensuring that the data received is exactly the same as the data sent. Hash functions sign each packet with a cryptographic checksum using one of the shared keys, which the receiving computer checks before opening the packet. Only the sender and receiver have the key used to calculate the checksum. If the packet—and therefore signature—has changed, the packet is discarded.
Confidentiality (Encryption) Ensures that data is only disclosed to intended recipients. This is achieved by encrypting the data before transmission. This ensures that the data cannot be read during transmission, even if the packet is monitored or intercepted. Only the party with the shared, secret key is able to read the data (after decryption). This property is optional and is dependent on IPSec policy settings.
Authentication Verifies the origin of a message through the process of one side sending a credential and the receiver verifying the legitimacy of the credential. Windows 2000 IPSec provides multiple methods of authentication, to ensure compatibility with legacy systems, non-Windows-based systems, and remote computers. For more information on authentication, see the chapters under "Distributed Security" in the Microsoft® Windows® 2000 Server Resource Kit Distributed Systems Guide.