Abstract
The use of virtual private networks (VPNs) for the communications protection is becoming increasingly common. Likewise, the IPSEC architecture has been gaining ground and, at present, is the solution more used for this purpose. That is the reason why a large number of implementations of IPSEC have been created and put into operation. This work proposes three testing topologies to carry out IPSEC implementation assessment, each of these scenarios will supply an important guide for the determination of objectives, digital evidences to collect and test batteries to develop, in any evaluation of a IPSEC device.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Carrel, D., Harkins, D.: The Internet Key Exchange (IKE). IETF RFC 2409 (November 1998)
Thumann, M.: PSK Cracking using IKE Aggressive Mode (April 2004), http://www.ernw.de/download/pskattack.pdf
Ventzislav, N.: A DoS Attack Against the Integrity-Less ESP (IPSec). In: Malek, M., Fernández-Medina, E., Hernando, J. (eds.) Proceedings of the International Conference on Security and Cryptography, SECRYPT 2006, pp. 19–199. INSTICC Press (2006)
Braden, R., Borman, D., Partridge, C.: Computing the Internet Checksum. IETF RFC 1071 (September 1988)
Vaarala, S., Nuopponen, A., Virtanen, T.: Attacking Predictable IPsec ESP Initialization Vectors. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 160–172. Springer, Heidelberg (2002)
McCubbin, C.B., Selçuk, A.A., Sidhu, D.P.: Initialization Vector Attacks on the IPsec Protocol Suite. In: Proceedings of the 9th IEEE international Workshops on Enabling Technologies: infrastructure For Collaborative Enterprises. WETICE, June 4-16, pp. 171–175. IEEE Computer Society, Washington (2000)
Kent, S.: IP Authentication Header. IETF RFC 4302 (December 2005)
Kent, S.: IP Encapsulating Security Payload (ESP). IETF RFC 4303 (December 2005)
Eastlake 3th, D.: Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH). IETF RFC 4305 (December 2005)
Maughan, D., Schertler, M., Shneider, M., Turner, J.: Internet Security Association and Key Management Protocol (ISAKMP). IETF RFC 2408 (November 1998)
Hoffman, P.: Algorithms for Internet Key Exchange version 1 (IKEv1). IETF RFC 4109 (May 2005)
Hoffman, P.: Cryptographic Suites for IPsec. IETF RFC 4308 (December 2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Sánchez-Chaparro, F., Sierra, J.M., Delgado-Mohatar, O., Fúster-Sabater, A. (2009). Testing Topologies for the Evaluation of IPSEC Implementations. In: Gervasi, O., Taniar, D., Murgante, B., Laganà, A., Mun, Y., Gavrilova, M.L. (eds) Computational Science and Its Applications – ICCSA 2009. ICCSA 2009. Lecture Notes in Computer Science, vol 5593. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-02457-3_12
Download citation
DOI: https://doi.org/10.1007/978-3-642-02457-3_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-02456-6
Online ISBN: 978-3-642-02457-3
eBook Packages: Computer ScienceComputer Science (R0)