[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Minimum implementation requirement of IPsec
Dear all,
IPsec contains several protocol, such as ESP, AH, IKE. I would like to ask
if I want to implement my own IPsec, which part I should do and which is
not if I want to connect my client to an IPsec server?
Now, I am concentrating on ESP tunnel mode instead of AH because ESP
provides both authentication and encryption. I have read the RFC and it
said that HMAC-MD5, HMAC-SHA1 is the requirement for message
authentication which DES-CBC is the requirement for message encryption.
For my implementation, I have prepared 3DES-EDE too because DES is now
known as not too secure.
For the IKE, I would like to ask should I implement it for the key change?
Can I use the pre-shared key model in IKE for my implemenation?
I apologise if my question is already answered here. I'm new to IPsec and
any comments is welcome!
Best Regards,
Derek