- Security Parameter Index (SPI) กำหนด Security Association (SA) ระบุ ESP ที่ สอดคล้องกัน - Sequence Number ระบุลำดับของแพ็กเก็ต - Initialization Vector (IV) ใช้ในกระบวนการเข้ารหัสข้อมูล ป้องกันไม่ให้สองแพ็กเก็ต มีการเข้ารหัสที่ซ้ำกันเกิดขึ้น - Data คือข้อมูลที่เข้ารหัส - Padding เป็นการเติม Data เพื่อให้ครบจำนวนไบต์ที่เข้ารหัสได้ - Padding Length บอกความยาวของ Padding ที่เพิ่ม - Next Header กำหนดเฮดเดอร์ถัดไป - HMAC ค่าที่เกิดจากฟังก์ชันแฮชขนาด 96 บิต
ESP Transport Mode สำหรับ ESP Transport mode,ESP header จะถูก เพิ่มใน IP datagram มีเพียง IP header และ ESP trailer จะเพิ่มหลังจาก payload ใน IP header, ฟิลด์ Protocol กำหนดเป็น 50(0x32) เพื่อแสดงว่า ESP header เป็นปัจจุบัน
ESP Transport Mode
ESP Tunnel Mode In ESP Tunnel mode, the entire original IP datagram is encapsulated with a new (outer) IP header and an ESP header and trailer. In the outer IP header, the Protocol field is set to 50 (0x32) to indicate that an ESP header is present. For Tunnel mode, the original IP header and payload are unmodified. Like AH Tunnel mode, the outer IP header is constructed from the configuration of the IPsec tunnel.
ESP Tunnel Mode
For ESP Tunnel mode, the following portions of the packet are encrypted ■ The original IP datagram (IP header and payload) ■ The Padding, Padding Length, and Next Header fields of the ESP trailer
ISAKMP Message Structure ISAKMP messages are sent as the payload of UDP messages using UDP port 500
ISAKMP Header The ISAKMP header is a standard header that is present for all ISAKMP messages and contains information about the message, including the type of packet.
SA Payload The SA payload is used to indicate the domain of interpretation (DOI) and situation for the SA negotiation. The DOI is a set of definitions for payload formats, exchange types, and naming conventions for security-related information, such as the naming of policies and cryptographic algorithms. A situation is a set of information that identifies security services in the ISAKMP message
Proposal Payload The Proposal payload contains security parameter information that is used to negotiate the security settings for either an ISAKMP or IPsec SA. The Proposal payload contains proposal settings and then a series of one or more Transform payloads that contain the specific security settings for encryption and authentication algorithms for the SA
Transform Payload The Transform payload contains information that identifies a specific security mechanism, or transform, that is proposed to secure future traffic. The Transform payload also contains SA attributes, as defined in RFC 2407 for the IPsec DOI.
Vendor ID Payload The Vendor ID payload contains a string or number that either indicates a specific capability or is defined by a vendor so that an IPsec implementation can recognize an IPsec peer running the same implementation
Vendor ID Payload
Nonce Payload The Nonce payload contains a pseudorandom number that is used to ensure a live exchange and provide replay protection. Nonces are also used to calculate hashes in other payloads. Figure
Key Exchange Payload The Key Exchange payload contains information pertaining to the key exchange process. The key exchange process supported by IPsec for Windows Server 2008 and Windows Vista is Diffie-Hellman. With Diffie-Hellman, two IPsec peers exchange key values that are sent in plaintext.
Key Exchange Payload
Notification Payload The Notification payload is used to transmit control information, such as an error condition, to an IPsec peer. A single ISAKMP message can contain multiple Notification payloads. For Notification payloads within a Main mode message, the initiator and responder cookies identify the negotiation
Delete Payload The Delete payload is used to inform an IPsec peer that an SA for a specific protocol has been deleted. The receiver should remove its corresponding SA. IPsec for Windows Server 2008 and Windows Vista supports verification of Delete payloads. If an ISAKMP message with a Delete payload is received, the receiver acknowledges it. If an acknowledgment is not received, the Delete payload is resent
Identification Payload The Identification payload is used to convey identification information and authenticate an IPsec peer.
Hash Payload The Hash payload contains a hash value that is a result of a hash function computed over a set of fields or other parameters. The Hash payload can be used to provide integrity or authentication of negotiating peers
Certificate Request Payload The Certificate Request payload is used to request certificates from an IPsec peer. After receipt of an ISAKMP message with a Certificate Request payload, an IPsec peer must send a certificate or certificates based on the contents of the Certificate Request payload.
Certificate Request Payload
Certificate Payload The Certificate payload is used by an IPsec peer when sending its certificate. This is typically done during the authentication phase of Main mode negotiation.
Signature Payload The Signature payload is used to send digital signatures calculated over a set of fields or parameters. The Signature payload provides data integrity and nonrepudiation services during the authentication phase of Main mode negotiation
AuthIP Messages Both IKE and AuthIP use ISAKMP as their key exchange and SA negotiation protocol. AuthIP uses ISAKMP messages with the exchange types 243 (Main Mode), 244 (Quick Mode), 245 (Extended Mode), and 246 (Notify) in the ISAKMP header. An important difference in AuthIP-based ISAKMP messages is that they contain only one ISAKMP payload: either the Crypto payload or the Notify payload. The Crypto payload contains the embedded payloads used for the Main mode, Quick mode, or Extended mode negotiation.