IPSec - Security Policies and Security Associations explained
ฝัง
- เผยแพร่เมื่อ 20 ก.ย. 2024
- Become a member and receive exclusive videos and other advantages:
/ @secprivaca
You can buy me a coffee if you want to support the channel: buymeacoffee.c...
Check out the video on IPSec before watching this one: • IPsec (AH and ESP) and...
Awesome 👌🏻
It was great! Thank you!
Hello
I don't understand what the SPI is for?
It allows Bob to decipher the traffic coming from Alice? Could you please explain?
By checking the SPI, the receiver can retrieve the correct SA and apply the appropriate decryption and authentication methods specified in that SA to the incoming packet.
SPIs are chosen to be unique within the context of a specific IPsec implementation to avoid confusion and ensure that each SA can be uniquely identified. Typically, the SPI is a 32-bit value, providing a large space to avoid collisions
@@SecPrivAca thank you very much
Who creates the SA containing the security parameters?
Example: hash type
Are the parameters chosen automatically or do you have to configure them manually?
These are "negotiated" between sender and receiver. You don't have to do anything manually, the software does that for you. This is done in order to ensure that both parties support the used protocols.
@@SecPrivAca Why are they still going to negotiate the choice of parameters when we've already chosen them manually?